Jump to content
RESET Forums (homeservershow.com)
dalem

Untangle or pfSense requirements

Recommended Posts

dalem

Hello Everyone,

 

While I am deciding on which firewall to use.  I want to get an idea of the hardware needed to support two 1 Gbit lan subnets and 50 Mbit down/5 Mbit up wan.  I have read the requirements on each site.  They are vague in what is 'really' needed.  Mostly because of each use case is different.  That is understandable but doesn't help me.  
I need something I could route two (for now) 1 Gbit subnets.  I will be setting up a subnet for a future replacement of my security cameras.  I am switching over to IP cameras.  My current lan is busy enough with streaming video and online gaming.  I plan on having up to 3 subnets.  I browsed the forums of each product.  The suggestions go from atom based cpu's to dual xeon.

 

Thanks,

Dale

Share this post


Link to post
Share on other sites
schoondoggy

My internet is about the same speed and I run two separate networks, home and lab. Currently, I am testing UNtangle on a slimline PC with a e8600 CPU with 4GB of memory and a 200GB drive with an Intel quad Gigabit NIC. It seems to be working well. All for under $100. I will probably move to a SSD. Popular CPU for this use are J1900 or N3700. Here is a CPU compare:

http://www.cpubenchmark.net/compare.php?cmp%5B%5D=957&cmp%5B%5D=2131&cmp%5B%5D=2513

 

If you had a faster internet circuit and many users taking advantage of it you would need more CPU and memory, as the UTM functions require more performance under larger loads. The LAN to LAN routing does not seem to require much, but then again I am not pushing much traffic between my two LAN's. Is the IP camera subnet going to be a third subnet or second?

Here is some other data:

http://homeservershow.com/forums/index.php?/topic/11518-need-a-platform-for-a-new-super-router/

Share this post


Link to post
Share on other sites
dalem

My internet is about the same speed and I run two separate networks, home and lab. Currently, I am testing UNtangle on a slimline PC with a e8600 CPU with 4GB of memory and a 200GB drive with an Intel quad Gigabit NIC. It seems to be working well. All for under $100. I will probably move to a SSD. Popular CPU for this use are J1900 or N3700. Here is a CPU compare:

http://www.cpubenchmark.net/compare.php?cmp%5B%5D=957&cmp%5B%5D=2131&cmp%5B%5D=2513

 

If you had a faster internet circuit and many users taking advantage of it you would need more CPU and memory, as the UTM functions require more performance under larger loads. The LAN to LAN routing does not seem to require much, but then again I am not pushing much traffic between my two LAN's. Is the IP camera subnet going to be a third subnet or second?

Here is some other data:

http://homeservershow.com/forums/index.php?/topic/11518-need-a-platform-for-a-new-super-router/

The IP cameras will be on a second subnet.  I have 3 people.  There are 3 smart phones, 1 tablet and 3 computers.  I also have my servers and nas to serve content to the local lan.  The one is a big gamer.  A lot of Steam and recently Playstation now.  Not sure if he will use that after this week. Since it is a subscription.  He told me it was a free 7 day trial.  He also watching netflix and youtube.  I watch a lot of youtube and occasionally video calls on skype.

I was reading about the amount of data the ip cameras can stream.  I was going to have 2 possibly 3.

I read that super router topic.  I was going to comment in it but forgot and created this one.

I am not sure how much of the UTM functions I would use.

Share this post


Link to post
Share on other sites
schoondoggy

What do you plan on doing with the IP camera data?

Share this post


Link to post
Share on other sites
oj88

If you have an old PC or a space for another VM in your ESXi/Hyper-V host, just go ahead and try either routers out. Frankly, it's hard to size up for a 'best fit' hardware because of the variables involved.

 

But to give you an idea:

 

I have a sub-10mbps internet connection. What I lack in bandwidth I make up on the number of users and devices. There are 8 actual users but because each user has multiple devices along with other 'common' connected devices (Rokus, smart TVs, cameras, APs, etc.), Untangle NG Complete reports 74 Known Devices on the LAN with 28 being the Maximum Active device count at one point. I've got all Untangle Apps installed except Virus Blocker Lite, Spam Blocker, and Application Control Lite. CPU Load remains low. Memory utilization is about 2.8GB while disk utilization is 12.8GB.

 

For this setup, I am using an old HP G7 Microserver N40L running ESXi. Untangle is in a VM with 2 cores, 80GB, and 6GB RAM assigned. Another guest VM is running APC's PCNS for ESXi for graceful shutdown. A third VM is pfSense (my previous firewall), but it's shutdown. The network connection to the physical world is via an HP Quad-gigabit NIC.

  • Like 1

Share this post


Link to post
Share on other sites
dalem

What do you plan on doing with the IP camera data?

I haven't really looked into it yet.  The most I know is from the HSS podcasts.  I know it will either be a Network DVR, DVR software running on a Linux box or a NAS.  Whatever is the most affordable and usable.

Share this post


Link to post
Share on other sites
dalem

If you have an old PC or a space for another VM in your ESXi/Hyper-V host, just go ahead and try either routers out. Frankly, it's hard to size up for a 'best fit' hardware because of the variables involved.

 

But to give you an idea:

 

I have a sub-10mbps internet connection. What I lack in bandwidth I make up on the number of users and devices. There are 8 actual users but because each user has multiple devices along with other 'common' connected devices (Rokus, smart TVs, cameras, APs, etc.), Untangle NG Complete reports 74 Known Devices on the LAN with 28 being the Maximum Active device count at one point. I've got all Untangle Apps installed except Virus Blocker Lite, Spam Blocker, and Application Control Lite. CPU Load remains low. Memory utilization is about 2.8GB while disk utilization is 12.8GB.

 

For this setup, I am using an old HP G7 Microserver N40L running ESXi. Untangle is in a VM with 2 cores, 80GB, and 6GB RAM assigned. Another guest VM is running APC's PCNS for ESXi for graceful shutdown. A third VM is pfSense (my previous firewall), but it's shutdown. The network connection to the physical world is via an HP Quad-gigabit NIC.

So I could use an i3 with 4 or 8 gb of ram and a couple dual nic Intel cards (possibly a quad nic depending on the price).  It would be stand alone in a mini-itx case.

Share this post


Link to post
Share on other sites
oj88

So I could use an i3 with 4 or 8 gb of ram and a couple dual nic Intel cards (possibly a quad nic depending on the price).  It would be stand alone in a mini-itx case.

Start with any hardware you can spare and go from there.

Share this post


Link to post
Share on other sites
itGeeks

So I could use an i3 with 4 or 8 gb of ram and a couple dual nic Intel cards (possibly a quad nic depending on the price).  It would be stand alone in a mini-itx case.

1. Do you have any of the parts for this build laying around or your starting from scratch?

2. What is your budget for this router build?

3. If you don't already have the motherboard/CPU then a core i3 is overkill, Stick with a J1900 or N3700 (SoC). I personally would not use a desktop grade motherboard for a server that said if your wanting to keep this on the cheap and your willing to add a quad port Intel NIC then you could use somthing like this https://www.amazon.com/Gigabyte-Built--Celeron-Motherboard-GA-J1900N-D3V/dp/B00IW99S4A/ref=sr_1_1?ie=UTF8&qid=1473187464&sr=8-1&keywords=GA-J1900N-D3V

http://www.gigabyte.com/products/product-page.aspx?pid=4918#sp

 

That Gigabyte only has duel NICs and its the worst of the bunch (Realtek) so you would have to disable them and use a good quad port Intel, This board also does not have IPMI so a monitor & keyboard will be needed. If your willing to spend the mony for a good server board the has IPMI and onboard Intel quad NIC's then I would recomend the one I am going to use http://www.superbiiz.com/detail.php?p=MB-X11SLN&c=fr&hash=5c622cabTHM5aAcRIRIJUEsB8UChrtrB2L09a8XRWsvVSPVxRNdq0wSqHUUkxCesbJes%2B44Yktg28AVTLZWJOa00i6zNR3KdNpk0EF%2BqFneL47fQb4Vqaw&gclid=Cj0KEQjw0rm-BRCn85bm8uS-zK0BEiQAHo4vrFIfbKVXBndToJtHf_OK6iESDhSKTf062Z7I6zxGVKYaApda8P8HAQ

 

That Supermicro board also comes as a SuperServer http://www.superbiiz.com/detail.php?name=SY-E2009B

 

Here is a nice review of the Supermicro board I recommend http://www.servethehome.com/supermicro-x11sba-ln4f-review/

Share this post


Link to post
Share on other sites
schoondoggy

This board also does not have IPMI so a monitor & keyboard will be needed.

Only for the 15-20 minutes it takes to load the system.

 

I personally would not use a desktop grade motherboard for a server

Just curious, why?

1. Do you have any of the parts for this build laying around or your starting from scratch?

2. What is your budget for this router build?

3. If you don't already have the motherboard/CPU then a core i3 is overkill, Stick with a J1900 or N3700 (SoC). I personally would not use a desktop grade motherboard for a server that said if your wanting to keep this on the cheap and your willing to add a quad port Intel NIC then you could use somthing like this https://www.amazon.com/Gigabyte-Built--Celeron-Motherboard-GA-J1900N-D3V/dp/B00IW99S4A/ref=sr_1_1?ie=UTF8&qid=1473187464&sr=8-1&keywords=GA-J1900N-D3V

http://www.gigabyte.com/products/product-page.aspx?pid=4918#sp

 

That Gigabyte only has duel NICs and its the worst of the bunch (Realtek) so you would have to disable them and use a good quad port Intel, This board also does not have IPMI so a monitor & keyboard will be needed. If your willing to spend the mony for a good server board the has IPMI and onboard Intel quad NIC's then I would recomend the one I am going to use http://www.superbiiz.com/detail.php?p=MB-X11SLN&c=fr&hash=5c622cabTHM5aAcRIRIJUEsB8UChrtrB2L09a8XRWsvVSPVxRNdq0wSqHUUkxCesbJes%2B44Yktg28AVTLZWJOa00i6zNR3KdNpk0EF%2BqFneL47fQb4Vqaw&gclid=Cj0KEQjw0rm-BRCn85bm8uS-zK0BEiQAHo4vrFIfbKVXBndToJtHf_OK6iESDhSKTf062Z7I6zxGVKYaApda8P8HAQ

 

That Supermicro board also comes as a SuperServer http://www.superbiiz.com/detail.php?name=SY-E2009B

 

Here is a nice review of the Supermicro board I recommend http://www.servethehome.com/supermicro-x11sba-ln4f-review/

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now



×
×
  • Create New...