Recommendations for 3Gbit/s WAN with packages
-
I am wondering what kind of hardware would be needed to push 2-3Gbit/s of WAN-to-LAN throughput. I'll be running Snort with a pile of rules, SquidGuard with HTTPS interception, possibly VPN services, and a number of other services. I'd be getting two of these (whatever they are) in a CARP pair.
If I didn't go with the XG-1540, what specs would you go for? How is support on Intel 10GBASE-T NICs?
-
3Gb and squidguard? At least some SSDs.
-
f I didn't go with the XG-1540, what specs would you go for?
Intel Xeon E3-1286v3 CPU @3,7GHz
16 GB or 32 GB ECC RAM
4 or 6 SSDs as RAID10
Gigabyte 6LISL mini ITX board or
Supermicro X10SAT ATX mainboard
Supported Adaptec or LSI RAID Controller
Chelsio adapter pending on the better driver supportOr the pfSense XG-1540 with a Chelsio adapter perhaps the greater one that is able to fully
offload the entire NAT job.How is support on Intel 10GBASE-T NICs?
This can be different from card to card but the best option at this time would be the Chelsio adapters
pending on the driver support.If you want to place a Layer2 Switch in front of the pfSense WAN Port you should be take a greater model
with some SFP+ Ports. -
I think people are overstating the requirements.
You will need about 16 gig of ram. ECC doesn't matter.
Snort is primarily single threaded, so you would want the fastest single thread cpu you can throw at it.. IMO you'd be better off with Suricata as it is threaded.
SSDs to saturate the 10gig link (1gigabyte per sec, so 2 modern SSDs in raid 0), you don't need any special controllers or anything.
Chelsio adapter (as it is the best supported brand at the moment for BSD)Based on that:
3.8ghz broadwell xeon : http://ark.intel.com/products/88046/Intel-Xeon-Processor-E3-1285-v4-6M-Cache-3_50-GHz
16 Gig of ram (1866Mhz - yes speed matters when you're pushing multi gigabit)
2x Samsung 850 pro drives (128 gig would be more than sufficient)
Supermicro X10SAT ATX mainboard
Chelsio 10 GB nic (2 port)If you could get rid of the Snort requirement, I'd suggest the Xeon-D boards…
-
Thanks for your thoughts. It doesn't HAVE to be Snort if Suricata can do the same job while being multithreaded. :)
-
Thanks for your thoughts. It doesn't HAVE to be Snort if Suricata can do the same job while being multithreaded. :)
That being the case, I'd still be going with the setup I mentioned above if I had the funds being that it has 128mb of eDRAM with which you could probably cache your suricata rules ;)
I might also consider the new samsung 950 drive on a sled…
http://www.samsung.com/global/business/semiconductor/minisite/SSD/global/html/ssd950pro/overview.html
The bigger question here is are you shooting for low cost? Also, is this for home or for a business?