Netgate Store

Author Topic: Is the SG-3100 a good fit for my network?  (Read 406 times)

0 Members and 1 Guest are viewing this topic.

Offline appleCIDR

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Is the SG-3100 a good fit for my network?
« on: May 02, 2018, 09:25:34 pm »
Hi All,

I have been mostly a DIY pfSense guy, but am now planning to install pfSense on my corporate network. A little more about the network - there are about 20 daily laptop/desktop users, about 25 mobile devices that are endpoint devices. There are 3 servers in a DMZ and 4 hypervisor boxes. Data exchange between these devices and to the Internet is frequent and large in volume (albeit not as many connections).

I was hoping to receive your feedback on how viable it would be to implement the following configuration on the SG-3100.

WAN - to the ISP
LAN - to a wireless router that services local laptops and phones (I'm doing this because the router we are using is a very expensive one that we need to make the most out of)
 
As for the hypervisors, I was planning to hook one of the sg-3100 interfaces up to a switch that connected all the hypervisors to the network. And the DMZ would have a similar set up as well

This left me with two questions -

1. Will this hypervisor set up work?
2. Are there enough NICs on the device for the hypervisor and DMZ network, or will this warrant a VLAN setup?


I have some academic background in networking but not a lot of professional experience - so please pardon me if some of the above questions don't make a lot of sense. I would love some feedback on how I could plan this network.

Thank you!



Online johnpoz

  • Hero Member
  • *****
  • Posts: 16026
  • Karma: +1529/-221
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Is the SG-3100 a good fit for my network?
« Reply #1 on: May 03, 2018, 09:53:16 am »
I have a sg-3100 in one of our branch offices.  Handles all the guest internet traffic - there are sometimes well over 20 devices using this connection, and at some point will route some other traffic over this connection.

The 3100 comes with 2 router interfaces and the 4 switch ports.  The switch ports can be broken out to specific interfaces via vlan on the 3100, so you could have 6 total interfaces - keep in mind there is a 2.5gbps uplink from the switch ports to the soc..  Which could be a bit of a bottleneck depending on your use case, etc.

Does that help?
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.3-RELEASE (work)
1x SG-3100 2.4.3-RELEASE (work)
1x SG-4860 2.4.3-RELEASE-p1 (home)

Offline appleCIDR

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Is the SG-3100 a good fit for my network?
« Reply #2 on: May 03, 2018, 02:30:21 pm »
@johnpoz This definitely helps. Thank you.

Do netgate devices come with any features that would otherwise be non-configurable on a re-purposed pfSense box?

Online johnpoz

  • Hero Member
  • *****
  • Posts: 16026
  • Karma: +1529/-221
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Is the SG-3100 a good fit for my network?
« Reply #3 on: May 04, 2018, 07:07:29 am »
The factory image has some tweaks to have it run better on netgate hardware..  But no there is not loss of features.. And appliance will come with 1 year gold, and you will get access to couple of packages the CE doesn't get..  Some wizards and such..


- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.3-RELEASE (work)
1x SG-3100 2.4.3-RELEASE (work)
1x SG-4860 2.4.3-RELEASE-p1 (home)

Offline behemyth

  • Jr. Member
  • **
  • Posts: 49
  • Karma: +3/-0
    • View Profile
Re: Is the SG-3100 a good fit for my network?
« Reply #4 on: May 14, 2018, 10:07:00 pm »
Would the 3100 handle a gig connection, if I'm not using any of the switch ports on it? I'd really like to stop using a VM and move to a physical appliance, i just want to make sure i get the right one for me.

-Thanks

Offline gsmornot

  • Jr. Member
  • **
  • Posts: 72
  • Karma: +3/-0
    • View Profile
Re: Is the SG-3100 a good fit for my network?
« Reply #5 on: May 14, 2018, 10:51:00 pm »
The factory image has some tweaks to have it run better on netgate hardware..  But no there is not loss of features.. And appliance will come with 1 year gold, and you will get access to couple of packages the CE doesn't get..  Some wizards and such..
I must not have a factory image on mine because I have never seen those options. I got my image from the support portal link. Not sure Iíd use them, just saying.

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 10570
  • Karma: +1209/-324
    • View Profile
Re: Is the SG-3100 a good fit for my network?
« Reply #6 on: May 15, 2018, 12:20:56 am »
There is no community version for the SG-3100, only Netgate "factory". If you reinstall the system you will probably have to reinstall those factory feature packahes using the package manager.
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline gsmornot

  • Jr. Member
  • **
  • Posts: 72
  • Karma: +3/-0
    • View Profile
Re: Is the SG-3100 a good fit for my network?
« Reply #7 on: May 15, 2018, 06:13:51 am »
There is no community version for the SG-3100, only Netgate "factory". If you reinstall the system you will probably have to reinstall those factory feature packahes using the package manager.
Well, that makes it easy. Iíve reloaded it every other week I think since Iíve  had it playing with snapshots and breaking things to learn. I just didnít notice the option package. Thanks for the info.

Offline jahonix

  • Hero Member
  • *****
  • Posts: 2677
  • Karma: +162/-28
  • volunteer since 2006
    • View Profile
Re: Is the SG-3100 a good fit for my network?
« Reply #8 on: May 15, 2018, 04:31:08 pm »
... playing with snapshots ...
On an SG-3100?
There are no publicly available snapshots for ARM installations of pfSense.
https://www.pfsense.org/snapshots/
Chris