Hardware and software capacity planning
I'm hoping a few of you all can give me some insight to a new network configuration I want to roll out. The basic setup I am working toward is something like this. I have several locations that have 3 to 4 26 port managed layer2 switches. Ports 25 and 26 are gig ports and I use them as trunks to the other switches and one of them as a link to the pfsense box. Most of these places are running on an alix box with different versions of pfsense. It works but obviously has some issues.
I'm moving in the direction of having each of the 100mb ports on its own vlan with it's own dhcp scope (/28 or so) and rule set restricting access to the other vlans. I'd also like todo bandwidth limiting based on the vlan using pfsense. I know this setup works but … I need to figure out what kind of hardware is needed for the pfsense box to handle this well. What uses the most resources on a pfsense box and what are the limitations as far as CPU and ram for this setup? Has anyone come up with a working rule for how much ram and CPU is necessary for each vlan/dhcp scope or something like this?
I do have some restrictions on what I can install in each location so I'm looking for a 1 or 2 U rackmount solution that will fit with the switches. I don't want traditional drives and I'd like to avoid anything with fans which means I'm looking at a few atom-based solutions.
I'd appreciate any advice or input.