My idea with Pfsense

Hi let me first say im sorry for language and spelling.

So were to begin, i dont consider my self a smart person but people might view it diffrent. Iike to have crazy ideas but no idea how to get them to work but with help of online guides and forums it might become a reality. and to add to this im not a person that have any education and coding and other programing languages is not my strong thing but with good explainng nothign is impossible.

Anyway that might a littlebit off topic.

So i like to experiment and try make stuff wich might not be needed for a home but this is something i would love to do

Im running a pfsense box as router and decent configed with squid, squidguard, and lightsquid. and some other junk. but i would love to use a second NIC on pfsense to connect to an swich and to an of standing cache server with alot more hdd capacity and be able to save cache files over 20+gb and to an addition to that i would love to make my own dns server with dns caching on 1 more addition pc but i have no idea how to make this.
And some people migh ask why second NIC. well my idea is to use another second ip to isolate it from my main network incase something goes bad.

i hope someone might understand my idea here and might can point me in the right path.

Get yourself a managed switch and set up some VLANs in PfSense. You can compartmentalize your IP ranges and use the firewall to isolate traffic from each of the vlans.

As for a large cache server, there is a point of diminishing returns I've found. I'm not sure where that point is for you, but for me, it was significantly less than 20gb. YMMV though.

Squid can be very helpful in situations where your bandwidth is constrained. The problem is that Squid can not cache encrypted traffic, which in these security/privacy conscious times, makes up an increasing proportion of our traffic.

O'Reilly's book, "Squid, The Definitive Guide" has an entire chapter detailing how to deploy multiple instances of Squid as well as various schemes where these neighboring caches can work together. Perhaps this is something that you could leverage?

Thanks for the replys, well it would just be an experiment sadly were i live the landlord wont fix anything bether then adsl internet so it might not be worth going for this but the experiance would be good and to learn how to do this.

And thanks for the tip about the book. im sadly not a reader beacuse i cant finde the calm to sit down to read im more of an take the screw driver crack it open se how it works the put it toghter guy

thanks again ^^ But if someone has idea on the easy way on learning more or can point were to. please do.

Will it not cache encrypted traffic even if you do the man-in-the-middle SSL interception business? If you have mostly desktop PCs that don't leave the network, you could just do that and the whole trusting the local certificate authority thing isn't too big of a security issue.

If you can get Mike Meyers' Network+ video course on Udemy while it's on sale, that's a great way to learn. Right now it's on sale for $15 (normal price is actually $200). It's pretty short videos (5min ish) so good for people like me with short attention spans lol but he does a good job explaining complicated stuff

Link: https://www.udemy.com/comptia-network-certification-n10-006-the-total-course/