1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
Hey Guest, we are running a Photoshop competition with a 32" monitor as the first prize - See here for details.

How much should I spend on a pfSense home server?

Discussion in 'Servers and Enterprise Solutions' started by Cromulent, Apr 12, 2019.

  1. Cromulent

    Mobster

    Joined: Nov 1, 2007

    Posts: 3,167

    I want to replace my Virgin Media router with a pfSense box, but I'm not sure what kind of specs I need. All I need from it is five 1000baseT ethernet ports and say 128GB of storage and a Wifi access point. I have no idea how much RAM I need, but the box will need to maintain a constant GRE tunnel and also act as a firewall as well as maybe allowing me to stream media files on my home network.

    What specs would you recommend? I'd also appreciate it if the box was as small as possible so that I can put it under my desk next to my Virgin Media router (which will be running in modem only mode).
     
  2. Avalon

    Mobster

    Joined: Dec 29, 2002

    Posts: 4,358

    Why do you need 128GB of storage specifically?
    Have you looked at the pfsense hardware products?

    I currently run an R210-II but it’s small for a rack mount, not relative to what you’re after. Initial ideas are the Chinese NUC clones, but depending on what you want to do, i’d be looking at the official netgate hardware options first.
     
    Last edited: Apr 13, 2019 at 3:23 PM
  3. fezster

    Gangster

    Joined: Jan 7, 2007

    Posts: 394

    The PCEngines APU2 is a low powered device capable of running pfSense. I considered one, but it was coming in at over £130 or so.

    So decided to build a low power proxmox box with pfSense running virtualised, with enough grunt to run all of my docker containers (including plex transcoding). I used a 3470T CPU with 16GB ram and Intel quad nic, running from a PicoPSU. I sourced all of the bits second hand off of ebay for around £150 (excluding the SSD and the case, which I bought new).
     
  4. Cromulent

    Mobster

    Joined: Nov 1, 2007

    Posts: 3,167

    Hmm. I might look into just doing a custom ITX build and get the parts from OCUK and see if they'll build it for me as well (I'm not really a fan of putting computers together). As for storage I was hoping to use it as a local NAS as well but I can put that off for the time being.
     
  5. Avalon

    Mobster

    Joined: Dec 29, 2002

    Posts: 4,358

    That is not what a secure router is for.

    As to the suggestion of an APU2, I have one, OpenVPN craps out around 100Mbit max, fine for FTTC, but nothing faster, unencrypted it’s fine for upto gigabit.

    It’s unusual to find someone who wants to run pfsense that would give a second thought to the 20-30 minutes required to build a very basic PC, why not look at an SFF from eBay, many users have used this sort of platform over the years as it’s cheap/easy, just remember AES-NI is required for future major releases of pfsense, other options exist though. Have you looked at the netgate options? Even an Edgerouter is a cheap solution that will handle GRE easily, why does it *need* to be a pfsense build?
     
  6. Conanius

    Capodecina

    Joined: Oct 18, 2002

    Posts: 12,211

    I wonder if based on your requirements you might be better running PFSense as a VM on server?

    I used to run it as a VM on an Ubuntu box that ran KVM as the Hypervisor. Gave PFSense a physical port and a virtual one (Physical for red site, virtual for black side) and then used another NIC for the server to talk out to the network.

    The server ran a few other VMs, including Plex etc.