Saturday, April 16, 2016

pFSense: The Hardware

Mark Furneaux talks about CPUs, memory, NIC (Network Interface Controller) adapters, and wireless configurations for pfSense in the second part of his series. I agree with all of his recommendations, detailed below. He doesn't discuss how pfSense is stored on the system (except in later notes on the video), but I also follow his recommendation of a hard drive.

He recommends CPUs as old as ten years, I will lengthen that to 15 years if it is higher-performance for the age, and especially if it is a dual CPU configuration (two CPUs in the same system). That timespan includes the last of Intel's Pentium IIIs, and the start of AMD's 64-bit CPUs.

My current pfSense firewall has dual Pentium IIIs. Mark doesn't mention that pfSense comes in two different CPU deployments: 'x86' which is 32-bit and 'AMD64' that is 64-bit. It is recommended that you go with the 64-bit architecture if possible, that path is still open for FreeBSD (and by convention, pfSense), and you aren't limited to less than 4Gb of RAM.

I typically hear of pfSense installations of around 2 or 4Gb. Mine is currently 4Gb, Mark's is 6Gb. Usually, RAM is easy enough to procure to maximize it (at 4Gb) with 32-bit CPU(s).

Mark also mentions the native ability of pfSense to run "VLANs" (Virtual LANs). The easiest way to describe a VLAN is more than one network on a single physical Ethernet connection. I use VLANs on my network, but it is on switch trunks for security, and my pfSense firewall has separate "interfaces" for each network. My networks will be described later, at this point I will identify that I have four of them.

As Mark recommends, I use Intel NICs, in "dual" port Gigabit flavors that are widely available second-hand, like he says. Mark also addresses wireless networks, which I again agree with. I have separate WAPs (Wireless Access Points) on two of my networks.

Here is part 2 from Mark Furneaux, "The Hardware":

No comments:

Post a Comment