pfSense hardware

[anodos]

The pfsense forum has a lot more a-holes on it than the the FreeNAS forum. What a world of difference. I saw some thread over there, related to the mobo i bought, in which you paticipated. This guy is being trolled by some guy that calls himself "Administrator" (which i doubt he is) for trying to figure out an issue with his intel NICs (drivers). Also the first resonse on my hardware recommenration request was "I would go ahead and buy the most current and expensive piece of hardware that you can find in the ESF store, since no matter what I recommend, that what others will recommend and ultimately thats what you will go with." Yeah, great advice....

I sure hope that is not the common way of communication over there.

Well, we've got some prolific and knowledgeable a-holes, and so we've got that going for us. Of course I won't single anyone like jgreco out.

 

[Jailer]

Yeah jwt can be a real douche at times and he's not just an administrator he's one of the developers. But if you look around you'll see that he's pretty helpful most of the time, he just goes off on occasion it seems.

 

[Rilo Ravestein]

Well, we've got some prolific and knowledgeable a-holes, and so we've got that going for us. Of course I won't single anyone like jgreco out.

I thought that MB was the abbreviation for "megabastards".

No, "jgreco" is the abbreviation for "megabastard." Don't forget it.

Check ;)

 

[Ericloewe]

What I don't like about their forums is that there is very little "introduction to $topic" content, which leads to endless searching or having to ask basic questions - which I know from experience gets real old real fast.

 

[Rilo Ravestein]

I've been searching my ass off over there. Even a simple question of what storage i might need for my box (SSDs seem to wear out quickly with pfsense i've heard) is taking me days already. The slow responces don't help either.

Btw: Any of you guys have experice with this one: Crucial M550 128GB mSATA ? I can buy it for €74,84 (81,36 USD). It supports TRIM and even has full power loss protection :)

 

[anodos]

I've been searching my ass off over there. Even a simple question of what storage i might need for my box (SSDs seem to wear out quickly with pfsense i've heard) is taking me days already. The slow responces don't help either.

I've been running pfsense embedded on a 4GB CF card for about a year. Hasn't worn out yet.

As of 2.2.4 TRIM wasn't enabled by default in the pfsense installer: https://forum.pfsense.org/index.php?topic=97554.msg544213#msg544213

The obvious solution is that you need to use an array of 15K drives for your pfsense box because it's more expensiver.

 

[Ericloewe]

I've been searching my ass off over there. Even a simple question of what storage i might need for my box (SSDs seem to wear out quickly with pfsense i've heard) is taking me days already. The slow responces don't help either.

Btw: Any of you guys have experice with this one: Crucial M550 128GB mSATA ? I can buy it for €74,84 (81,36 USD). It supports TRIM and even has full power loss protection :)

Nope. It is *NOT* full power loss protection. It's only for metadata!

It's a decent drive, but the price is absurd. Can't you find something like a BX100 for about half that price?

Besides, pfSense can't be worse than your average OS on SSDs. I have two 240GB M550s chugging away here, no problems to report.

I used to run pfSense on a 160GB WD blue - the cheapest SATA drive I could find at the time (it was a couple of years ago).

 

[Rilo Ravestein]

Nope. It is *NOT* full power loss protection. It's only for metadata!

I'm not sure what that means.

It's a decent drive, but the price is absurd. Can't you find something like a BX100 for about half that price?

That one is exactly the same price over here :(

 

[Ericloewe]

I'm not sure what that means.

It means that data like LBA-to-physical location mappings is protected by the relatively puny capacitors, whereas "real" user data isn't.

 

[JJT211]

I'm not sure what that means.
That one is exactly the same price over here :(

I went with a 30GB mSata based on the specs of the official pfsense boxes. And let me tell you that 30GB is PLENTY big enough for home use, even if you plan on using the Squid package.

 

[Jailer]

I've been running pfsense embedded on a 4GB CF card for about a year. Hasn't worn out yet.

That's because the embedded version runs everything in memory including the logs so there's no writes to the disk to wear it out.

What's nice about pfsense is you can run it on old retired hardware as long as you don't have an uber fast (e.g. fiber) internet connection. I'm running mine on 13 year retired desktop hardware that has literally no use except for landfill fodder. Yes I could save a couple bucks by running something newer and more efficient but there is a certain satisfaction of keeping the old "junk" running and serving a purpose.

 

[JJT211]

Rilo, have you tried running OpenVPN as a client? If so, are you getting full 500mbps? Im just dying to see what limits are to this big bad mofo

 

[joeschmuck]

Ok, i've done it. I ordered myself some early christmas presents:

Supermicro A1SRi-2558F mobo, with Atom C2558, 4x intel LAN ports on I354 & IPMI
Kingston ValueRAM KVR16LSE11/8HB 8GB DDR3L-1600 ECC
Supermicro Mini-ITX SC101i chassis
PicoPSU-80 + 60W Adapter Power Kit

Should be sufficient for a while

I'd like to hear how this thing runs for you once you open your gifts and put it together. Even though I'm a Sophos user, it's not the easiest program to adjust.

 

[Rilo Ravestein]

Rilo, have you tried running OpenVPN as a client? If so, are you getting full 500mbps? Im just dying to see what limits are to this big bad mofo

My presents did not arrive yet. Also, im not on 500mbps connection yet unfortunately. Higher management issues ;) Takes some time to convince her

 

[Rilo Ravestein]

That's because the embedded version runs everything in memory including the logs so there's no writes to the disk to wear it out.

Yes, but there are some limitations on the packages you can run on the embedded version. I haven't figured out the exact limitations to the embedded version yet. The 'official' statement is "Packages that are large or that require write access to the disk are restricted/unavailable (e.g. ntopng)" so that's not very helpful.

 

[Rilo Ravestein]

It means that data like LBA-to-physical location mappings is protected by the relatively puny capacitors, whereas "real" user data isn't.

So what does that protect? The drive itself? I don't mind losing user data, since that's what backups are for. I do mind losing the whole disk obviously.

pfsense their own box can be ordered with an Intel M525 30GB, which currently sells for around 62 euro (the 535 is 69). The Crucial M550 128GB drive costs only 12 euro more and is a lot bigger (better wear leveling if i am correct), according to some benchmarks it's a lot faster. The Intel drive has no mention of any power loss protection, so i guess it's not a big deal anyway.
All in all i'm starting to thing that any good brand SSD will do fine...

I also just noticed that that board has no mSATA connector

 

[JJT211]

I also just noticed that that board has no mSATA connector

Yea I found that out the hard way. They sell mSata to Sata adapters for like 10 bucks on amazon. And probably whatever the NL equivalent to Amazon is.

 

[Ericloewe]

And probably whatever the NL equivalent to Amazon is.

That would be Amazon. ;)

So what does that protect? The drive itself? I don't mind losing user data, since that's what backups are for. I do mind losing the whole disk obviously.

Well, it means that data at rest is theoretically safe, but all bets are off for data that is being written...

Not a real problem for a boot device, FreeNAS or pfSense. Something happens?

1. Say D'oh!
2. Reinstall FreeNAS/pfSense
3. Upload config
4. ???
5. Profit

 

[Jailer]

I also just noticed that that board has no mSATA connector

The supermicro board does not. The units that are sold through the pfsense store are custom built boards that's why they can accommodate a mSATA drive. You can go poke around at netgate to see what they offer.

 

[Rilo Ravestein]

I'll just use a "regular" sata drive. No biggie