FreeNas vs Unraid vs Openmediavault vs NAS4FREE

the main purpose for unraid, proxmox, and esxi is virtualization.

If you solely want a storage server, then those might not be suited for what you need. But you could certainly just use the storage feature of proxmox or unraid… if that is what you want. I am aware that proxmox has zfs and ceph included by default.

1 Like

pFSense: OMG… There is so much better and affordable solution… Everytime i have a new clients with this shit, my condition is to take that out… Most of the time, i replace it with Mikrotik hEX (2 Gbps @ 60$). There is even a new model hEX S. Both of them is able to encrypt ipsec/3des/AES in excess of 300 Mbps.

If you want absolutely to use x86, do yourself a favor and a least buy RouterOS! (50$ for x86, free with purchase of any Mikrotik hardware).

Check in order of throughput (depend on your budget): RB4011iGS+RM (9 Gbps @ 200$), RB1100AHx4 (7 Gbps @ 300$), CCR1009-7G-1C-1S+PC (15 Gbps @ 500$), etc.

Mikrotik routers

Proxmox is an Hypervisor, just as VMWare and KVM are. You can run almost any OS on it… with email server or anything else!

Why is RouterOS better than PFSense?

I can totally agree that buying hardware that is designed for a specific purpose, ie a buying Mikrotik or other router rather then building a computer is often a good way to go.

But why on generic x86 hardware is RouterOS better then PFSense? The BSD networking stack has had tons of praise, not that the linux stack is bad. Also, PFSense is open source(ish), while RouterOS is as closed as possible given that it is built on Linux.

2 Likes

Well I have this RouterBoard 493G I ripped from a industrial machine, I had it working but I didn’t get on it because there was a password so I resetted it and now it is fed. I don’t know what to do with it because the understand of this goes beyond me.

RouterOS is mature and has the best admin interface i ever seen in my 25 years of networking. It is very solid and supports whatever you can think of:
BGP, OSPF, MPLS, Mangling, very rich QoS, 802.1Q, QinQ, Integrated CAPsMAN, Any logging you want, Integrated sniffer, wireless site survey, etc etc etc
Management: SSH / WEB / Winbox with hierarchical commands, integrated RRD, Multi-Windows (Winbox), Scripting, etc etc etc.

I have respect for the FreeBSD stack but this is nothing compared to a real routing platform like RouterOS. The only other thing i can think of with enterprise features would be Vyos, the fork of Vyatta.

You can download RouterOS x86 and test it into a VM, see for yourself. pfSense is a piece of junk compared to this with a bad UI (it’s a wrapper for PF), limited features and poor command line. Sure it can work for simple setups, but once you’ll use RouterOS, you’ll never go back.

A Mikrotik hEX S is very cheap but you get for that ridiculous 69$ all the above features (RouterOS comes with it) with no support fees, no update fees, etc. This is a serious platform and i much prefer RouterOS management than Cisco, HP, Foundry, Brocade, etc. Vyos is not bad though management is alike Juniper.

The 493G is a cool little board, aging though. RouterOS is not that complicated once you get the base. I can take anybody who has networking knowledge to a basic management level in an hour. The management interface to use for somebody with no experience is Winbox.

Winbox is multi-window and it eases the learning, it is easier to see what’s going on. It is sadly a Winblows application but i use it with WINE on my Linux workstation, it runs fine on it.

I have tons of Mikrotik hardware (and some on x86) running on my clients sites: Multi-tunneling, OSPF, VPNs for users (whatever you want: L2TP/IPsec for Macs, PPTP for old Windows, etc) using RADIUS, Advanced QoS for VOIP, Multi-WAN with load balancing, VRRP, etc etc etc.

The bigger sites runs on CCR (Tilera CPU with multicore) and it has tons of horsepower for the price. hEX / hEX S / hAP AC2 are easily able to route and CAPsMAN for satellite sites.

Your RB493 can easily be a remote site router and can route in excess of 600 Mbps.

I came across a YouTube video that was uploaded about three months ago called Hacking MikroTik RouterOS v 6.29 (Winbox Exploit 2018)

I far as I know Pfsence doesn’t have any Exploits and I am not trying to start a flame war or argument, I just thought maybe @guyboisvert and everyone else would be interested in this information I found with a quick google search. Thanks, @guyboisvert about mentioning RouterOS I will be taking a look at it.

Can you come by my teamspeak 3 server someday and we could start setting up this badboy(RB493) then? I have no clue where to start and the info on how to setup or reset was dead in the water. So if you would be so kind. Ts3 ip: nxtts3.ddns.net

Don’t expect much as I’m 18yrs and studying last half year in vocational studies in IT in Finland.

Ok, something I should ask is what exactly do you want to do with your entire network setup. Build out a requirements list and hash out exactly what you NEED on paper before going forward. Having a clearcut direction on ‘I need this much compute, this level of networking, this much storage to run these services, etc’ makes it much easier for you to plan out and also ask others about.

That said, I am going to take just what you’ve said on your Original Post as your main requirements: A NAS server that can serve files on a LAN connection for up to 30+ concurrent users.

Any of those OS’s is technically able to do what you want, serve files. The questions are:

  • Are you aiming for highest performance, highest reliability, cheapest possible setup, etc
  • What hardware do you currently have already, as this will greatly determine cost of any setup you want to do
  • Are you wanting your own local media server? Just a fileshare for users to store their stuff? For a fileshare, are they all linux, windows, a mix? For ‘Coding’ do you mean a video encoding server?

Just some things to think about, but I’d say get a more concrete idea of what it is you need, and the answer will be much easier to answer

This nas would be just for home use, but when I said +30 users, I meant that if I would build one for the company this nas would then be able to do it.

I have too many videos on my computer and images so I want them to be moved automatically to the server, like it would be connected to my computer as an external hdd.

We have 1 linux and 2 windows, 2 android and 2 apple and later 3an 1ap and after that 4an.

I thought about buying an old nas unit so I wouldn’t have the hassle to have another computer with hdds lyingaround. “for coding” I think I meant having the files on the server and with ease to be edited, but I already set-up an gitlab server so that is no longer necessary.

Performance wise, mostly stable so I don’t need to fix much. Got other things to worry about.

Ok so you want a FreeNAS server for home use, but is powerful enough to migrate to being a company NAS of approximately 30 users? If so, what would your users primarily be doing with the files on the NAS? Just saving word documents and spreadsheets, editing video/music, storing coding projects and compiling code from the files hosted on them, just watching video/playing music, a datastore for VMs? This is what will determine your main performance requirements for the server itself.

For OS, FreeNAS and a CIFS (SMB) share will allow all those devices to connect to the same file share. FreeNAS is also very stable and has decent performance, and you could install Plex if you want to setup your own media server for watching videos across the network. FreeNAS does have some hardware requirements though, namely:

  • ZFS requires direct access to drives; No RAID cards (Perc H200/H310 flashed to IT mode are good cheap buys)
  • 8GB of RAM is a hardcoded minimum for the OS, and it is recommended to have 1GB of RAM per 1TB of hard drive space (excessive if you’re not doing deduplication), and 1GB of RAM per 10GB of L2ARC (if you find you need it, but unlikely). In general though, more RAM is better, as any leftover RAM is used for the ARC, which will store frequently accessed data in RAM for faster access thereafter
  • The OS will reserve 20% of the hard drive space when you make your storage pool (this is space lost in addition to the drive capacity lost from parity drives). This is because ZFS is a copy-on-write file system, and requires additional free space to save any data to drives. This also means your data is highly resilient against corruption though, so pros and cons

All that said, an old server like a Dell R510/R720xd make for extremely good candidates for a FreeNAS box, but there’s benefits to newer hardware as well (noise/thermals/power consumption)

Oh, and pfSense is great. Stable, well support, and easy to get things going. Highly recommend :slight_smile:

FreeNAS will do all of that, however you’ll need to be diligent with picking the correct hardware to get features such as hot-swap.

Accessing via the internet will require additional knowledge/work to securely set up the firewalling required. I would not permit it without VPN connection into your LAN.

Wanting things accessible 24/7 is not compatible with 12+ year old hardware, which is what that 945 chipset board is…

What is your budget?

Plex is a media server software. I use it so can watch my video collection on my 4k television set.

@Shadowbane

There was indeed a bug with Winbox implementation on the old v6.29 RouterOS but only dumbass were affected by exposing the management ports to the internet… and not keeping there stuff up to date. The current version is 6.43.4.

As network professional, this is the kind of basic thing you NEVER DO… But i know a case where the guy let those ports open “it makes my management easy”… and sure he got cracked…

If you don’t know what you’re doing or have the wrong way of doing things, you’ll eventually be hit by the hackers/crackers using whatever you have in hand: pfSense, RouterOS, Cisco, etc etc etc.

As for flame wars, i’m not loosing my time with this kind of stuff. I provide infos to help the community. For those who want to keep their tracks, i don’t mind.

List of pfSense CVE

1 Like

Thanks for the information that Pfsence has its bugs and hacks. I too believe in the right tools for the job. From the limited research, I have done I think I am going to prefer RouterOS over Pfsence. I think the firewall rules in RoutOS are easier to set up than Pfsence even though Pfsence has the better interface (easier to read).

@guyboisvert Does RouterOS supports OpenVPN’s protocols? There is one feature I really like in Pfsence, that is the ability to setup the firewall rules in such away that some of the traffic goes through the VPN and some don’t.

@shadowbane RouterOS doesn’t support for now OpenVPN over UDP, using TCP makes it a bad choice for that then. I can only fault them for that but to me, that’s a non issue. They never implemented OVPN over UDP like it should be, don’t ask me why!

Either i use L2TP/IPsec or i just deploy a VM for OVPN endpoint when somebody wants it. You can apply whatever filter rules you can imagine to any interfaces / group of interfaces / ip lists, etc… and of course VPN. You can’t live without this, never trust any remote ends you don’t manage.

RouterOS firewall rules goes a long way over with about anything you can imagine. Coupled with other nice features, like mangle, etc, it makes it really powerfull for complicated setups, and quite easy for “regular stuff”. Once you’ll start using Winbox and the command line to manage it, you’ll never look behind.

The WEB interface is good but Winbind, with its multi-windows and streamlined interface, is very comfortable and powerful. It is a real pleasure to admin.

Just download x86 RouterOS and install it inside a VM, try it for free. Or you could even buy one of there cheap models, it’ll have all the features as the rest of the linup:

hAP Lite @ 21.95$ - 5 ports fast ethernet router win 2.4 GHz wireless

This little 22$ box is able to route 400 Mbps and has the full RouterOS!!!

1 Like

2 notes here:

  1. Ubiquiti’s EdgeOS is based on Vyatta. The Ubiquiti Unifi line is good for someone who isn’t as confident with networking.

  2. IMO, the BSD “router” solutions (PFsense, OPNsense or even just a custom BSD box), are really most appropriate as a gateway/firewall. If you need to route a bunch of LANs/VLANs/Subnets/whatever, purpose-built hardware like Mikrotik or Ubiquiti EdgeMax routers are more appropriate. It’s not unreasonable to use both so that you can separate things like DPI/IPS/Geoblocking from routing and basic packet filtering.

2 Likes

Xeon E5504 does not support AES. You want to look for E56XX series or newer.

Edit - I see E5620 mentioned in there as well. Those do support aes-ni.

1 Like

@guyboisvert I would try RouterOS right know but I only have a Laptop (which only has one ethernet port) right now that I could spin up RouterOs. I plan to build a desktop in about two or three months, I was hoping to have all the parts I would need for a new build by Christmas, but I have had some unexpected expenses this month, so it looks like I will miss all the Black Friday sales and discounted prices offered for Christmas.

I am really interested in the RB4011iGS+RM because I would like to replace the Cincinnati Bell provided Zyxel VMG4381-B10A and all five provided ethernet ports are used right now. I would be interested in in a different model if they had an eight ethernet model, but I haven’t been able to find one in my search.

I have a few questions about the RB4011iGS+RM

  1. List item Could I completely replace my Zyxel unit with the RB4011iGS+RM or would I have to purchase a new modem and an RB4011iGS+RM unit, then connect the fiber cable that currently goes into the Wan connection in the Zyxel unit into the RB4011iGS+RM unit? Keep in mind The Zyxel unit is a combination Modem/router Wifi

  2. List item If my first question isn’t possible, then I would have to either purchase a new Modem or figure out how to put the Zyxel unit in what I believe is bridge mode and pass the network information provided by Cincinnati Bell over to the RB4011iGS+RM. The question I am asking is I want the RB4011iGS+RM unit to handle all the generating of the IP addressing?

  3. List item You said the Hap Lite is able to route 400 Mbps, what is the maximum routing ability of the RB4011iGS+RM. We currently have an asymmetrical fiber connection with 500 Mbps down and 120 Mbps up. Would the RB4011iGS+RM unit be able to handle that speed?