I've used pfSense in a VM on my ESXi application server. This is mostly to firewall the Windows VMs from the Internet.
If you want fail-over, I'd suggest getting one of the new Netgate ( http://store.netgate.com/NetgateAPU2.aspx or http://store.netgate.com/1U-Rack-Mount-Systems-C84.aspx) or pfSense ( https://www.pfsense.org/hardware/#pfsense-store) embedded systems with an SSD. Then you can run a full install that supports package installs with a power budget of ~10-15 Watts for the APU units. Then you have a choice of getting a second HW unit for an additional $400 to $1000, or setting up pfSense in a VM (not on a separate VMware server, on an existing VM server). The higher end HW systems on those pages are 8 core Atom systems built for run pfSense (of course, the power requirements will be in the 100W range). With an SSD, these systems should last for a long time with no issues. How much firewall horsepower do you need? What are your constrains (time, money, space)? P.S. You can run packages on embedded in 2.2, you just want to be careful not to run packages that would trash the SD card with too many writes. Walter On Thu, Feb 5, 2015 at 9:40 AM, Chuck Mariotti <cmario...@xunity.com> wrote: > Have been using pfSense for years at our datacenter, very happy with it > running on old dedicate hardware with failover. The hardware is overdue to > be retired and I’m wondering what people are doing/recommending for a > datacenter setup. We want to use OpenVPN Server, IDS, dBandwidth, etc… so > need to keep out option open for the ability to run packages... behind it > we are running multiple servers and vCenter/ESXI servers. > > > > What’s the go-to setup for a datacenter these days? > > > > Do we stick with two dedicated boxes? > Since we pay for power, nice to have lower power… So do we go as low as > using embedded hardware? It used to not be recommended for packages… still > the case I assume? > > So I’m leaning towards some of the newer SuperMicro Atom boxes (quad core, > or 8 core!!??! etc…). > > > > But then I see so many people running pfSense in VMWare and I wonder if we > should consider this. Then I think about the hardware needs and VMWare > Licensing (would like to avoid)… and what else can I run on the hardware > along side without hurting pfSense from running properly, etc… > > > > If pfSense is setup to failover, that means the hardware can be cheap…. No > RAID needed. > > If dedicated, do I go with Hard Drives/SSD drives? USB? We need packages… > can I run it off of USB stick then or do I still need HDD/SSD? > > > > If setting up new hardware so can run pfSense as Virtual Machines… I would > need two VM Hosts running pfSense as VM’s so would have the failover... > What should we consider for the hardware in this case… should I go with > RAID w/HDD/SSD on ESXI? If pfSense is setup for failover, do I really need > RAID? But I assume I would need something reliable if I’m going to run > other non-pfsense VMs on the same hardware… so I would need RAID w/HDD/SSD > and it would need to be larger… what are other people running in datacenter > setups along side the pfSense? I don’t want to put it onto our existing > vCenter infrastructure, licensing/costs and isolation needed. Do I setup > one hardware as basic, no RAID running ESXI and pfSense, and the other more > robust setup (RAID, more memory). > > > > I’m really interested in what people are using in production > environments/datacenters. > > > > Regards, > > Chuck > > > > > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis
_______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
