• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

  • 0
Sign in to follow this  

pfSense install on Proliant DL360 G7

Question

IbSta    6

Hello!

 

I have a Proliant DL360 G7 with 176 GB of ECC RAM and 2 CPU's (2 physical 24 logical cores) with Intel PCI-E 4 port Gig NIC as well AND also 4 onboard 100MB ports + 1 iLO. I don't know what to do with this server for my home lab as I also have a DL380 G7 with 228 GB of ECC RAM and 8 TB of storage plus an attached HP StorageWorks MSA50 running via external SAS cable. The DL380 is hosting my home 'domain' as well as other VM's. I've always wanted to play around with pfSense and doing some Google searches and watching Youtube videos it looks like it's fairly easy to install / setup and definitely a better investment. I was originally going to run it in a VM however, I've heard more cons vs pros on that, so now I'm deciding if I should bite the bullet and just dedicate the DL360 as my pfSense box and I know it's complete OVERKILL!!!! Thoughts?

 

Thank you!

Share this post


Link to post
Share on other sites

8 answers to this question

Recommended Posts

  • 0
+Kyle    98

I mean I am assuming that since you listed out the specs of your server you know it's a bit overpowered for a router. Not just that but power consumption, etc etc. 

 

If I were in your shoes and just trying to learn pfSense I would just go the VM route because that seems like the path of least resistance.

Share this post


Link to post
Share on other sites
  • 0
+BudMan    3,368
20 hours ago, IbSta said:

I've heard more cons vs pros on that

Like what?  I ran pfsense on esxi for years!!  Zero downside other than any reboot of the esxi host took down your internet connection.  The only reason I went with hardware was the VM on OLD hardware could not keep up with new fast internet 500/50..  And it was more cost effective to buy router hardware (sg4860 netgate) vs the new esxi host I "wanted" ;) that would of been able to handle my internet speeds.

 

That box is WAY Over powered for a router - using it just for a router would be complete waste, and not very efficient in power use, etc. etc..

Share this post


Link to post
Share on other sites
  • 0
+InsaneNutter    1,283

I'm running pfSense in a VM with 512mb ram and 1x CPU core, I can't get anywhere near to pushing that to it's limit on my home network with a 200 / 12 connection.

 

I've never personally had any issues with running pfSense as a VM, I update it as / when and it runs until the next pfSense update without a reboot. My VM is probably a couple of years old now.

 

Pros: None

 

Cons: Electricity bill and unnecessary impact on the environment?

Share this post


Link to post
Share on other sites
  • 0
IbSta    6

Thanks for the response guys!

Quote
9 hours ago, BudMan said:

Like what?  I ran pfsense on esxi for years!!  Zero downside other than any reboot of the esxi host took down your internet connection.  The only reason I went with hardware was the VM on OLD hardware could not keep up with new fast internet 500/50..  And it was more cost effective to buy router hardware (sg4860 netgate) vs the new esxi host I "wanted" ;) that would of been able to handle my internet speeds.

 

That box is WAY Over powered for a router - using it just for a router would be complete waste, and not very efficient in power use, etc. etc..

 

Reading and watching a bunch of Youtube videos people were saying that leaving the ESXI expose to the internet was already defeating the purpose of setting up a firewall. See link:

 

https://community.spiceworks.com/topic/705889-should-you-virtualise-your-router-pfsense

 

Share this post


Link to post
Share on other sites
  • 0
+BudMan    3,368

They are IDIOTS!!!~  No you wouldn't expose the the freaking vmkern to the internet..  DUHHHHHH!

 

The only thing exposed to the internet would be the pfsense WAN IP... On its own NIC, on its own vswitch with no other portgroups even on this vswitch.. Your vmkern, and access to esxi would be only on your local lan only, normally a administration only network..

 

The stupid is so freaking bad it BURNS!!!  I would follow your link - but the stupid there would prob give me cancer or something.

 

The one thing I would suggest is if your nics support intel ME is updated or disabled, etc. etc.. I wouldn't expose those nics to the public internet.

  • Like 1

Share this post


Link to post
Share on other sites
  • 0
neoraptor    56

@IbSta - Might sound stupid, but why don't you sell this server (or at least the ram) and get something more suitable for router, or even build one from scratch (mobo, some cpu with AES-NI, 2GB of ram and bunch of nics).

Share this post


Link to post
Share on other sites
  • 0
+Fahim S.    1,058

It's a complete waste of resources.  pfSense runs well enough on a Goldmont based SoC, with very little RAM (2GB) and storage space (16GB or so if I remember correctly).

There are no major cons to running it as a VM.  Like @BudMan  I did it for quite some time without any problem.  I ran it as a VM on a HP Microserver G7 running ESXi.

 

Virtualise it.  Or buy cheap and low power hardware for it.

  • Like 1

Share this post


Link to post
Share on other sites
  • 0
shockz    5,223

My i5 nuc with 4GB is overkill for my pfsense VM, let alone a full fledged server with 176GB of RAM.

stat12.PNG

Edited by shockz
  • Like 2

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.