Completely new to pfsense, and some questions about hardware.



  • Hi

    This is so that I'm considering strongly to build a pfsense pc, I will get 500/100 (maybe 1000/100mbit/s) in about 5-6 weeks and I thought I would ask some questions before I start. I also want to mention that I am completely new to pfsense!

    I have a "gaming" computer that is not in use and intended to use it for pfsense.

    Computer spec:
    Motherboard: MSI Z77 MPower
    CPU: Core i7 2600K, 3.4GHz with a Cooler Master Hyper 212 EVO
    Memory: Corsair Vengeance 8GB DDR3, 1600MHz
    HDD: 500GB WD Caviar Black
    PSU: Power Fractal Design Integra R2 500W

    And i will throw in 3: Intel Gigabit CT 9301CT 10/100/1000Mbit and have a DIR-655 as an AP for wireless

    So to the questions:

    1: Will it be overkill for a pfsense pc, will it even works perfectly with this setup and the nic's?
    2: pfsense capable for 4 cpus/8 threads?
    3: What about power consumption, will it be high if i chooses to go with this setup?
    4: What would you have replaced / changed?
    5: Should I sell my "gaming" computer and buy something cheaper?
    6: Or should i forget pfsense completely and get a new router / switch that will work just as well for my new speed?

    Tnx for the help =).

    // a new member


  • Netgate Administrator

    Welcome.  :)

    1. That will almost certainly be overkill even for a 1Gbps WAN. If you are planning on running many additional services such as web caching, IDS/IPS or VPNs it may be more suitable. It should work fine though. Some stuff may not be recognised, potentially the graphics could be an issue. Since you already have it just boot the CD and find out.
    2. FreeBSD, on which pfSense is built, is capable of supporting many processors however pfSense is limited by the pf process which uses only one thread. Hence it will have no problem running on that CPU but won't fully utilise it.
    3. Power consumption could certainly be lower than that gaming rig.  ;)
    4. I would try to better define what services and at what throughput I need and then chose a CPU that better matches that requirement. Then I would use a power supply that better matches that CPU. Large power supplies are very inefficient when running at levels far below their rating. Your 500W PSU running at <100W most of the time will be wasting a lot. You probably don't need anywhere near 8GB.
    5.  :-
    6. You will struggle to find a soho router that will run at 1000/100Mbps, especially if you are running any services.

    Steve



  • @stephenw10:

    Welcome.  :)

    1. That will almost certainly be overkill even for a 1Gbps WAN. If you are planning on running many additional services such as web caching, IDS/IPS or VPNs it may be more suitable. It should work fine though. Some stuff may not be recognised, potentially the graphics could be an issue. Since you already have it just boot the CD and find out.
    2. FreeBSD, on which pfSense is built, is capable of supporting many processors however pfSense is limited by the pf process which uses only one thread. Hence it will have no problem running on that CPU but won't fully utilise it.
    3. Power consumption could certainly be lower than that gaming rig.  ;)
    4. I would try to better define what services and at what throughput I need and then chose a CPU that better matches that requirement. Then I would use a power supply that better matches that CPU. Large power supplies are very inefficient when running at levels far below their rating. Your 500W PSU running at <100W most of the time will be wasting a lot. You probably don't need anywhere near 8GB.
    5.  :-
    6. You will struggle to find a soho router that will run at 1000/100Mbps, especially if you are running any services.

    Steve

    Hi Steve and thanks =)

    So you think that the built-in video card will perhaps be a problem?, can someone who has tested the Graphics Intel HD 3000 on pfsense confirm if it works?

    I'm completely new to Pfsense and I will of course explore more with apps like pfblocker and maybe try out squid and HAVP antivirus.



  • The LAN on the motherboard is a Realtek 8111E.  That's not supported in 2.0.x, you'd have to use 2.1 because it's supported there.

    Your onboard video should work fine, it's supported.  I am using the Intel onboard video, not sure if it's exactly the same one, but the chipset/CPU should both work and therefore video should work.

    As for ditching the rig for another one, that's your call.  But here are some things to consider:

    • It's serious overkill for SOHO, and not just from a pure CPU perspective.  Most of the features on that motherboard will never be used (sound, video, ports, etc.).

    • It's going to suck a serious amount of power.  You'll be consuming more power than you need, and that power will be to support things on the MB that you won't be using.

    You could at least use it to get a real good understanding of pfSense, and when you're ready to take the plunge you can replace your gear for something more energy efficient and with a smaller footprint.  I started with an old Dell OptiPlex 280 and then built my own box when 2.0.1 was released.

    The only thing you need to be concerned about immediately is the Realtek 8111E NIC on that motherboard.



  • @tim.mcmanus:

    The LAN on the motherboard is a Realtek 8111E.  That's not supported in 2.0.x, you'd have to use 2.1 because it's supported there.

    Your onboard video should work fine, it's supported.  I am using the Intel onboard video, not sure if it's exactly the same one, but the chipset/CPU should both work and therefore video should work.

    As for ditching the rig for another one, that's your call.  But here are some things to consider:

    • It's serious overkill for SOHO, and not just from a pure CPU perspective.  Most of the features on that motherboard will never be used (sound, video, ports, etc.).

    • It's going to suck a serious amount of power.  You'll be consuming more power than you need, and that power will be to support things on the MB that you won't be using.

    You could at least use it to get a real good understanding of pfSense, and when you're ready to take the plunge you can replace your gear for something more energy efficient and with a smaller footprint.  I started with an old Dell OptiPlex 280 and then built my own box when 2.0.1 was released.

    The only thing you need to be concerned about immediately is the Realtek 8111E NIC on that motherboard.

    Thank you very much for your help, appreciate it.

    I'll turn off all unnecessary things in the bios.

    I am not going to use the built in Realtek 8111E NIC that will be deactivated in the bios, i am only going to use the 3 Intel Gigabit CT 9301CT (one for wan, one for the dir-655 AP and the last one for my personal pc, will perhaps buy a 4th to use with a switch?)

    Should I Use 2.0.3 Release then or the 2.1(where can i get 2.1? Is it a beta because I can not find anything on the pfsense site?)



  • 2.0.x should be fine with those Intel boards.  The chipset is supported.

    You could buy just two of those boards and get a 5-port SOHO Gbit-E switch for about the same cost as the 3rd Intel NIC.  Then you can connect all of your devices to it.  However, if you want to isolate your WiFi connection and create a LAN for it, you'd obviously want to use the 3rd NIC for that.



  • @tim.mcmanus:

    2.0.x should be fine with those Intel boards.  The chipset is supported.

    You could buy just two of those boards and get a 5-port SOHO Gbit-E switch for about the same cost as the 3rd Intel NIC.  Then you can connect all of your devices to it.  However, if you want to isolate your WiFi connection and create a LAN for it, you'd obviously want to use the 3rd NIC for that.

    Tnx for the help

    I'll probably set it up this weekend or the next, i will try it out and let you know.

    Edit: I forgot to ask if I should turn off hyperthreading or have it on?

    And should I use 64bits or 32? What the best?



  • Leaving hyperthreading on is okay.

    You need to install 64-bit if you want to access >4GB RAM.  You probably won't consume that much RAM, but since you have it installed I'd lean toward installing 64-bit.  I am running 64-bit w/o any issues.



  • @tim.mcmanus:

    Leaving hyperthreading on is okay.

    You need to install 64-bit if you want to access >4GB RAM.  You probably won't consume that much RAM, but since you have it installed I'd lean toward installing 64-bit.  I am running 64-bit w/o any issues.

    Ok thank you very much, I'm starting to feel a lot more confident that i can do this right.

    There is only one thing that worries me and that is how to set up the accesspoint settings to my d-link dir-655, but I think there are guides out there for it.
    Im just insecure what settings to configure in the pfsense box.



  • I just read the manual for the device.  You need to go to page 12 of the manual where it talks about connecting it to another router.  You'll also have three LAN ports you can use on it, so it can be a hub also so you wouldn't necessarily need the extra NIC.

    Set up the d-link dir-655 wireless WPA security and password and there's no additional configuration required in pfSense.  All of the configuration is on the d-link dir-655 side.


Log in to reply