PFSENSE – DIY Router/Firewall revisited

In 2012, I wrote a blog entry called PFSENSE a DIY Router/Firewall. The article covered what PFSENSE is and why it is a good solution for a DIY Router/Firewall. Over the past 5 years, I have been using PFSENSE exclusively as my edge connectivity solution. Since then my network has evolved and my needs have changed and I have gone through multiple revisions of my home network.
My previous hardware for my router/firewall was suitable for a small office home office. However,  it didn’t meet the my needs when my internet connection jumped from 15 Mbps to over 300 Mbps.  This is when I needed to upgrade my hardware in 2014.

My previous PFSENSE build has been working for over a year since I started using it  and below was the hardware requirements.

• The PFSENSE Box is running:
  • Dual Pentium 3 Processors running at 1GHZ
  • 4 Gigs of  PC133ECC Memory
  • 200 Gig hard Drive
  • 350 Watt Power supply
  • 3 Netgear 10/100/100 Network Cards
• The Services running.
  • NAT
  • DHCP Server
  • Port Forwarding
  • DNS SERVER
  • DNS RELAY
  • UPNP
  • Bandwidth Graphing
  • Network Monitoring/IPS/IDS

My current router is now running a completely different set of hardware.

 Current hardware:

• Supermicro SuperServer
  • Intel Atom D525 Processor.
  • 4 GIGS of Ram
  • Dual 10/100/1000 Network Cards with IPMI
  • 250 Gig hard drive
  • 25 Watt Power Supply
• Services Running:
  • NAT
  • DHCP
  • Port Forwarding
  • DNS
  • DNS Relay
  • UPNP
  • Bandwidth Monitoring
  • Network Monitoring
  • IPV6 Connectivity
  • IPS/IDS
  • OSPF Routing
  • and Traffic Shaping

This set up is working well for my current internet connection of 300/25. It handles the connection fine and all my users have no problems. I will soon be upgrading this router/firewall when I am able to get gigabit fiber to the home. When that happens I will most likely upgrade to a xenon based server with 8 gigs of ram and server based hardware.
I know I will be able to perform more advanced features such as IPSEC VPN tunnels, captive portals and failover. But for now this will have to make due.  However, When I do that project I will make sure I do a photo blog detailing the whole process. But for now this is a revisit to the past with updated information.