So, I'm looking to possibly build a small PfSense Box to run as my home router/switch. This was the hardware I'm looking to use:
I'm wondering if this would be a good fit for my needs. The home connection would come into the house via a comcast provided modem, and the speed would be 90/15 ish. That modem would be connected to the PfSense box, would be connected too:
Wireless: 3-4 smartphones, 2 game consoles, 1 smart TV, and 4-5 laptops at any moment.
Wired: 2 Desktops, and 1 internet phone.
I'd also be using port forwarding to setup one of the desktops as a vpn server. This is for school where all common vpn ip's are blocked along with lots of things that are actually needed for school. The school website used to check grades is blocked on their own WiFi. Its pathetic, and I need to use my own tower as a vpn to get around the terrible-ness.
Now so I know that PfSense is more then capable of all running all these things at once, but I wanted to know if the hardware is all going to be okay for my needs.
Is there any chance that the PfSense box wouldn't be able to handle everything I need to have connected?
Would it be overkill to grab a Ubiquiti access point, or will the Asus Wireless card be enough?
Do you think the box would be capable of maxing out the gigabit nic? There might eventually be a rendering box connected to the network, and I was interested to know if this box would be capable of sustained transfers from a WiFi connected laptops to the hardwired rendering box.
I doubt very much that that wifi card will work with pfsense, I don't think it has any support at all for ac devices and only some support for n. Otherwise the hardware is good. pfsense is not a switch, you will need to get a switch as well, just bridging a bunch of network ports together is not the same as an actual switch and the performance will not be as good.
I'd suggest getting the ubiquiti AP rather than the wifi card, even if it was supported it will work much better.
You can also run a VPN server on pfsense.
I have never seen a wireless connection get anywhere near the speed of a gigabit wired connection, I wouldn't worry about maxing it out. The way you should set it up is: modem - pfsense - switch - AP and LAN, the only traffic that will go through pfsense is internet traffic so you'd only max out your gigabit nic if you had an internet connection faster than 1gbps. You could if you wanted to have one port for WAN to your modem, one for LAN to your switch and one for WiFi to your AP. But the only reason you'd do this is so you can firewall between the wifi and LAN network, if you don't need to restrict traffic between the two it will be faster and easier to have the AP connected to the switch with the rest of your LAN devices.
So I was thinking this NiC then:
And then this Switch:
Do you have a recommendation of which ubiquiti access point I should go for? I was really hoping to use that wifi card to keep the overall price really low since I already have the wifi card, and I think I will try to get it to run, but if coverage is bad or support isn't there, then I will buy the ubiquiti. I also have an intel 7260 wifi card that I will try when I build the box in the next week.
I don't think that wifi card will work at all. You should check out the supported hardware list on the pfsense website.
I think the new ac ubiquiti APs are reasonably cheap, but I haven't looked in a while.
Also you're going to want a PCI-e nic not a PCI one. Your board doesn't have a PCI slot and for a dual port card it will be a bottleneck anyway. Look for the intel 1000 PT cards.
Woops. Didn't realize it was Pci. Sooo this one then:
And then this Ubiquiti Access point:
That's a single port card if that's what you want. You can probably use the onboard NIC as well but the intel ones perform better.
The AP looks nice, there's the standard (lite) version as well if you don't need the long range version and want to save some money.
Yeah I realized that. The onboard one on the motherboard is a Realtek and I'll just deal with it, unless it just gives me too much trouble. I really wanted to get out of buying the Ubiquiti access point but from what you say, it sounds unavoidable, so to save some pennies I'll try to get by with the single port NiC. I also wanted to get the long range version of the Access Point because its going to be in an upstairs bedroom, and thats just going to be unavoidable at the moment. Its a three story house and the basement is used for random things that always seem to require wireless, so I'm going to just stick with the longer range version to cover all my bases. I considered the Pro version but I think that I can live with 2x2 instead of 3x3, so the LR will do.
I think that covers everything for the moment, if anything goes horribly wrong I'll be back! Thanks for the help!
No worries. I personally haven't had any trouble with the realtek NICs so you should be okay. You can try that other wifi card you have but the wifi support on pfsense isn't great so not sure how well it will work.
Good luck on the build.
I actually looked up the compatible hardware for PfSense which said it was the same as FreeBSD, and the Intel 7260 AC was on the list! (yay!) so I'm going to give that a shot, and if not the Ubiquiti isn't more then a few clicks and sad credit card entries away's soooo yeah.
It's the same as FreeBSD 10.1 https://www.freebsd.org/releases/10.1R/hardware.html#support
I didn't see it in there but maybe I was looking in the wrong place.
Ohhhh I was looking at FreeBSD 11 which does support it unlike 10.1. Well shite. I'm really trying to not buy this access point xD
I'm curious as to how well the AMD 5350 would work on a PFSense box. I wonder if it might be worth looking into one of those SOC motherboards with a Celeron.
I'd love to build a system like this but unfortunately that system would cost around $200-250 CAD which can be hard to justify.
You won't regret buying it, they're pretty awesome. I have one of the older (square) AC ones and it's been rock solid.
Hmmm yeah I just price checked one of those integrated celerons. AsRock has one for $70 that is interesting, but I think I like the idea of the little amd's. It uses so little power that if I can get ahold of a strong hamster and generator-running wheel combo, that I might be able to take this box off the grid! Haha but yeah I will have to look into that celeron more. It could be an interesting substitute, and I like the fact that it would be completely passively cooled out of the box...
Yeah I hope so. This project stems from me killing two pre-done, router-access point combo's. One Asus that lasted about a year, and another Netgear that lasted about as long. 2 routers in 2 years, dead. I'm really hoping that the PfSense box and ubiquiti will last me for 3-4 years, without me having to drop $200 every year... The wallet says no to the ubiquiti but I do want to not have to worry... I'll probably drop the cash tmo...
This is what I am currently using for my PfSense box. Works really well. Just get a switch with it.
Has one WAN port and two LAN ports.
Yeah, the UAP should last until it's obsolete.
I'd consider the celeron over the AMD if only for the AES-NI cryptographic acceleration support (not sure if the celeron has this or the AMD doesn't but it is an intel technology). If you end up running your VPN on the pfsense box that will come in handy, although both chips are powerful enough to handle the encryption without acceleration for your usage anyway.
Interesting, I'll have too look into that. I like the idea of building a system, and I might just to do it. I have too much fun with the building part of it all xD
@Dexter_Kane Yeah I think I'll definitely have to look into it deeper. If the performance is there and I can find it from somewhere besides superbiz, I'd rather amazon or Newegg, then I think it's a real contender.
I really don't know if one of those Celeron boards will be better or not. It may not have the performance of the AMD chip. Although, lets say PFSense is putting a 50% load on the AMD system, and its putting a 90-100% load on the Celeron when it costs you half as much in hardware. You are basically paying more for a system you aren't going to fully utilize.
That's my rational for it anyway. I'll just wait for someone smarter than me to tell me I'm wrong (which more often than not, I am).
The one I was looking at was a quad that is clocked a bit higher then the AMD so it does look promising, time to go look up every benchmark known to man xD
Yeah that's another way of looking at it. Building systems is so much fun :D