Lanner FW-7551
-
@cmb:
Because it's not sold by us, it's definitely incomparable.
1 - Ours is fully-tested hardware that will be comprehensively tested on every future release for the lifetime of the hardware, so you can upgrade with confidence. Also points to a hardware-specific image for upgrade purposes, so you get the best tweaks available for a specific hardware platform.
2 - Ours includes support, comes pre-installed, and you can buy it on our website right now and it'll ship same or next business day depending on order timing. With Lanner, you're going to be jumping through hoops with a sales person trying to buy a box. Then you get it, have to install it yourself, assign the NICsI'm sure it's a cheaper box in the immediate purchase cost, but:
- what's your time worth?
- what's that lowered risk of breaking your network worth?
- what's the potential for increased performance, or at least the assurance of ongoing settings appropriate to maximum performance with that piece of hardware, worth?
To a home user, maybe not so much. If you're doing anything remotely serious, it's easy to put numbers on it where paying more is ultimately cheaper (unless you consider your time worth $0, and put a $0 cost on downtime).
I potentially would have bough directly from pfsense/ESF, but I wanted a Rangeley Atom box for future proofing (and to support non-pfsense uses down the road if need be, the VT-X support, etc makes it a good general purpose microserver if I get to a place where I no longer need it as a firewall). If ESF sold a Rangeley box with 5 to 6 gigabit Ethernet ports in the $400 to $600 range, I probably would have gone for that. But the current ESF/pfsense hardware selections don't really seem all that state of the art or future proofed (e.g. virtualization support, AES-NI, Intel NICs, etc), at least in terms of desktop, non-rack mount hardware.
-
We have one of each internally. We even have a 7551 with the 8-core CPU internally, and have had for months. Compared to Supermicro, Lanner ends up being higher cost, and more difficult to deal with. Their leadtimes are 8-10 weeks. Oh sure, YOU can get ONE faster than that, so not your problem, right?
If you ever wonder why I remain reluctant to release AES-NI as part of the generally-available pfSense releases, this thread, and people like "I potentially would have bought" asayler are why.
aus_guy: we are more than aware of this platform, and have a plan. I'm not discussing it in public.
-
@gonzopancho:
We have one of each internally. We even have a 7551 with the 8-core CPU internally, and have had for months. Compared to Supermicro, Lanner ends up being higher cost, and more difficult to deal with. Their leadtimes are 8-10 weeks. Oh sure, YOU can get ONE faster than that, so not your problem, right?
I was just sharing my experience (which others may or may not find relevant) of the Lanner purchasing being not so bad, not trying to claim it was right for everyone. I also never suggested that Lanner was the be all and end all, just that I wanted something with a Rangeley chip and lots of gigabit ports for around $500.
@gonzopancho:
If you ever wonder why I remain reluctant to release AES-NI as part of the generally-available pfSense releases, this thread, and people like "I potentially would have bought" asayler are why.
I don't see what AES-NI support has to do with anything. Is it available in the official pfSense-branded hardware? What do I (and apparently, people like me, whatever that means) have to do with AES-NI support (or lack there of)? Not following you here… Again, I was just mentioning it as a nice feature to have on the hardware side just in case pfSense (or other software that you might want to run) supports it in the future.
gonzopancho, I only started this thread to offer up my experiences playing around with a potential pfSense platform to the wider community under the assumption that someone might find it helpful. I'm not trying to snipe anyone's business or start an argument. And I was only commenting on the officially available pfSense hardware as a potential buyer explaining why the existing offer's where inadequate for my purposes. Take it or leave it. You may very well have extensive and good reasons for not offering officially branded Rangeley/Lanner/>3 port gigabit hardware. I'm not debating that. Just suggesting how ESF might get my $500 (and, as long as I've been put in charge of a representing a type of person, the $500 of people like me ;) ) instead of Lanner/newegg in the future.
I'm happy to support the development of pfSense. That's why I purchased a Gold membership when I first started playing around with pfSense a month ago, and why I try to post information here that others might find helpful. I'm hoping to help contribute code, documentation, etc in the future as I become more familiar with the in and outs of the project. I also am in a position to need to purchase network hardware for various organizations on a fairly regular basis. I bought the Lanner board to experiment with one piece of potential hardware (and because I occasionally like the DIY vibe of bare-bones systems). I'm not claiming it's the best solution for large scale production networks, just that it made since for me as I get up to speed with pfSense. If ESF offers similar hardware in the future, I will certainly consider it as well, especially for production deployments.
I'm not entirety sure what prompted the pigeonholing in your previous post, but it seems unproductive to the wider goal of growing and supporting pfSense and the associated community... :-\
-
The AES-NI support for AES-GCM (and the associated changes to IPSEC) are currently being developed.
Sorry, I was just reacting to "potentially" as "possibly, but possibly not".
Yes, Lanner will sell you one quickly.
-
So I went ahead an put AES-NI (AES-GCM) in pfSense 2.2
I'm not entirety sure what prompted the pigeonholing in your previous post, but it seems unproductive to the wider goal of growing and supporting pfSense and the associated community… :-\
It takes money to run the project.
-
Gonzo - let me just say on behalf of the Home users here - THANKYOU for putting AES-NI in pfsense 2.2
-
@gonzopancho:
So I went ahead an put AES-NI (AES-GCM) in pfSense 2.2
Glad to hear it. I look forward to testing it out!
Also, glad to see the Lanner board made it into the pfSense store: https://www.pfsense.org/hardware/pfsense-store.html#fw-7551. It's a nice option to be able to buy it directly from pfSense.
I'm working up some benchmarks now on both the Lanner board and the slightly beefier Supermicro A1SRi-2758F. Looking forward to seeing how they compare and what they're both capable of using pfSense 2.2.
-
Beefy?
You don't know what's coming…
-
Is it something based on the Lanner FW-8894, plus you guys beefing up the load balancing capabilities baked into pfSense? Please tell me that's the case as I'm really trying to avoid having to buy a pair of NetScalers this year. :)
-
nope
-
@gonzopancho:
nope
Bummer.
-
Better.
-
Redacted. Sorry for the knee-jerk reaction.
-
replied to your private message.