PfSense build

[Gimpymoo]

Any progress?

Hi. Sorry for the lack of posts.

Board was received and system up and running.

Will post some pics tomorrow.

It is doing exactly what I wanted it to do and am very pleased

The appliance is silent which is good for something like this as you do not want it making a noise ideally which is one of the reasons for going desktop form as passive cooling in a 1U rack was not really possible.

Since your last post I took your DIY as inspiration and spun up a spare server with ESXi and have trialled pfSense and then decided to run it as a CHR as that’s what I’m most comfortable with

Awesome. How is it performing for you? Happy with the performance?

 

[Steveocee]

Awesome. How is it performing for you? Happy with the performance?

I’m getting th advantage of encrypted offload which my old RB3011 couldn’t do so that’s a bonus but this week I’m going to start packet inspection with some complex queue trees.

CHR can’t do fq_codel but I’m sure I can get close with SFQ and some choice priority PFIFOS.

 

[Gimpymoo]

Just thought I would reply in here to give a "state of address".

The thing has been ROCK SOLID.

Just sits there doing its thing, not a single crash, not had to do ANYTHING with it, it just works.

Ultra reliable and is infinitely more reliable than the Virgin hub it was built to replace.

For anyone else going the same route, one change I did make, a quad NIC is not needed. A GOOD switch is all that is needed. A dual Intel NIC is all that is required for the pFsense appliance. WAN in and LAN out to the switch. The switch does everything else. I moved the Quad NIC into my FreeNAS build

Currently connected devices through router are:

Virgin Media @ 370Mbps
5 x Desktops
2 x Virgin Media STB's
2 x Polycom 335 VOIP phones
1 x Wifi Router isolated from network to serve Wifi printer only.

Not a single issue.

My own summation is that where "off the shelf" routers start to crumble is the fact they are essentially two devices, a router and switch and when you try to merge things like this and knock them out for peanuts like most consumer units are, shortcuts are taken and they struggle to do both EXCEPTIONALLY well at the same time.

Comparing the PfSense appliance to an "off the shelf" Premium router is a none contest.

The PfSense appliance is rock solid and the relatively cheap TP-Link switches I am using are also rock solid.

LAN traffic performance is somehow much better than when using the "Super" hub.

Regarding setting up PfSense, it is easy if you just want a solid router. At worse, nothing common sense or a quick google will not shed light on either way. The beauty is, you discover all the cool things it can do and you actually want to play more and more and learn a little in the process. Nothing enthusiasts/hobbyists from these parts should have problems with.


PfSense, big thumbs up, glad I followed it through.

 

[Steveocee]

Good to hear it's holding well for you. Have you done anything slightly "off menu" such as guest VLANs or similar or have you simply deployed it as a straight up and reliable router?

 

[Gimpymoo]

To be honest, the plan was to use as a straight up, honest and reliable router with ultra reliable QOS.

I do plan to enable full VPN in the coming days. I do think this will make it sweat a little

 

[Steveocee]

To be honest, the plan was to use as a straight up, honest and reliable router with ultra reliable QOS.

I do plan to enable full VPN in the coming days. I do think this will make it sweat a little

I'm very interested in how you implement your QoS. Are you using the built in prioritisation or going down the FQ_codel route to mirror the Ubiquiti smart queues?

 

[PanchoVilla]

To be honest, the plan was to use as a straight up, honest and reliable router with ultra reliable QOS.

I do plan to enable full VPN in the coming days. I do think this will make it sweat a little

How do you find the QoS on pfsense? I have an asus router with virginmedia 100Mbps and now cannot use QoS without it struggling. I was thinking of putting a better router between the superhub and the asus router - making the router function as a switch/ap.

 

[Gimpymoo]

How do you find the QoS on pfsense? I have an asus router with virginmedia 100Mbps and now cannot use QoS without it struggling. I was thinking of putting a better router between the superhub and the asus router - making the router function as a switch/ap.

I use the built in prioritisation and could not be happier

The thing is, it sits there hidden away to the point of I forget it is there.

Kind of like that printer server nobody knows exists until one day, you have a power cut and nobody can print afterwards but you find this beige box stuffed in a cupboard, forgotten by time

 

[Stephanie Peterson]

I have just managed to get pppoe working with a vigor 130, pfsense and plusnet - was a baw ache at first but figured it out.

 

[Sin_Chase]

I used to maintain a pfSense router. Very powerful but got sick of it.

Run an Edgerouter now.

 

[kayomani]

Got sick of pfSense blowing up on me and not working right. You probably want to stay away from vpns in it tbh

Ran Edgerouter X for 6 months, hard to fault but gui and ipv6 support is lacking.

Using openwrt in hyper-v now and not looking back

 

[PanchoVilla]

I used to maintain a pfSense router. Very powerful but got sick of it.

Run an Edgerouter now.

I'm toying with the idea of en edgerouter-x or pfsense. I'm on virginmedia 100Mbps and my current asus rt-66n now struggles with QoS, so I've had to turn it off. Not good for FPS gaming.

The ER-x can realisticly only do QoS at 100Mbps, also, it has one less lan port (which I would like) and no usb's. Maybe I can use my existing router with dhcp turned off and connect it to the edgerouter-4, which should handle all the QoS.

 

[Sin_Chase]

My personal feeling is that QoS is largely ineffective where you only control one end of the link (as in every home ISP link).