pfSense Specs Recommendation?

[ZzBloopzZ]

I was recently given a older barebone rackmount server from work. It's actually never been used. I would like to play around with pfSense to see what all the fuss is about. I'm on a 25/5 FIOS connection, soon to be 42/35 in the coming weeks. I have about 16 devices connected to the network, which my WNDR3700 seems to be handling just fine.

The server doesn't come with RAM, CPU or HDD and is on the mPGA478 chipset. It does have 2x Intel 100Mbit NIC's. What would a good, low powered CPU to choose? I have a 2.8Ghz Prescott laying around, but those damn things eat too much power. Perhaps find a 2GHz Northwood? How much memory should I get, 1GB or 2GB? Also, do I really need a HDD or can I use a large flash drive? The mobo only supports IDE, and I don't have any IDE drives laying around. :c(

Thanks!

 

[calvinj]

pfsense is really forgiving. When I was running pfsense it was running on a 500mhz p3, 10 gig hd, 512mb of ram, and 2 dual head 10/100 nics. Ran great.

 

[jadams]

If you're concerned about power get the model of the motherboard and see if it supports a celeron rather than a pentium. Theyll run cooler and use less power. pentium or celeron, you probably wont do anything that will slow it down. Also look into a compact flash to ide converter. I've ran pfsense from a CF card with good results.

I recently attempted to install pfsense 2.0 on a 16gb flash drive but it hung during installation. Other may have had success.

1gb of ram would be plenty. ram for the most part is used for the state table. its hard to speculate how much ram the different packages use.

 

[HHunt]

I used a 2.1GB PATA disk for my m0n0wall install some years ago, and set it to spin down when not in use - it was essentially off except when booting or when I saved settings. I did worry that the (many years old) disk would eventually stop spinning up, which is where the CF card would be better - but otherwise it hardly matters.

 

[calvinj]

I never tried it, but I can do it with freenas, I would imagine PFsense would be no different, but my FreeNas OS is actually running off fro ma 4gb thumb drive. I could see PFSense working the same way probably

 

[YeOldeStonecat]

Sounds like a pretty slick rig...1U, pair of Intel NICs....the start of a good firewall appliance.
Full blown pentium 4...way overkill for PFSense. See how low of power you can run on it for a CPU..Celery not a bad idea.

Good base for a UTM setup too...like Untangle or Astaro.

 

[/dev/null]

PFSense should run on an atom 230 well, no ?

 

[Blue Fox]

PFSense should run on an atom 230 well, no ?

More than enough.

 

[ZzBloopzZ]

Thanks guys. I will toss in 1GB and find low powered CPU.

Can anyone recommend a good CF card adapter? Never done that before. Hopefully they make one that will work with a 1U case.

 

[munkle]

Thanks guys. I will toss in 1GB and find low powered CPU.

Can anyone recommend a good CF card adapter? Never done that before. Hopefully they make one that will work with a 1U case.

Any should work since all they do essentially is space the pins out more. THhre aren't any chips on the adapters. I bought one that plugs straight into the ide slot so you don't have to put the hdd anywhere. I also picked up a micro drive, its a hdd in compact flash form, so the writes wouldn't kill it.

You can also get them with a slot you put an ide cable into so you can mount them somewhere else. I bought mine off newegg. They were about $5 or so when I bought it.

 

[Jesse B]

Not meaning to thread-jack here, but how picky is pfSense with hardware? I'm interested in running it off of an atom board with a gig of RAM, but want to ensure that it will run on whatever I purchase.

 

[Shockey]

Not meaning to thread-jack here, but how picky is pfSense with hardware? I'm interested in running it off of an atom board with a gig of RAM, but want to ensure that it will run on whatever I purchase.

I've seem people run it on the atom 330 all the way up to the D510(Have this one)

 

[munkle]

I ran mine on a celeron 500, with 512mb ram. The only problems I have run into is it not working/working right on some older amd boards. But I personally stick with intel products when running linux the support seems to be better.

 

[Skud]

I've run pfSense on:

Wyse 9450XE thin client (Via Epia 550mhz based). Maxxed out at around 15Mbps due to high interrupts from the onboard Via Rhine NIC.

Dell Optiplex, older P3 based Celeron 1Ghz. Never broke a sweat with a 25Mbps cable connection. I think I saw about 10% CPU usage at most.

Atom 330 based board, on board Atheros gigabit, and a PCIe x1 Intel NIC. Usage hovered around 3 - 5%.

My current pfSense box is a Supermicro X7SPA-HF with 2 x Intel gigabit NICs onboard, 4GB CompactFlash to SATA. Been running awesome for a year or so..

So, the moral of the story is that as long as you have good NICs you can use the lowest powered CPU you can find for your board.

Riley

 

[Jesse B]

Sweet, sounds like I'm good to go then

 

[ZzBloopzZ]

Forgot to ask, how big of a compact flash card should I get?

Thanks!

 

[Brak710]

For pfSense, 1GB is probably optimal.

Now if you plan on installing crazy packages, you might want 2-4GB. But you also shouldn't be install packages that use constant writing otherwise your CF will die pretty quick.

Microdrives are an option, too.

 

[Blue Fox]

Nearly anything will do. It only requires 128mb. Use an industrial card if you're not doing the embedded install as SLC CF cards are far more resilient. Here's a decent one (I have one of the 8gb ones myself): http://www.newegg.com/Product/Product.aspx?Item=N82E16820208541

 

[Brak710]

Just checked, my aging pfsense install is using 660MB of a 60gb hdd. Not many packages besides phpsysinfo, bandwidthd, and I think Squid that was never configured.

2 days until my Firebox x700 replaces it.

 

[ZzBloopzZ]

Don't plan to install any packages, except something to monitor bandwidth.

I'll go with the SLC CF then. Thanks everyone!

 

[aviat72]

There are some pfsense boxes on sale on EBay which neoware thin clients. Any thoughts on these?
http://www.ebay.com/itm/13059867676...X:IT&_trksid=p3984.m1423.l2649#ht_2371wt_1396

 

[Red Squirrel]

If I was to build a new box, I'd probably just go with an Atom, and like 4gigs of ram... heck 1gig is enough, but ram is so cheap may as well just get two 2GB sticks or something.

To give an idea, I run it on a Dell 1650, which is P3. The CPU is barely utilized. I tend to push it quite far with torrents too. Not really lot of bandwidth but lot of connections.

Something like this would make a nice pfsense box:

http://www.newegg.ca/Product/Product.aspx?Item=N82E16816101365

Throw in a dual port nic in there and you're laughing. (4 ports total)

 

[aviat72]

If I was to build a new box, I'd probably just go with an Atom, and like 4gigs of ram... heck 1gig is enough, but ram is so cheap may as well just get two 2GB sticks or something.

To give an idea, I run it on a Dell 1650, which is P3. The CPU is barely utilized. I tend to push it quite far with torrents too. Not really lot of bandwidth but lot of connections.

Something like this would make a nice pfsense box:

http://www.newegg.ca/Product/Product.aspx?Item=N82E16816101365

Throw in a dual port nic in there and you're laughing. (4 ports total)

The issue is power consumption and size, and of course price. These thin clients are all over EBay for cheap. What I wonder about is whether the compute power is sufficient.

 

[Chibo]

What kind of connection do you have? That'd be fine as long as you aren't loading it up with snort rules, VPN, or something like that.

 

[timreichhart]

Well I am looking at pfsense also but this is going to be on either 15/2 or 30/5 twc business connection would this neoware setup be good enought for me?

 

[aviat72]

What kind of connection do you have? That'd be fine as long as you aren't loading it up with snort rules, VPN, or something like that.

Home network. Want to setup a dual WAN with rollover. Very likely will just use DD-WRT for it. But pfsense box would be a nice toy to tinker with.