Welcome to the new FlexRadio Community! Please review the new Community Rules and other important new Community information on the Message Board.
If you are having a problem, please refer to the product documentation or check the Help Center for known solutions.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.

pfSense firewalls for sale

K5CG
K5CG Member ✭✭
edited December 2018 in New Ideas
If anybody is interested in a pfSense firewall, I have plans to build half a dozen or so based on a stock of multi-port Gigabit Ethernet cards I have on hand.

I finished the first one today and I've listed it on eBay. I would sell at a lower price privately due to the fees. If you are interested please contact me for the friends and (Flex) family discount and other details. My email is good on qrz.com.

I built an identical one for myself and they are really great firewalls, and future proof considering the AMD CPU has AES-NI, so it will be compatible with the next major release of pfSense.

Danny
K5CG

Comments

  • K5CG
    K5CG Member ✭✭
    edited December 2018
    This unit was purchased by a Flex Community Ham and it's no longer available on eBay. I'll post some pictures of the next unit when it is ready to go.

    Thanks

  • K6OZY
    K6OZY Member ✭✭
    edited December 2018
    Can it sustain 1Gbps ~ (950Mbps realistically) both directions?   I'd like to see some iperf reports if so.
  • K5CG
    K5CG Member ✭✭
    edited December 2018
    I'll get some iperf results from another machine through one of these to the iperf server running on my "production" pfSense over GigE Ethernet.

    If I were to put a 10GbE card in it and run an iperf test to another 10GbE connected machine, would that be useful to know?
  • K6OZY
    K6OZY Member ✭✭
    edited December 2018
    Yes that would be great.  That would remove the 1Gbs bounce off 950mbps limit.   I've been looking for the lowest cost pfSense build that can sustain gigabit.

    This unit surprisingly can handle gigabit:  https://store.netgate.com/MBT-4220-system.aspx I tested this with iperf.
  • K5CG
    K5CG Member ✭✭
    edited December 2018
    I ran an iperf test from my current pfSense FW as the client to a freenas server as the server over CAT5. The CPU in the T620 hit 41% during the test.
    Client connecting to 192.168.1.12, TCP port 5001 TCP window size: 64.2 KByte (default) ------------------------------------------------------------ [  3] local 192.168.1.1 port 30289 connected with 192.168.1.12 port 5001 [ ID] Interval       Transfer     Bandwidth [  3]  0.0-10.0 sec   958 MBytes   804 Mbits/sec  
  • K6OZY
    K6OZY Member ✭✭
    edited December 2018
    Hmm. That’s not quite gigabit saturation. With TCP overhead, you should be able to run the test for as long as you want and have it be close to 940-950Mbps sustained.
  • K5CG
    K5CG Member ✭✭
    edited December 2018
    Well, this is my "production" firewall which has a bunch of services running too. pfBlocker, ntopng, OpenVPN server. I'll be able to do a cleaner test once I build the next one. Due to arrive on the 24th. I can also do the 10GbE test on that one. More to follow...

Leave a Comment

Rich Text Editor. To edit a paragraph's style, hit tab to get to the paragraph menu. From there you will be able to pick one style. Nothing defaults to paragraph. An inline formatting menu will show up when you select text. Hit tab to get into that menu. Some elements, such as rich link embeds, images, loading indicators, and error messages may get inserted into the editor. You may navigate to these using the arrow keys inside of the editor and delete them with the delete or backspace key.