PfSense with FreeNAS in jail

sikander

Hi. Not completely shure if this is the right sub-forum.

I have a 4GB i5 machine with pfSense running at home, but since it has a lot of free resources i was thinking about running FreeNAS besides it in a jail.
Now i dont have a lot of experience in FreeBSD, so im not shure to exactly how i should do this and if it is even secure enough to be a smart solution.

So what are your thoughts about this? Do you have any tips, or even better a FreeNAS-template i could put on it?

jimp

You would be a lot better off if you virtualized everything and ran them as separate VMs, rather than trying to nest one inside the other.

I'm not sure if FreeNAS can run inside a jail, but even if it can, running any service like that on a firewall (even in a jail) is still questionable.

With a VM setup (e.g. ESX, KVM, etc) you get better separation between the hosts. You lose a little performance, but then you could also put other things on ther besides pfSense and FreeNAS, too.

zenny

jimp is right. It is worth separating a firewall/gateway from the storage for scaleability.

On the other hand, if you are planning to use zfs with freeNAS, then 4GB of RAM would be very little.

I can give you my case. I am trying to run pfSense 2.1 as a UTM and a 1.5GB of RAM is throttling. I am going to upgrade to 4GB due to snort resource usage. Thus, if zfs requires at least 8GB of RAM for production environment with separate drive for ZIL/L2arch.

A 4GB would be very resource-constrained. Just my two cents.

tritron

I run freenas under xen 4.3 and its work perfectly. It setup it that way because I had read comments that freenas works better that way.