pfSense build help (future guide)

A

AnIgnorantPerson

Limp Gawd
Joined
Jan 10, 2019
Messages
207
Alright, so I am starting to research the dive into a pf sense build. I assume I will do custom via spare parts and or new PC. I figure custom will be cheaper/better overall.

I will need 3x 10GbE and ~2x1GbE
10GbE to server
10GbE to Desktop
10GbE to 1GbE switch
1xGbE to fiber modem (future could be 10GbE)

or

I will need 2x 10GbE and 5-10x1GbE
10GbE to server
10GbE to Desktop
5-10x 1GbE directly to all other parts of the house (modem, PC, TV, wifi AP).

I have 2 options to repurpose

Option 1
The real question does ECC matter and does this MB has enough slots for the network requirements

Intel Core i7 3770 @ 3.40GHz
32.0GB Dual-Channel DDR3 @ 663MHz (9-9-9-24)
MSI B75A-G43 (MS-7758) (SOCKET 0)
PCI Express 3.0 x16
1 x PCI Express 3.0 x16
PCI Express 2.0 x16
1 @x4
PCI Express x1
2 x PCI Express x1
PCI Slots
3 x PCI Slots


Option 2
Repurpose a TS140
E3-1200 v3
16-32GB of 2133 ECC (IIRC)
online says:
  • Slot 1: PCIe 3.0 x16 (x16-wired); full-height, half-length
  • Slot 2: PCIe 2.0 x1 (x1-wired); full-height, half-length
  • Slot 3: PCIe 2.0 x16 (x4-wired); full-height, half-length
  • Slot 4: PCI 32 bit / 33 MHz (5 V); full-height, half-length


I would prefer to repurpose the IB 3770 since its the slower build. But I am asking to make sure I make the right choices obviously.

For network adapters via PCIe. I would just go used or generic to save money. All my current 10GbE are used Intels from ebay on the cheap.

Intel(R) Ethernet Server Adapter X520-1


Any thoughts, input, and so on is always appreciated.
 
No need for ECC for pfSense- the i7 would be fine. Also no need for so much memory; I'd run ESXi on it and use the extra threads and RAM for other stuff, but it'll be fine regardless.

More difficult are the interfaces. The PCIe 3.0 x16 slot could handle anything you could put in it, however finding >2 10GbE ports for anything approaching reasonable will be difficult. The second x16 slot could handle a single 10Gbit connection.

I'd really consider a 10Gbit switch. Something like this MikroTik Cloud Router Switch 317-1G-16S+RM is fairly affordable and should work with your existing equipment.

With a switch, you'd just need two 10Gbit interfaces on the router; one for WAN and one for LAN. You could use a third 1Gbit interface for management if you like. You could even get away with one of MikroTik's four-port SFP+ CRS305-1G-4S+IN switches if you like, and they have others depending on your needs.
 
As an Amazon Associate, HardForum may earn from qualifying purchases.
IdiotInCharge said:
No need for ECC for pfSense- the i7 would be fine. Also no need for so much memory; I'd run ESXi on it and use the extra threads and RAM for other stuff, but it'll be fine regardless.

More difficult are the interfaces. The PCIe 3.0 x16 slot could handle anything you could put in it, however finding >2 10GbE ports for anything approaching reasonable will be difficult. The second x16 slot could handle a single 10Gbit connection.

I'd really consider a 10Gbit switch. Something like this MikroTik Cloud Router Switch 317-1G-16S+RM is fairly affordable and should work with your existing equipment.

With a switch, you'd just need two 10Gbit interfaces on the router; one for WAN and one for LAN. You could use a third 1Gbit interface for management if you like. You could even get away with one of MikroTik's four-port SFP+ CRS305-1G-4S+IN switches if you like, and they have others depending on your needs.
Click to expand...
have one and its glitched ATM and not sure whats wrong. I also never got very good speeds with that but wasn't sure if that was a Win7 Pro issue or something else.
 
As an Amazon Associate, HardForum may earn from qualifying purchases.
Normal config is to just add 1 NIC port on the router for each subnet. Then you connect to switches for multiple connections to devices. You *can* have a bunch of NIC ports in the router and use a software bridge to make them act like a switch, but you need a faster CPU and more RAM if you dont want to take much of a performance hit.

I do it this way to connect my 40gb network to my 1gb network. Since my servers rest on the 40gb, and I often want to stream things to end devices which only contain 1gb ports. But typically for my situation you would just have a single 40gb NIC port on the main subnet, and then connect the 40gb switch to a 1gb switch with a 10gb SFP+ uplink.I just dont happen to have a 1gb switch with an uplink like that which is why I software bridge the network ports in the router.


So for your situation, you would just want to get a single Intel X540-T2 NIC. Use 1 port for your WAN connection and 1 port for the LAN. That LAN connection goes to a 10gb switch, and the 10gb switch connects to a 1gb switch.
Get something like an 8 port 10GbE switch from Netgear or Microtik (smart or managed type). Then buy a 12 or 24 port 1GbE smart or managed switch. This will let you set up your VLANs so you can segregate devices on the network from each other. Like having 1 SSID on the wifi access points for guest use and on a VLAN that doesnt access anything else. Another SSID for yourself on a VLAN that can access the server. TV on a VLAN that doesnt access anything so that when it gets compromised it doesnt compromise your whole network.
 
You must log in or register to reply here.
Back
Top