PfSense with FreeNAS in jail
-
Hi. Not completely shure if this is the right sub-forum.
I have a 4GB i5 machine with pfSense running at home, but since it has a lot of free resources i was thinking about running FreeNAS besides it in a jail.
Now i dont have a lot of experience in FreeBSD, so im not shure to exactly how i should do this and if it is even secure enough to be a smart solution.So what are your thoughts about this? Do you have any tips, or even better a FreeNAS-template i could put on it?
-
You would be a lot better off if you virtualized everything and ran them as separate VMs, rather than trying to nest one inside the other.
I'm not sure if FreeNAS can run inside a jail, but even if it can, running any service like that on a firewall (even in a jail) is still questionable.
With a VM setup (e.g. ESX, KVM, etc) you get better separation between the hosts. You lose a little performance, but then you could also put other things on ther besides pfSense and FreeNAS, too.
-
jimp is right. It is worth separating a firewall/gateway from the storage for scaleability.
On the other hand, if you are planning to use zfs with freeNAS, then 4GB of RAM would be very little.
I can give you my case. I am trying to run pfSense 2.1 as a UTM and a 1.5GB of RAM is throttling. I am going to upgrade to 4GB due to snort resource usage. Thus, if zfs requires at least 8GB of RAM for production environment with separate drive for ZIL/L2arch.
A 4GB would be very resource-constrained. Just my two cents.
-
I run freenas under xen 4.3 and its work perfectly. It setup it that way because I had read comments that freenas works better that way.