Any specific recommended hardware?



  • Hi All,

    A while back I got an ALIX kit from netgate.com, and I like it, but am finding it a little bit flaky.  I currently use it as my secondary router that I run my server through, but I usually need to restart it about once a day or so.  This is not a big deal, but my primary router is starting to have similar issues (It's running DD WRT), and I would like to replace it with a pfSense router, but I don't think I would get an ALIX kit again.  I am wondering if anyone has any hardware suggestions that they have had a particular good experience with, that would be suitable for a home router (with about 4 PCs).

    Thanks for reading :)

    Brigzzy



  • I am not sure what you mean by flaky but most users don't have an issue with the Alix so long as the processing power is sufficient for the throughput.

    Is it possible that you are running out of connection states?  If so, raise the state table size limit to about 100k or so.



  • Thanks for the reply :)

    In this context, flakey means that the WeUI stops responding, and I need to preform a hard restart of the router.  I will try raising the connection limit though, and see if that helps.



  • @brigzzy:

    Thanks for the reply :)

    In this context, flakey means that the WeUI stops responding, and I need to preform a hard restart of the router.  I will try raising the connection limit though, and see if that helps.

    Sounds like you are hitting the limit of the state table.  Either that or your WAN connection isn't stable (the WebGUI does have a tendency to respond real slow when the WAN link goes down).



  • Mostly, I used retired desktops from major brands.  Cheap, more than enough power, and they have done one hell of a burn in. :)



  • @Lee:

    Mostly, I used retired desktops from major brands.  Cheap, more than enough power, and they have done one hell of a burn in. :)

    Sure, but depending on your choice of old desktop and geo-location, running it 24/7 could add quite a bit to your electric bill …



  • @dhatz:

    @Lee:

    Mostly, I used retired desktops from major brands.  Cheap, more than enough power, and they have done one hell of a burn in. :)

    Sure, but depending on your choice of old desktop and geo-location, running it 24/7 could add quite a bit to your electric bill …

    A lot of OEM machines with early Core 2 Duo's are pretty cheap and usually pretty good on power.  I'm partial to old Dell's and HP's, like Dell Optiplex 620's and HP DC7700(p)'s.  Mid Tower HP DC7700p's come on Ebay for under $100 often, and if you pull the often included video card they're pretty good on power.  Probably under 60 watts if you're not pushing the CPU hard and not using a "fast" hard drive, possibly better with an SSD or CF card.  If you want the small form factor versions of either, they're cheaper, but you'll need low profile NIC(s).

    I use an old Dell Optiplex GX100 at home, although, admittedly, still running m0n0wall.  The power supply is rated at 110w, so, obviously it's less than that as those same power supplies were in the PIII versions and mine is a Celeron.  Also it has a CF card for OS storage, so take off 10watts or so for no hard drive.  I'd have to measure, but I would be willing to wager a small amount that it's gotta be around 40watts most of the time.

    Back to the HP machine mentioned above, I use them for vSphere hosts in a (non critical) test environment.  They (the tower version) can take 8GB of ram easy, I run them off USB thumb drives, put in dual port Intel PCI-Express cards, and run storage from another machine running FreeNAS as an iSCSI SAN (old Dell GX280 with a Perc5).  Reduced my power bill a lot from a pair of old Dell PowerEdge 2850's I used to run.  It's no slower and Core 2 Duo's have VT so I can run x64 bit VMs.  I just bought 2 more on Ebay for $85 each after shipping.



  • I also recommend to use old HP and DELL workstations (4 years old for instance) because of the cheap price and the good performance and the most important thing about a firewall: reliability.
    If you configure two of this boxes with CARP (High availability), using a crossover cable between them, you end up with an infrastructure that can be as robust and powerful as any commercial firewall.
    More info at:
    http://www.opttic.com



  • Thanks for the replies folks!  I think i'll look into an old workstation to run my firewall on.


Log in to reply