• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Big Networking Question! [pfSense, Gigabit, Switch, Server, Oh My!]

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
ShadowPho

ShadowPho

Member
Joined
Jun 8, 2005
Location
I am in your stack, SUBbing your registers!
I am currently in the process of re innovating my home network. It's a pretty simple home network setup [Comcast -> Modem -> Router -> Devices]. To illustrate this I have made a diagram to illustrate this.
sGoqJlG.png

I currently have the PC\Xbox\Pandaboard hooked up. I will receive the NAS in the next two weeks, and will then use it to the fullest [watch 1080p movies, transcode said movies, stream netflix, backup, storage from outside].

However, I want to add 2x Parallella devices [specialized development platforms] to my network. The problem is that they will saturate 10/100 network non-stop between each other, and I will be out of router ports. I want to put a gigabit switch behind the router, but I don't want to lose performance if the boards are talking while I am copying files from NAS to home at gigabit speeds. Will that be a problem or can switch handle two streams concurrently? What gigabit switch do you guys recommend? I would like it to have 8x ports, be gigabit, under $50 if possible and super stable.


Which brings me to next question: I would like to add a pfsense\smoothwall box in between modem and router like this.
TelcZhC.png

Then I can disable the router and let the smoothwall\pfsense handle IP allocation and port forwarding. [+Snort\Squid]. Should I go with pfSense or Smoothwall? How big is the box requirement? Can I build it for under $400? What do guys recommend? [Only real requirement is if it's silent]


Any advice will be greatly appreciated. :)
 
I have not used Smoothwall for some years, as my last interaction with it pretty much pushed me away from ever using it again (ie too buggy). pfSense would be the better, however, I personally recommend Astaro UTM 9, aka Sophos UTM 9. By far it's been the best firewall that I have used.

For the Gigabit switch, make sure that the switch can handle the amount of traffic you require. A Gigabit switch may, for instance, have 12 ports which may lead you to believe it can handle 24Gb of traffic at once. However the chipset in the switch that actually handles the traffic may only be capable of processing 12Gb of traffic. So do your homework and shop for a quality dumb switch or even better, a managed switch that can handle the traffic you require.

[edit] Dell Powerconnect 5224 is a very good managed switch that can usually be found on eBay for around $100. [/edit]
 
Last edited:
ShadowPho said:
What gigabit switch do you guys recommend? I would like it to have 8x ports, be gigabit, under $50 if possible and super stable.


Which brings me to next question: I would like to add a pfsense\smoothwall box in between modem and router like this.
TelcZhC.png

Then I can disable the router and let the smoothwall\pfsense handle IP allocation and port forwarding. [+Snort\Squid]. Should I go with pfSense or Smoothwall? How big is the box requirement? Can I build it for under $400? What do guys recommend? [Only real requirement is if it's silent]


Any advice will be greatly appreciated. :)
Click to expand...

pfSense + 1

I use pfSense in that method you describe. It handles my DHCP and IPSec VPN and is also a local DNS server. I have a Netgear WNDR4000 that performs switching functions and wireless AP only, and then I have a Dell Powerconnect 5224 which is a 24 port gigabit switch. It's really easy to set up and runs on almost anything from embedded devices to full fledged systems to virtual machines. Currently I have mine in an Athlon XP 3200+ system with 1GB of RAM and two Intel Pro 1000/MT cards. At the moment its running outside the case with a way more powerful PSU than it needs and a HDD solely because it was lying around and I had to test it (runs just fine off a thumbstick) but its super quiet and pfsense is not resource hungry at all unless you have multiple NICs and VLANs with lots of IP traffic/firewall rules. For reference, out of 1GB of RAM, it says only 13% of it is used.

P1030440r.jpg

For an unmanaged 8 port gigabit switch I could recommend the Netgear GS108 which is around $50. Personally I have the GS105 which is the 5 port version. I've had all 5 ports connected and it just gets barely lukewarm, and it's small enough to toss in a bag when I need it on the go somewhere. With a solid choice of a switch like this you won't have to worry about the traffic between those ports ruining your bandwidth to the other ports.

Side note: What software is that?
 
I'm reading online that your buffalo router is gigabit, so I would hang the pc and server directly off the router ethernet ports, then plug a gigabit switch in to the router and hang the rest of that. and use cat6 cable if you can.
 
Mpegger said:
I have not used Smoothwall for some years, as my last interaction with it pretty much pushed me away from ever using it again (ie too buggy). pfSense would be the better, however, I personally recommend Astaro UTM 9, aka Sophos UTM 9. By far it's been the best firewall that I have used.

For the Gigabit switch, make sure that the switch can handle the amount of traffic you require. A Gigabit switch may, for instance, have 12 ports which may lead you to believe it can handle 24Gb of traffic at once. However the chipset in the switch that actually handles the traffic may only be capable of processing 12Gb of traffic. So do your homework and shop for a quality dumb switch or even better, a managed switch that can handle the traffic you require.

[edit] Dell Powerconnect 5224 is a very good managed switch that can usually be found on eBay for around $100. [/edit]
Click to expand...

Thank you! Powerconnect looks very cool; but it's fairly expensive and serious. For once, it has fans which I would like to avoid; It's also twice of price [with 3x gigabit ports too].

I will look into Sophos UTM. Looks interesting!

cullam3n said:
pfSense + 1

I use pfSense in that method you describe. It handles my DHCP and IPSec VPN and is also a local DNS server. I have a Netgear WNDR4000 that performs switching functions and wireless AP only, and then I have a Dell Powerconnect 5224 which is a 24 port gigabit switch. It's really easy to set up and runs on almost anything from embedded devices to full fledged systems to virtual machines. Currently I have mine in an Athlon XP 3200+ system with 1GB of RAM and two Intel Pro 1000/MT cards. At the moment its running outside the case with a way more powerful PSU than it needs and a HDD solely because it was lying around and I had to test it (runs just fine off a thumbstick) but its super quiet and pfsense is not resource hungry at all unless you have multiple NICs and VLANs with lots of IP traffic/firewall rules. For reference, out of 1GB of RAM, it says only 13% of it is used.

View attachment 132432

For an unmanaged 8 port gigabit switch I could recommend the Netgear GS108 which is around $50. Personally I have the GS105 which is the 5 port version. I've had all 5 ports connected and it just gets barely lukewarm, and it's small enough to toss in a bag when I need it on the go somewhere. With a solid choice of a switch like this you won't have to worry about the traffic between those ports ruining your bandwidth to the other ports.

Side note: What software is that?
Click to expand...

How much internets do you have? I currently have 100 mbps down, and I really want to keep it :). Otherwise I might look up a cheap Athlon build [CPU $30, mobo $50], or maybe a cheap i3\atom build. The passive cooling is kind of hard though....

side note: visio 2013. Took about 10 minutes to do :).
 
ShadowPho said:
Thank you! Powerconnect looks very cool; but it's fairly expensive and serious. For once, it has fans which I would like to avoid; It's also twice of price [with 3x gigabit ports too].

I will look into Sophos UTM. Looks interesting!



How much internets do you have? I currently have 100 mbps down, and I really want to keep it :). Otherwise I might look up a cheap Athlon build [CPU $30, mobo $50], or maybe a cheap i3\atom build. The passive cooling is kind of hard though....

side note: visio 2013. Took about 10 minutes to do :).
Click to expand...

An Atom is more then enough for any current software Linux based firewall you can get, including IPCop, pfSense, and Astaro/Sophos UTM. Of course, a Athlon build is also just as good, but any hardware you may have laying around that you consider outdated should be capable of doing the job. Intel P3 class power should be considered minimum but you can probably go lower for todays firewalls since it'll be a simple home setup, so go with whatever fits your budget.

The Powerconnect isn't that difficult to use, but it has more then enough power to handle any current or future needs. Instead of buying and adding on more and more switches, you can just do away with them all and use 1.

But I agree with one of the other posters. Keep your current hardware which already has a Gigabit switch built in and use that in addition to a 2nd switch. You could luck out with a sale for a 8-port around $40 or less now-a-days. Monoprice has one for less then $30, though I know nothing of the hardware in it or quality.

I wouldn't worry much about bandwidth on your switch(es). Most current gen switches should do just fine even if your Parellella setup is a bandwidth hog. But if you are worried (or it really does cause problems), you could just keep the Parallella setup on its own switch. I moved some of the stuff around to give you a better idea for the network layout. The "critical" items are on the Buffalo Gigabit switch, while all the rest are on the 2nd switch.
 

Attachments

  • TelcZhC.png
    TelcZhC.png
    37 KB · Views: 1,131
I would buy a switch that has enough ports to handle all of your devices. Then plug the firewall directly into it. Turn your current router into an Access point only and plug it into the switch. Why use two switches if you don't need to? Keep it simple.
 
ShadowPho said:
Thank you! Powerconnect looks very cool; but it's fairly expensive and serious. For once, it has fans which I would like to avoid; It's also twice of price [with 3x gigabit ports too].

I will look into Sophos UTM. Looks interesting!



How much internets do you have? I currently have 100 mbps down, and I really want to keep it :). Otherwise I might look up a cheap Athlon build [CPU $30, mobo $50], or maybe a cheap i3\atom build. The passive cooling is kind of hard though....

side note: visio 2013. Took about 10 minutes to do :).
Click to expand...

Ah ok I thought it was visio.

I currently have a 50/5mbps connection. I had that Athlon set up lying around so that's what I used, but like I said pfsense will run on nearly anything. I'm looking out for something this Jetway here so I have something small and friendly. I agree with Mpegger's drawing, but even if you put everything on the gigabit output you probably wouldn't notice a difference.
 
You must log in or register to reply here.

Similar threads

B
Comcast CGM433 Modem & Bridge Mode - SOLVED
Replies
6
Views
400
Barryng
B
B
Ethernet Cables and Best Cat Rating. Some Thoughts
Replies
3
Views
197
Railgun
Railgun
don256us
Lost internet for a day. I think it was my fault.
Replies
4
Views
704
jiminalex3
J
don256us
Ubiquiti PoE switches are too damned high.
Replies
1
Views
530
Railgun
Railgun
JDawggS316
Adding a New Switch - Help
Replies
9
Views
800
don256us
don256us
Back