Networking, Projects, Technology

PFSENSE – DIY Router/Firewall revisited

Ron

In 2012, I wrote a blog entry called PFSENSE a DIY Router/Firewall. The article covered what PFSENSE is and why it is a good solution for a DIY Router/Firewall. Over the past 5 years, I have been using PFSENSE exclusively as my edge connectivity solution. Since then my network has evolved and my needs have changed and I have gone through multiple revisions of my home network.
My previous hardware for my router/firewall was suitable for a small office home office. However,  it didn’t meet the my needs when my internet connection jumped from 15 Mbps to over 300 Mbps.  This is when I needed to upgrade my hardware in 2014.

My previous PFSENSE build has been working for over a year since I started using it  and below was the hardware requirements.

  • The PFSENSE Box is running:
    • Dual Pentium 3 Processors running at 1GHZ
    • 4 Gigs of  PC133ECC Memory
    • 200 Gig hard Drive
    • 350 Watt Power supply
    • 3 Netgear 10/100/100 Network Cards
  • The Services running.
    • NAT
    • DHCP Server
    • Port Forwarding
    • DNS SERVER
    • DNS RELAY
    • UPNP
    • Bandwidth Graphing
    • Network Monitoring/IPS/IDS

My current router is now running a completely different set of hardware.

 Current hardware:

  • Supermicro SuperServer
    • Intel Atom D525 Processor.
    • 4 GIGS of Ram
    • Dual 10/100/1000 Network Cards with IPMI
    • 250 Gig hard drive
    • 25 Watt Power Supply
  • Services Running:
    • NAT
    • DHCP
    • Port Forwarding
    • DNS
    • DNS Relay
    • UPNP
    • Bandwidth Monitoring
    • Network Monitoring
    • IPV6 Connectivity
    • IPS/IDS
    • OSPF Routing
    • and Traffic Shaping

This set up is working well for my current internet connection of 300/25. It handles the connection fine and all my users have no problems. I will soon be upgrading this router/firewall when I am able to get gigabit fiber to the home. When that happens I will most likely upgrade to a xenon based server with 8 gigs of ram and server based hardware.
I know I will be able to perform more advanced features such as IPSEC VPN tunnels, captive portals and failover. But for now this will have to make due.  However, When I do that project I will make sure I do a photo blog detailing the whole process. But for now this is a revisit to the past with updated information.

 

Related Posts

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.