SuperServer 1017A-MP as a platform
-
Hello…
A newbie question here... - sorry...
I am currently running pfSense on an Alix box, but i want to beef it up a little bit so I can run Squid 3, Dansgurdian, pfblocker, Snort, Mailscanner and Zabbix Agent, with the possibility of a few others.
Before I go and spend hard earned cash on some new hardware I was hoping some experts out there could offer some advice on weather this would be suitable:
Manufacturers link:
http://www.supermicro.co.uk/products/system/mini-itx/1017/SYS-1017A-MP.cfmProspective purchase site:
http://serverfactory.co.uk/tower-servers/supermicro-1017a-mp-atom-small-box-pc.htmlwith the addition of the - Intel 60GB SSD 330 Series SATA3 6Gb/s
for a grand total of £333Thanks very much in advance...
RB
-
What bandwidth are you looking for?
Steve
-
Hi Steve,
Thanks for replying to my question.
Currently we get around 60 Mbits/s down and 5 Mbits/s up from our ISP, but it's possible it could rise to around 120 Mbits/s down and 10 Mbits/s up in the next year or so.
Thanks,
RB
-
I see no reason that hardware will give you any trouble. There are plenty of people running N2800 Atom boards and NICs are fully supported. There was an issue with the graphics driver a while ago but I believe that was resolved and it didn't stop pfSense running anyway.
However you might want to consider something more powerful for a 120/10 connection. You should be fine, even after upgrading to that bandwidth, especially if you take time to tune your Snort rules a bit, but you won't be able to push 120Mbps of VPN traffic with that box for example. Maybe you won't ever need to do that.Steve
-
That's Awesome Steve, Thanks very much again!
I doubt we'll need to use VPNs, but if we do, it'll probably be less than 10 Mbits/s total, and only 1, possibly 2 at the most.
As ever, Thanks very much for the advice.
RB
-
No problem. Bare in mind that I don't actually have an Atom based box to test so those numbers are gathered from other forum posts. What I can be confident of is that doing just NAT/firewall that box will be good for 5-600Mbps and that as a VPN end point ~60Mbps. When you start adding Snort and Squid it really all depends on what rules you're running. You can't have too much RAM if you're running Snort. ;)
Steve
-
No problem. Bare in mind that I don't actually have an Atom based box to test so those numbers are gathered from other forum posts. What I can be confident of is that doing just NAT/firewall that box will be good for 5-600Mbps and that as a VPN end point ~60Mbps. When you start adding Snort and Squid it really all depends on what rules you're running. You can't have too much RAM if you're running Snort. ;)
Steve
My connection at home is 35/35 (more like 42/38) and installing Squid, even having it run memory-only, actually slows things down. Squid in AC mode with VRT Balanced doesn't seem to have any measurable performance impact though, at least not at 40Mbit/s.
-
On an Atom box is that?
Steve
-
On an Atom box is that?
Steve
Sorry, that would have been useful information… It's a DN2800MT w/ 4GB of RAM and a quad-port i350.
