Cheapest Build w/5 interfaces



  • I need to build a couple of pfSense boxes, and need them to have 5 interfaces each (2 transperent bridges + 1 sync for failover). I don't have any switches that support VLAN tagging in my current infrastructure, and while I know that I could get away with few interfaces if I did, I'm assuming it's cheaper to just add NIC's. I am, however, happy to be proven wrong on that front.

    I've been eying low power systems with PCI slots to add NIC's as necessary. I'd prefer the fewest possible moving parts, but it's looking like refurbished SFF desktop systems might be the cheapest way to go…

    Does anyone have suggestions for another direction to go? For reference, I'd like to build 2 boxes for failover, and my budget is ~$700.

    Thanks!

    edit: I should add that I really can't go through a Taobao reseller, though there are some compelling options available.



  • I just discovered the D-Link Easy-Smart DGS-1100-05 switch (http://www.newegg.com/Product/Product.aspx?Item=N82E16833127493), which claims 802.11q support, but I can't find any details on how that support if implemented. If it would honor VLAN tagging, I could get 2 of those (one for each side of the firewalls) for $100…


  • Netgate Administrator

    What sort of bandwidth are you looking at? You need to run packages?

    Steve



  • That's the annoying thing - I need almost no bandwidth, and no packages. It will be serving a single T1, with a fairly minimal ruleset and no VPN, IDS, etc.


  • Netgate Administrator

    In that case if you don't mind using second hand hardware there are a number of hardware appliances that will run pfSense, have at least 5 interfaces and can be had relatively cheaply.

    https://forum.pfsense.org/index.php?topic=36651.0

    If you want to know about the Watchguard hardware I can answer most questions you might have or look here.
    Of course going that route doesn't support the project like buying hardware from the pfSense store.  ;) I don't think they currently have anything that fits your requirements. They are testing other stuff though.

    Steve



  • I'd rather stick with new hardware if I can, although I appreciate the info - I've been reading up, and it looks like I have a couple of good options as fallbacks, if necessary.