After having issues with my Netgate 4100 (see this post) and knowing all the crap Netgate has pulled the last few years, I decided to build a new Firewall capable of 10 gig routing. Hopefully this fixes my issues. If not at least I no longer have to support PFsense.
Pictures:
https://imgur.com/lTmvj4K
https://imgur.com/iVdBMnu
Hardware:
X11SSH-F Motherboard
Xeon E3-1240 v5 CPU
32GB 2400mghz RAM
ZFS Mirrored 128gb SSDs
350W Gold Rated PSU
Connect X3 Dual SFP+ NIC
Should have it production ready by next week. Really not looking forward to reconfiguring all the HAProxy/ VPN stuff, but so far already found quite a few Aliases/Rules I can cleanup.
Thanks for stopping by!
Once you start, you'll find the conversion and resetup goes by quickly. I migrated to a dedicated supermicro box as well, in hopes that PFSense could do 10gig without issues. I eventually moved my 6+ year old PFSense build from a VM over to the dedicated box..... and was disappointed. Then PFSense pulled their stunt and I finally just said F-this and rebuilt it.
1 hour - it took me 1 hour to wipe PFSense, figure out the new menus of OPNSense and get everything back online. What I had dragged my feet on for so long, turned out to be a big nothing burger. Zero issues, 10gig speedtests just fine, zero trouble with the NIC and great performance overall.
I'll leave with this - fuck PFSense, what they pulled was rediculous and an insult to homelabs and folks who like to bring production tech into their homes. They turned a great product, one I've implimented into many commercial setups, into a joke - who could ever trust them again?! I'll never recommend them and I won't be looking back.
What Supermicro box did you go with?
I have a recently acquired a SYS-5019A-FTN4 for pretty cheap as a primary network box: running things such as NUT, DNS, Wireguard, TailScale, Zabbix, Wol, etc., and It’s done great, but for some reason has an issue with the 6.2+ kernels. So I’m thinking of replacing it before I run into maintenance issues over time, and maybe use it as a new opnsense server.
Would this be able to handle 10G+, or would something else be better?
Specs:
https://www.supermicro.com/products/system/1U/5019/SYS-5019A-FTN4.cfm
Motherboard: https://www.supermicro.com/en/products/motherboard/A2SDi-8C-HLN4F
Cpu (embedded):
https://ark.intel.com/content/www/us/en/ark/products/97926/intel-atom-processor-c3758-16m-cache-up-to-2-20-ghz.html
Added:
128 GB RAM - SK Hynix 64GB 4DRx4 PC4-2400T DDR4 HMAA8GL7AMR4N-UH Server RAM
2x10GB SFP+: Mellanox ConnectX-3 Pro MCX312B-XCCT CX312B 2-Port 10GbE SFP+ Ethernet Adapter
128 gb so Hynix ssd (from factory) - boot, os
4x 1 tv samsung 980 ssd (storage, etc).