PFSense for dual WAN connection firewall - thoughts?
-
I know many of you use or have used PFSense in the past for firewalls.
I'm still weighing my options - what do you think of using a PFSense (my own or their dedicated hardware) for a redundant ISP setup?
-
Were just discussing this morning that NTG is going to put pfSense in (again) to the NTG Lab. Proliant DL145 G3 will be used for it.
It's a great firewall product. Never used it for load balancing myself.
-
Do you need something that beefcake for PFSense?
I'm guessing I could run it from a VM, though I'd want some dedicated NIC ports for it.
-
@Dashrender said:
Do you need something that beefcake for PFSense?
Need, heck no. Can? Yes, yes I can.
-
@Dashrender said:
I'm guessing I could run it from a VM, though I'd want some dedicated NIC ports for it.
Virtualizing is fine. But I would always be tempting to be on a one to one scenario with dedicated hardware.
-
OK what do you have left you're getting rid of?
-
@Dashrender said:
OK what do you have left you're getting rid of?
Don't know, Danielle is tracking that. Check on that thread.
-
@Dashrender said:
OK what do you have left you're getting rid of?
Although - the power consumption costs probably aren't worth it compared to buying PFSenses dedicated hardware platforms.
-
Very possible. And it is loud.
-
@scottalanmiller said:
Very possible. And it is loud.
Louder than DL380's? I'd be putting it in my DC.
-
@Dashrender said:
@scottalanmiller said:
Very possible. And it is loud.
Louder than DL380's? I'd be putting it in my DC.
Nothing is that loud.
-
@Dashrender said:
Do you need something that beefcake for PFSense?
I'm guessing I could run it from a VM, though I'd want some dedicated NIC ports for it.
My pfSense test instance is running off of a VM just fine, but it has been tricky to get the XenServer Tools to work with it as there's no official support for BSD as far as I know.
-
@scottalanmiller said:
@Dashrender said:
I'm guessing I could run it from a VM, though I'd want some dedicated NIC ports for it.
Virtualizing is fine. But I would always be tempting to be on a one to one scenario with dedicated hardware.
Pfsense doesn't do well performance wise virtalized. At least it didn't used to. I think they have a pay for version optimized for VM platforms.
-
@thecreativeone91 said:
Pfsense doesn't do well performance wise virtalized. At least it didn't used to. I think they have a pay for version optimized for VM platforms.
It's just FreeBSD plus drivers, right? It should do as well as FreeBSD does on whatever platform is in question. That FreeBSD doesn't have PV support for Xen is a major drawback to FreeBSD as a platform in general. But it should only be a question of drivers, in general.