Hardware choice
-
Hi folks. I have a Supermicro X8SIE-F with a Xeon X3440 64-Bit/4-Core CPU and 8Gb ram sitting here doing nothing and was wondering how it would do as a home network firewall. It's been near a decade since I last built a system and I'm new to pfsense so figured I'd ask if this would be a viable hardware setup. I have a handful of 16GB Cruzer flash drives I figured I'd install to.
Basically looking to plug the crap Fios router (192.168.x.x) into it as the WAN and then everything else inside the pfsense (10.10.10x.x) LAN side. For the most part only 3 users. Need to run a single incoming OpenVPN connection while I travel. We stream via a home PlexServer occasionally while out and I have a mail & web server that gets low usage. I have a new 1TB WD Black hard drive here I though could be used for a transparent squid proxy. I'd also be using its DHCP Server to manage/organize the roughly 60 IP devices in the house, DansGuardian (can this be setup for a single user or group of IPs?) and the HAVP Antivirus.
I've installed pfsense via VirtualBox and like its options, interface and "the_wall" theme rocks btw. :)
edit.. I have a 75/75 Fios internet connection and and internal mix of 100MbE, 1GbE and 10GbE handware on new cat6a and too many wireless points.
Thanks!
-
Supermicro X8SIE-F with a Xeon X3440 64-Bit/4-Core CPU and 8Gb ram
Would be a really big firewall and seems to be easily handling the load for sure I think if
you get pfSense running on it smooth and liquid.But, the CPU comes with a thermal design power (TDP) of 95 Watt and without AES-NI
so if you can life with that it would be a really powerful firewall I think and sufficient enough
to handle this all.But a C2758 Rangely based Board comes with AES-NI, Intel QuickAssist and 8 cores with
2,4 GHz and this with a TDP of < 20 Watt, mostly with 1 PCIe slot and is quite silent because
its passive cooled. pfSense has opened now also his own shop where you are able to buy such
as firewall hardware that comes with one year of premium support on top perhaps also
interesting for you. -
Would be perfectly capable. Pass mark says single core performance equivalent to a Celeron 1037U! Would use a lot of electrical power most likely too.
-
Great thanks for the replies. I'm just in the process of rewiring Cat6a throughout our home, building a small server room in the basement, installing a full rack, building a 24x4TB FreeNAS in a Supermicro CSE-846E16-R1200B chassis with 64Gb DDR4 a E5-1650v3 an X10SRL, and an ESXi server using the Supermicro A1SAi-2750F. If I buy/build something else the wife is likely to go off the deep end! :) She's been pretty good about all this until now.
Before someone says "why not run pfSense from the ESXi server"… I'm a firm believer a firewall/router should be its own box. I've looked at the C2758 and will likely go that route at a later date but for now I'm looking to use current hardware. :)
-
If you only have 100/100, just get those ATOM D525 or something like this (with multi ethernet), NAT throughput of 500Mbps should be good, of course without AES-NI/QuickAssist the VPN performance would not be very good.
I agree that being an externally connected firewall, using VM to host is not appropriate.
-
So.. I sold the X8SIE board, cpu and ram. P00f! Gone and $65 bucks in my pocket.
I lucked out and picked up a Supermicro SuperChassis 510T-200B for $50 bucks from a friend and figure it'll make a fine chassis for a pfSense server.. aside from routing cables from the rear but that's not an issue. So.. $15 bucks remaining. Easy come, easy go.. ;D
Looking at the following new hardware..
The Supermicro A1SRI-2758F - Is the 8-core worth the extra $70 bucks over the 4-core 2558?
Most likely 16 GB of Kingston RAM (KVR16LSE11/8) - 8GB would likely do but I prefer to over build a bit and not worry about running low down the road.
Storage choices.. I plan a full install. During setup can I select 2 DOMS, SSDs or hard drives and mirror the install? Also, and if DOMS, can I select mirrored 2.5 SSDs or hard drives for applications like squid, anti-virus, logging, etc? Better to ignore DOMs and just go with SSDs?
-
Sata Doms - Would this be wise in either a 32GB or 64GB DOM as a full install/boot medium? More curious then anything regarding the DOMs and pfSense. Use 2x64GB DOMs with FreeNAS for boot drives.
-
Sata SSD - The chassis has 2 hot-swap 2.5" Sata/SAS bays. Samsung 850 Pro. I'm thinking either the 128Gb or 256GB drives. Should these be OK for at least a few years of home family/home small office use?
-
Sata Hard Drive - 2.5" HGST Travelstar 500GB 72k hard drive.
I have 2 local networks which, for the most part, are complete separate. I'm looking at running a VPN between my place and a friends place to mirror data we collaborate on. Also VPN access to home network while away on 3-4 week long trips every few months.
Appreciate any comments or suggestions.
-