pfSense install on Proliant DL360 G7

[IbSta]

Hello!

 

I have a Proliant DL360 G7 with 176 GB of ECC RAM and 2 CPU's (2 physical 24 logical cores) with Intel PCI-E 4 port Gig NIC as well AND also 4 onboard 100MB ports + 1 iLO. I don't know what to do with this server for my home lab as I also have a DL380 G7 with 228 GB of ECC RAM and 8 TB of storage plus an attached HP StorageWorks MSA50 running via external SAS cable. The DL380 is hosting my home 'domain' as well as other VM's. I've always wanted to play around with pfSense and doing some Google searches and watching Youtube videos it looks like it's fairly easy to install / setup and definitely a better investment. I was originally going to run it in a VM however, I've heard more cons vs pros on that, so now I'm deciding if I should bite the bullet and just dedicate the DL360 as my pfSense box and I know it's complete OVERKILL!!!! Thoughts?

 

Thank you!

[+Kyle Subscriber¹]

I mean I am assuming that since you listed out the specs of your server you know it's a bit overpowered for a router. Not just that but power consumption, etc etc. 

 

If I were in your shoes and just trying to learn pfSense I would just go the VM route because that seems like the path of least resistance.

[+BudMan MVC]

20 hours ago, IbSta said:

I've heard more cons vs pros on that

Like what?  I ran pfsense on esxi for years!!  Zero downside other than any reboot of the esxi host took down your internet connection.  The only reason I went with hardware was the VM on OLD hardware could not keep up with new fast internet 500/50..  And it was more cost effective to buy router hardware (sg4860 netgate) vs the new esxi host I "wanted" ;) that would of been able to handle my internet speeds.

 

That box is WAY Over powered for a router - using it just for a router would be complete waste, and not very efficient in power use, etc. etc..

[+InsaneNutter MVC]

I'm running pfSense in a VM with 512mb ram and 1x CPU core, I can't get anywhere near to pushing that to it's limit on my home network with a 200 / 12 connection.

 

I've never personally had any issues with running pfSense as a VM, I update it as / when and it runs until the next pfSense update without a reboot. My VM is probably a couple of years old now.

 

Pros: None

 

Cons: Electricity bill and unnecessary impact on the environment?

[IbSta]

Thanks for the response guys!

Quote

9 hours ago, BudMan said:

Like what?  I ran pfsense on esxi for years!!  Zero downside other than any reboot of the esxi host took down your internet connection.  The only reason I went with hardware was the VM on OLD hardware could not keep up with new fast internet 500/50..  And it was more cost effective to buy router hardware (sg4860 netgate) vs the new esxi host I "wanted" that would of been able to handle my internet speeds.

 

That box is WAY Over powered for a router - using it just for a router would be complete waste, and not very efficient in power use, etc. etc..

 

Reading and watching a bunch of Youtube videos people were saying that leaving the ESXI expose to the internet was already defeating the purpose of setting up a firewall. See link:

 

https://community.spiceworks.com/topic/705889-should-you-virtualise-your-router-pfsense

 

[+BudMan MVC]

They are IDIOTS!!!~  No you wouldn't expose the the freaking vmkern to the internet..  DUHHHHHH!

 

The only thing exposed to the internet would be the pfsense WAN IP... On its own NIC, on its own vswitch with no other portgroups even on this vswitch.. Your vmkern, and access to esxi would be only on your local lan only, normally a administration only network..

 

The stupid is so freaking bad it BURNS!!!  I would follow your link - but the stupid there would prob give me cancer or something.

 

The one thing I would suggest is if your nics support intel ME is updated or disabled, etc. etc.. I wouldn't expose those nics to the public internet.

[neoraptor]

@IbSta - Might sound stupid, but why don't you sell this server (or at least the ram) and get something more suitable for router, or even build one from scratch (mobo, some cpu with AES-NI, 2GB of ram and bunch of nics).

[+Fahim S. MVC]

It's a complete waste of resources.  pfSense runs well enough on a Goldmont based SoC, with very little RAM (2GB) and storage space (16GB or so if I remember correctly).

There are no major cons to running it as a VM.  Like @BudMan  I did it for quite some time without any problem.  I ran it as a VM on a HP Microserver G7 running ESXi.

 

Virtualise it.  Or buy cheap and low power hardware for it.

[shockz]

My i5 nuc with 4GB is overkill for my pfsense VM, let alone a full fledged server with 176GB of RAM.

Edited July 6, 2018 by shockz