Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - P3R

Pages: [1] 2 3 4 5 ... 17
Routing and Multi WAN / Re: WAN ISP insists on DHCP for static IPs
« on: February 11, 2018, 06:35:13 am »
My next step is to setup a second pfSense box with sync, so I want to make sure it's setup correctly before moving forward.
If you want to do HA you will find that that ISP's service is going to not work very well. You'll probably need to either get a real business-class, static service from them or use somebody else.
Oh, I missed that my question was answered already...

I have such "semi-static" DHCP-reservations from my ISP as well and find it sad that pfSense still have that limitation, as otherwise I would do HA. :'(

With the only alternative ISP, I would have to go down from symmetric gigabit to 500/50 and pay more than twice as much. I haven't even investigated if they offer static...

Routing and Multi WAN / Re: WAN ISP insists on DHCP for static IPs
« on: February 11, 2018, 04:48:31 am »
So I guess if telus doesn't see a DHCP request every day from my gateway, they deactivate my static IP.
Yes. Why not play it their way and use DHCP? Other than your wish for having static addressing, do you have any valid reason for not using DHCP?

Personally I would be more upset about the stupid procedure to have to register a MAC address. It was the standard 20 years ago but it's just administration with no advantage.

Swedish / Re: Telia Fiber och IPTV
« on: December 30, 2017, 08:37:35 am »
Switchen som jag använder är en Netgear GS105 Den är konfad på följande sätt...
Är inte Netgear GS105 en omanagerad switch?

Virtualization installations and techniques / Re: Hardening ESxi
« on: November 20, 2017, 02:20:51 am »
You could use hardware passthrough for the WAN interface to the pfSense VM instance.

Slightly more complicated to configure but that way the interface isn't even visible in ESXI networking, so less risk for administrative mistakes.

The general advice is to not have WiFi integrated in the pfSense (an AP or router in AP mode is much better) and never to use USB-connected network interfaces. Unless you have a very boring life and need new challenges, I think it's not a very good idea to combine those two into one.

Hardware / Re: HP T5740 Thin Client - Throughput question
« on: July 25, 2017, 04:41:51 pm »
As stated by Intel:
Thermal Design Power (TDP) represents the average power, in watts, the processor dissipates when operating at Base Frequency with all cores active under an Intel-defined, high-complexity workload.

I was very careful with selecting low TDPs, 10 and 17 W (and payed a premium to get them), but my CPUs are normally never even close to base frequency so I tend to think that I could have gone with normal CPUs and shouldn't have been so afraid of high TDPs. After all it's the power actually consumed that's interesting not the CPU TDP.

Hardware / Re: HP T5740 Thin Client - Throughput question
« on: July 22, 2017, 03:00:34 am »
Ahh okay, I didn't see PCI in the specifications but then it does have the PCI expansion module after all. I don't have that on mine. I still wouldn't recommend it for pfSense though because of the CPU limitations.

Hardware / Re: HP T5740 Thin Client - Throughput question
« on: July 21, 2017, 03:27:51 pm »
No AES-NI in the HP T5740 so it will be subject to the issue raised and apart from that, the Atom N280 is very slow.

Also the T5740 only have one NIC so you need to deploy VLANs and have a managed switch to use it as a firewall.

Hardware / Re: Please recommend managed switch for home use?
« on: July 20, 2017, 08:27:34 am »
10ge can be done on the cheap quite often.. Connect your nas to your switch with fiber and an sfp+ in your switch.. Depending on your switch 10ge sfps can be dirt cheap, and a fiber connection for your nas shouldn't be all that expensive either..
It's not the server side that's the problem. There are plenty of 10 GbE NASes, even affordable, around and the geeky NAS users already have them.

It's the €250 and upwards to have the 10 GbE switch ports that's out of reach. With one or two 10 GbE port (preferably copper as optical is unknown and scary) in €100 switches available in consumer channels, 10 GbE will take off big and LACP will be history (at least until 10 GbE becomes the bottleneck ;)). I'm waiting and hoping as LAGs are often misunderstood and misconfigured by home users.

Hardware / Re: Please recommend managed switch for home use?
« on: July 20, 2017, 07:48:41 am »
For starters I agree with you multiple devices in a home - most of which are Wireless!!!
Smart TVs and media players are more and more connected by wire and the wireless clients are ac.
So unless your moving LARGE files.. filling up the pipe with a backup from some machine that can saturate the pipe for long time..
That's exactly what NAS users do. Typically there's one computer using a full gigabit in larger bursts when doing backups and moving media files. When that hits the streaming, complaints are heard from other parts of the house. That's when NAS users come to the forum asking about LAGs.
What disks are in your NAS..
My home isn't typical as we rarely stream anything but Flac audio for longer times and we don't have any 4k-capable clients yet but I have 4 disks in RAID 5. Those that store video content often have more than 4 disks in RAID.
What can the disks do sustained across the wire?
Sequential access like streaming and backups is easily 2*gigabit both read and write on a 4-bay home NAS with low cost mechanical disks.

Hardware / Re: Please recommend managed switch for home use?
« on: July 20, 2017, 06:37:21 am »
The only conceivable way to utilize LACP on a small home network as I understand it would be to allow more than one user to utilize a NAS at full speed (or less speed penalty if >2 simultaneous users) simultaneously if the NAS is also configured LACP.
whether that is of any value to you depends on how you utilize your NAS, I would imagine the vast majority of home setups wouldn't benefit appreciably.
Being a member of a NAS forum that different from this forum is populated by far more normal users than geeks or professionals, I notice the main usage for home NASes being storing and streaming of multimedia and as backup destination. More and more also use it as storage for some constantly writing surveillance cameras (at least full HD today).

In a home with more than 1 person, especially when there's also kids around, there will on evenings easily be several concurrent clients of a home NAS and with 1 active computer, 2 hi-res media streams to smart TVs and/or tablets and two surveillance cameras, single gigabit NAS connections will at times be a bottleneck.

Hardware / Re: Please recommend managed switch for home use?
« on: July 20, 2017, 06:23:36 am »
My cheapest switches are only supporting VLANs (Netgear GS105E (25Euro) & Netgear GS108E (40 Euro))...
Yes the Netgear E-series, Web Managed (Plus) switches are the exception that I know of as well, that's the reason I wrote "the majority of" instead of "all" switches.
Only if one line (cable or port) is failing or gets saturated the next one will be started to use!
Yes of course but you forgot to mention the multiple concurrent nodes, that's the main requirement for LACP to be useful.
Cisco SG350-10 for ~210 Euro
D-Link DGS-1510-20 ~210 Euro
Thank you, you prove my point! Over €200 for a switch is definitely not what non-geek homes spend on a switch. If as the OP they require many ports, maybe roughly half of that is a reasonable home budget.

Hardware / Re: Please recommend managed switch for home use?
« on: July 19, 2017, 05:33:12 pm »
And, IMHO, for home use you only need VLANs. If you go further with LACP...//...thats not a home setup (and another budget).
As far as I know the majority of switches that support VLANs also support LAG and today that normally means LACP as well.

Almost every NAS, even those specifically targeting small to medium home use, have multiple NICs, LACP support and the performance to take advantage of it. As an example we can take the €200 Qnap TS-231P.

L3 switching, that I very much agree is not home use and definitely a different budget.

On a side note, I was surprised not many uses HP thin clients here. Is it because it's expensive and rather hard to get?
Most likely. Those two are rarely a good combination to make a platform hugely successful anywhere and least of all to the users of this forum... ;)

Seriously, the plus with a nic-card looks like a great low powered compact basic firewalling pfSense platform for internet connections below 500 Mbit/sec. Especially at the price you get them. :)

I have some older HP thin clients and they're low powered and compact but that's it. :(

Installation and Upgrades / Re: Install with Cisco kernel.
« on: July 09, 2017, 03:49:34 pm »
The original reason to get the machine together was to play around whit pfsense and nothing else.
Stick with the original plan.
but if I could combine it whit Cisco could it be perfect now that I am trained in Cisco.
Use Cisco Packet Tracer for that if you don't have access to the genuine hardware.

Pages: [1] 2 3 4 5 ... 17