pfsense/opnsense

The1nonly1 · 13 Jan 2024 at 19:44

Making the switch to one of these but still undecided yet. Most reviews between them just seem to come back to the opsnese.com domain fiasco from 2017 which isn't a major influence on my decision. Other things I read about are that Netgate as a whole is just a toxic company and their support forums can be the same.

What choice did you go with?

EDIT: I removed my comment about bare metal v Proxmox after more reading.

4Qman · 13 Jan 2024 at 20:02

Personally bare metal is the only way to go in my house. I need one less issue if I need to work on the firewall.

I'm using pfsense several years now, there was some changes to the license a little while back but I've not checked into it lately so don't know the outcome.

lmfy2k · 13 Jan 2024 at 20:12

opnsense here, using as a VM in Proxmox, works perfect. Timely updates which are nice.

advantges are, snaphots and failover to another proxmox node (if one is available)

andy_mk3 · 13 Jan 2024 at 20:20

OPNsense on ESXi here. Ran pfSense for quite some time before that, but moved to OPNsense after being convinced by others. Much prefer it being in a VM over baremetal.

The1nonly1 · 13 Jan 2024 at 21:01

Thanks. I removed my comment about bare metal v Proxmox after more reading. I'm not going to run anything else on this other than the router so likely go bare metal. I'm leaning more towards Opnsense.

lmfy2k · 13 Jan 2024 at 21:26

The1nonly1 said:
Thanks. I removed my comment about bare metal v Proxmox after more reading. I'm not going to run anything else on this other than the router so likely go bare metal. I'm leaning more towards Opnsense.

thats the good thing about proxmox, you can have both pf and opn haha, both as VMs, switch between at will

but yes, opnsense bare metal will run fine, next hurdle will be finding a machine to install it on

FreeStream · 13 Jan 2024 at 22:03

Opnsense here for a good few years now too. Setup as a VM on UnRAID with passthroughed NIC, 1GB RAM, one E-core assigned of my i5-13500.

Used to be pfsense but the shenanigans put me off them.

The1nonly1 · 13 Jan 2024 at 22:17

FreeStream said:
Used to be pfsense but the shenanigans put me off them.

I'm reading a lot about these and the company as a whole.

lmfy2k · 13 Jan 2024 at 22:33

FreeStream said:
Opnsense here for a good few years now too. Setup as a VM on UnRAID with passthroughed NIC, 1GB RAM, one E-core assigned of my i5-13500.

Used to be pfsense but the shenanigans put me off them.

painful when you have to reboot Unraid though, thought about having it on it's own device?

Sone · 13 Jan 2024 at 22:35

use pfsense as first one i tried and worked fine, sure for my needs opensense would have been fine too

dlockers · 13 Jan 2024 at 22:38

Had PfSense run for 12 years, zero maintenance, on an ESXi whitebox.

Avathar77 · 13 Jan 2024 at 22:54

Opnsense on a Topton mini pc running as a vm with Proxmox(and PiHole and a few other docker containers)

Doughnut007 · 13 Jan 2024 at 23:32

OpnSense on a little Dell box.
It's been great.

FreeStream · 14 Jan 2024 at 08:47

lmfy2k said:
painful when you have to reboot Unraid though, thought about having it on it's own device?

I did have it separate, but then you have two devices on 24/7, both drawing around 10-20W.

It is a pain when you restart UnRAID, but it only takes about 5 mins for it all to restart and I only do it every few months so it’s not a massive pain.

Uptime in the last 6+ years has been pretty much 100%, bar a PSU failure.

Edit: Plus there was an issue with opnsense that meant it stopped giving out DNS results and thus meant nothing worked, I could revert back to the previous versions VM IMG in a few minutes to be back where I was before the update. Not sure if you can swap back to an older version of opnsense in 5 mins on a non-VM setup?

lmfy2k · 14 Jan 2024 at 08:49

FreeStream said:
I did have it separate, but then you have two devices on 24/7, both drawing around 10-20W.

It is a pain when you restart UnRAID, but it only takes about 5 mins for it all to restart and I only do it every few months so it’s not a massive pain.

Uptime in the last 6+ years has been pretty much 100%, bar a PSU failure.

fair enough mate, yep with the tinkering i do with my server, the kids would go crazy if my router on Unraid lol.

Sone · 14 Jan 2024 at 10:47

I run my pfsense on a little HP I3-6100 4gb box, has a 2.5gb nick and a 4 port 1gb nic.

Used to run it on a Dell T3600 E5 2690 32gb 2 x 4port 1 gb nic, 1 x 2.5gb nic and a dual port 10gb nic but was bit worried about the power consumption and the HP was only like £30

lmfy2k · 14 Jan 2024 at 11:12

Sone said:
I run my pfsense on a little HP I3-6100 4gb box, has a 2.5gb nick and a 4 port 1gb nic.

Used to run it on a Dell T3600 E5 2690 32gb 2 x 4port 1 gb nic, 1 x 2.5gb nic and a dual port 10gb nic but was bit worried about the power consumption and the HP was only like £30

Sounds great. Love this.

Sone · 14 Jan 2024 at 12:02

had all the nics as got some cheap netgear switches that support LAG. But then found some resonable 10gb (2port) with 1gb or 2.5gb switches so gave up on lag (As would have involved running a load of more cables around the house).

andy_mk3 · 14 Jan 2024 at 12:08

lmfy2k said:
painful when you have to reboot Unraid though, thought about having it on it's own device?

Exactly why I have a separate box. I can reboot/mess around with Unraid and not lose internet. Everything is run off a UPS as well, last power cut we had was near an hour long and we still had internet and wifi the whole time

The1nonly1 · 14 Jan 2024 at 13:51

I've deciced on opnsense as I prefer the look of the gui. Still undecided on bare metal or proxmox route but may use it. I have a dell opitplex 5050, i5 6500, 8Gb ram and 120Gb m.2. Got a 4 port Intel gigabit NIC on the way also (and have a switch). Proxmox would allow me to move pi-hole onto that machine and free up my Pi 3 for something else.