1. Home
  2. pfSense® Software
  3. Hardware
  4. $250 to $400 Build for 300/20 and potential 1000/1000

$250 to $400 Build for 300/20 and potential 1000/1000

  • J

    Hey All,

    Looking to upgrade my trusty 2D13 Alix pfSense device to a beefier system. I'd like to build it, as cost is a priority, unless netgate devices can handle those speeds at < $400. My requirements:

    • Handle 300/20 and eventually 1Gbs/1Gbs

    • IPsec throughput of at least 30Mbps

    • Ability to run Snort

    • Small form factor, although 1U is not out of the question

    • Available beginning May '15, as 300/20 will come then, along with 1Gbs/1Gbs at the end of the year

    Any recommendations? If you do recommend hardware, let me know what case, PSU, etc you'd think would work well. I already have an mSATA drive for the logs for Snort.

    Edit - If I need to increase my budget to $500, I'm open to it, but due to WAF and limitations, I'd love to stay between $250 - $400 USD.

    0
  • K

    I am biased, but you could get a nice i5-4570T setup in that budget. 6 gig of whatever ram and your motherboard of choice

    0
  • jahonix

    http://store.netgate.com/ADI/RCC-VE-2440.aspx

    0
  • K

    In theory that should work fine…

    0
  • J

    @jahonix:

    http://store.netgate.com/ADI/RCC-VE-2440.aspx

    This will push 1Gbs, Snort, and IPsec? Does this board use Intel NICs? Have there been any tests for throughput? Trying to understand a real-world scenario and usage.

    0
  • F

    I350 ports as most Avaton / rangeley systems.
    At this point few people have experience with the 2 core versions.
    If I remember correctly, it will push shy of 1Gb, more around 900Mbps. Gonzopancho should have specifics since he is using one.

    It has AES-NI, so depending on your type of VPN setup it will have acceleration, and very decent speeds.

    Nothing stopping you from throwing together an i3/… system of course. It will have more breathing room. But power aint free also.. :)

    Running Snort on 1 Gb speeds I have no idea what kind of power you need really. Comparing to suricata, which is limited to several 100 Mb / core depending on hardware generation.
    You really need Snort? Or is this more of a "I can I will"?

    0
  • J

    @foetus:

    I350 ports as most Avaton / rangeley systems.
    At this point few people have experience with the 2 core versions.
    If I remember correctly, it will push shy of 1Gb, more around 900Mbps. Gonzopancho should have specifics since he is using one.

    It has AES-NI, so depending on your type of VPN setup it will have acceleration, and very decent speeds.

    Nothing stopping you from throwing together an i3/… system of course. It will have more breathing room. But power aint free also.. :)

    Running Snort on 1 Gb speeds I have no idea what kind of power you need really. Comparing to suricata, which is limited to several 100 Mb / core depending on hardware generation.
    You really need Snort? Or is this more of a "I can I will"?

    It's more of a " I can I will". What build/base/PSU would I need if I wanted to deploy an i350 (avaton or rangeley)?

    0
  • R

    The Intel i350 keeps being mentioned here. Isn't it the CPU that provides the overall performance for pfSense in terms of packets per second, and also whatever packages are running? What would adding a $300 network card do over the built in gigabit NIC's?

    0
  • J

    @Roltec:

    The Intel i350 keeps being mentioned here. Isn't it the CPU that provides the overall performance for pfSense in terms of packets per second, and also whatever packages are running? What would adding a $300 network card do over the built in gigabit NIC's?

    The 4 built-in ports on Avoton & Rangeley boards are Intel i354, a variant of the i350.  No one is saying you should add another card to your system.

    0
  • M

    spend a bit more and get an 8 core atom 2758 from sueprmicro

    http://www.newegg.com/Product/Product.aspx?Item=N82E16813182855&cm_re=supermicro_atom--13-182-855--Product

    add some ecc ram,etc and this will work. more expensive, but worth it

    0
  • E

    @jwmoss:

    Hey All,

    Looking to upgrade my trusty 2D13 Alix pfSense device to a beefier system. I'd like to build it, as cost is a priority, unless netgate devices can handle those speeds at < $400. My requirements:

    • Handle 300/20 and eventually 1Gbs/1Gbs

    • IPsec throughput of at least 30Mbps

    • Ability to run Snort

    • Small form factor, although 1U is not out of the question

    • Available beginning May '15, as 300/20 will come then, along with 1Gbs/1Gbs at the end of the year

    Any recommendations? If you do recommend hardware, let me know what case, PSU, etc you'd think would work well. I already have an mSATA drive for the logs for Snort.

    Edit - If I need to increase my budget to $500, I'm open to it, but due to WAF and limitations, I'd love to stay between $250 - $400 USD.

    What about this?
    https://forum.pfsense.org/index.php?topic=90954.0

    0
  • K

    for $400 just buy something from the pfsense store.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy