I recently got a ICX6610 and now my brain has lost control over my body and wants to skip 10G and upgrade to a 40G core. The only part where I am stuck at is my router and firewall situation. I am currently running a R210 with x3430 and 8G of ram with pfsense. Pfsense can’t handle 40G from reading what people have to say about it. My next choice is Vyos but I cannot use crowdsec with it. So I am stuck.
I need recommendations on what router and firewall I should use (Free or one time cost, I am fine with cli only, and I am also open to separate firewall and routers ) which is compatible with crowdsec. Also suggestions on if I would need to upgrade my R210.
I know I cannot possibly saturate 40G its more of wth lets fucking do it.
Thanks in advance
I would also like to mention I have 0 experience with stuff like bare linux distro with iptables or something in those lines but I am open to learning and trying them out
Vyos uses netfilter iirc and Crowdsec doesnt support that.
Ah, I see, thanks
There’s an open feature request for some sort of native integration:
If you want hardware … MikroTik Routers and Wireless - Products: CCR2216-1G-12XS-2XQ
Give yourself some room for when you upgrade 40Gb (4 x 10Gb) to 100Gb (4 x 25Gb).
Also worth noting that layer-3 switches can normally route at line speed, but you lose stateful firewalling - the trade off can be worth it. Put all your fast gateways on the l3 switch, and all your slow/secure gateways on your pfsense firewall. Then use OSPF between pfsense and the l3 switch so they know how to route to each other.
The only reason to think about 40G was that the brocade has 4 ports of 40G and I originally intended it to be 10G only. My lab doesn’t exist in r/homedatacenter I really don’t think I can afford a 100G switch anytime soon let alone the optics to run it and the gear to actually use it.