1U pfSense spec and build suggestions?

Gimpymoo

Gimpymoo

Gimpymoo

Soldato
Joined
31 May 2005
Posts
15,640
Location
Nottingham
Could someone please point me in the direction of a 1U pfSense build please?

Will be for use of maybe 5 systems plus a home CCTV setup with 5 cameras.

1U rack
CPU
PSU
Network card
Mobo
RAM

The ability to push 10GB in the future with upgrade would be nice but no idea how much extra grunt is needed to push that many packets.

Price Vs Performance is king for this build seconded by as near silent operation as possible.

Also, could it be PoE powered?

If you have built something similar, any wisdom you could impart would be welcome.

Thanks.
 
Why not just get a NetGate appliance and then upgrade in about 20 years when 10Gbit becomes viable for home use?

I have one for sale on here if you're looking for one.
 
It is for a hobby/project/something to do, no fun in buying one ready made :D

And I do have some stuff in mind for 10GB in the home, just not a priority yet.

Also, with Cable broadband speeds at nearly half of 1GB... I think 1GB+ is not too far off, definitely much sooner than 20 years.

Since when did PC enthusiasts complain about MORE speed ;)
 
Last edited:
ChrisD. said:
Better off getting a server and building it in a VM then, as you can play around with other stuff.
Click to expand...

Good shout.

I had a play with it inside a Hyper-V session last night and worked fine.

I do have an old 2Ghz AMD Sempron lying around and a load of RAM to go with it but sure it is not the most power efficient.
 
@The OP - are you confusing routing and switching?

10GbE capable routers start in the £2000+VAT area. 10GbE capable switches start in the £200+VAT area.

I think you actually want a 1GbE router/Security appliance with 10GbE NICs and a 10GbE Switch?

If you don’t want a Netgate box (and that really is your best option) then I would strongly suggest something by Supermicro. I have had very good experience with the Supermicro Superserver E200-8D which just needs a couple of 2.5” HDDs/SSDs and some ECC RAM to do everything you want.

And then there is the UBNT Unifi Application Server Pro which is pretty much exactly what you want but it’s all finished. So no good.
 
I am using a watchguard XTM5 with Pfsense at the moment but I have a Dell T20 Xeon setup that I am going to replace it with, just have not got around to mounting the new modem on the wall near it yet so i can use my UPS to power both of them.
 
Gimpymoo said:
No :D

Internet speeds of 1Gb+ are not too far away for those lucky enough to be in the right area :D
Click to expand...

I’ve just been talking to our IT support contractor and he’s asked me to ask “Where do you think the “right area” will be because if you are correct and we can get more than 1Gbps for anything like residential pricing we could justify moving the Office. Seriously. The data line is our No. 1 overhead after labour.
 
Residential 1Gbps lines can be currently had for about £75 a month.

https://hyperoptic.com/price-plans/?broadbandonly - That is £60 a month after initial offer.

The reason why business lines are soo expensive is the SLA attached to them which by itself can be worth more than the cost of the line.

If my home line drops, ring up my provider.. "engineer will be round tomorrow", no biggie.

For a business, every minute is money.
 
Last edited:
Gimpymoo said:
The reason why business lines are soo expensive is the SLA attached to them which by itself can be worth more than the cost of the line.
Click to expand...

No, seriously, where in the UK are you thinking will be getting 1Gbps speeds any time soon? The SLA is a thing, but that’s on top of the leased line cost. The only way we can currently get 1Gbps in our area (Salford Media City) is a leased line and the cost increase from 1Gbps to 2Gbps is much more than just the SLA. And it doesn’t really seem to matter if you’re in London, Manchester, Birmingham or Edinburgh. It’s still INCREDIBLY expensive. We even looked at moving somewhere we could get Hyperoptic but decided to wait it out for a bit as they’ve had a few issues here and there.

So if you reckon it is coming any time soon (and no-one we know is working on anything beyond FTTP and G.Fast) then I’d love to know about it.
 
Also keen to know where affordable 1GBps+ speeds are coming to @Gimpymoo We can move our office to pretty much anywhere so any insight you have will be most helpful. We've always avoided the SLA issue by having a 'regular' fibre backup connection which will tide us over for a bit.
 
DOCSIS 3.1 full duplex was only ratified late last year as far as I know.

When that starts to come online, the potential is massive.

Not saying we will see 5Gbps+ speeds tomorrow but the horizon is visible.

Lots of change still needed though.
 
Gimpymoo said:
No :D

Internet speeds of 1Gb+ are not too far away for those lucky enough to be in the right area :D
Click to expand...

So not too far away is actually just over the horizon which probably means 3-5 years.

I really must learn not to get excited by anything I read on OcUK forums. It's so often such a disappointment.

[Edit]You do realise that we actually had people in the office looking at house prices in Nottingham because of your post?[/Edit]
 
Residential gigabit is available in lots of very small pockets around the UK, the trick is to find one or meet the criteria for funding/supply of a new one. The 10Gb+ idea is nice, but it’s a pipe dream at present, previous DOCSIS standards supported much faster speeds than we ever saw deployed by VM, for a variety of reasons they never materialised.

So where does that leave the op? Well the myth is you just slap old 10Gb cards in your existing builds and sail away into the sunset right? Unfortunately it’s not that simple. It works well on a small scale, assuming you have a lot of CPU power and local IO capacity (think RAM disk or NVMe as you’re beyond AHCI based SSD’s here) and you need to be able to have the server read data fast enough and the client write it fast enough. Let’s say you do, let’s say you manage 8Gb/s, how long before that space fills up? A 120GB SSD writing at that speed is done in what, 2mins? It’s cheap, two cards and an SFP+ patch lead are all that’s required. Now let’s say you want to scale it further, you have 5 PC’s, you need 5 cards, 5 patch leads (SFP gets more expensive the longer you run, so let’s hope they are next to each other) and either a switch, or another 3 ports free on your ‘server/router’ plus another card to get to the WAN. That’s starting to get more expensive, and those SSD’s add up quickly as well if you need to move serious data, then you need to consider backup’s, you’re backing up 5-10 years ahead of us’ data requirements at today’s prices/capacities.

Or you could roll a suitable cat6 or better install now for peanuts, stick to a limited SFP+ Install on hardware that will actually use it as a test bed (you say it’s not a priority and you have ideas rather than needs and play/learn) and then upgrade your switch/router in 5-10 years time when it’s actually a thing for a lot less. I kind of know which makes more sense to me, but that may not make the most sense to you and your requirements.

Either way, it’s a fun project, but not one I’d sink a grand into when you can dip your foot for cheap without a lot of the agro.
 
I appreciate the input @Avalon

The main reason for doing this right NOW.. is that I need a new reliable router and the PfSense model makes sense to me instead of wasting money on gimped domestic and in some instances commercial grade routers.

The 10Gbps is something I want to play with, YES... but is not THE reason why I am doing this.
 
WJA96 said:
No, seriously, where in the UK are you thinking will be getting 1Gbps speeds any time soon? The SLA is a thing, but that’s on top of the leased line cost. The only way we can currently get 1Gbps in our area (Salford Media City) is a leased line and the cost increase from 1Gbps to 2Gbps is much more than just the SLA. And it doesn’t really seem to matter if you’re in London, Manchester, Birmingham or Edinburgh. It’s still INCREDIBLY expensive. We even looked at moving somewhere we could get Hyperoptic but decided to wait it out for a bit as they’ve had a few issues here and there.

So if you reckon it is coming any time soon (and no-one we know is working on anything beyond FTTP and G.Fast) then I’d love to know about it.
Click to expand...

Gigabit ethernet is like £500/month to the end-user, even on a boring Openreach EAD tail that you can get more or less everywhere. It's not the huge expense it once was.

If you're looking at non-Openreach options then try https://www.theloopmanchester.co.uk/products/fibre-network/gigabit-connectivity-in-manchester/

I struggle to get that excited with the prospect of 5Gbps residential services because it's unlikely that an ISP even has the peering to support such throughput levels if there's a reasonable takeup, let alone provide them uncontended from the subscriber into their own network core. The fact is that once a fibre is in the ground you can put XG-PON optics on the end and then sell a 10Gbps service if you really wanted to, but there's nothing to use it with and it clearly isn't going to run at that speed when multiple subscribers on your segment are active. It's just that ISPs have realised it's a way to get press coverage for virtually no cost or effort.

That's not to say it's necessarily a bad thing to make progress, but I'm sure there are people who would rather have, for example, Virgin sorting out their CPE hardware situation and their routing rather than upgrading a 500Mbps service to 1Gbps that quickly becomes congested in the evening.
 
Last edited:
Caged said:
Gigabit ethernet is like £500/month to the end-user, even on a boring Openreach EAD tail that you can get more or less everywhere. It's not the huge expense it once was.

If you're looking at non-Openreach options then try https://www.theloopmanchester.co.uk/products/fibre-network/gigabit-connectivity-in-manchester/

I struggle to get that excited with the prospect of 5Gbps residential services because it's unlikely that an ISP even has the peering to support such throughput levels if there's a reasonable takeup, let alone provide them uncontended from the subscriber into their own network core. The fact is that once a fibre is in the ground you can put XG-PON optics on the end and then sell a 10Gbps service if you really wanted to, but there's nothing to use it with and it clearly isn't going to run at that speed when multiple subscribers on your segment are active. It's just that ISPs have realised it's a way to get press coverage for virtually no cost or effort.

That's not to say it's necessarily a bad thing to make progress, but I'm sure there are people who would rather have, for example, Virgin sorting out their CPE hardware situation and their routing rather than upgrading a 500Mbps service to 1Gbps that quickly becomes congested in the evening.
Click to expand...

I obviously didn’t make myself clear.

Sorry about that.

We have a 1Gbps leased line at work.

Availability of extraordinarly fast connections isn’t an issue in Media City. The issue is cost. I can assure you we are paying more than £500/month for it. And anything over 1Gbps is more than double the cost.

Bizarrely, largely because of the way the BBC didn’t entirely commit itself to Salford the way it said it would and the High failure rate of production companies, there is a glut of space in Media City and you can rent business accommodation for far less than you might imagine. We are paying less for our office than we do for the internet connection. So when someone pops up and says

Gimpymoo said:
Internet speeds of 1Gb+ are not too far away for those lucky enough to be in the right area :D
Click to expand...

It makes sense to ask where that area might be. And to be disappointed when it transpires it’s only coming soon to his fervent imagination.
 
You must log in or register to reply here.
Back
Top Bottom