On Thu, Dec 15, 2016 at 11:30:31AM +0000, Stuart Henderson wrote: > On 2016-12-15, Aaron Mason <simplersolut...@gmail.com> wrote: > > All > > > > I'm looking for a 1U appliance that I can re-purpose into a firewall > > using OpenBSD. I've tried the near-free method by using an old Lacie > > Ethernet Disk appliance I had lying around, but it turns out the > > onboard SATA chipset is toast on this particular unit (it freezes at > > CDBOOT when it detects hard drives and the BIOS freezes when I set it > > to IDE mode with drives attached, plus it only has one onboard NIC and > > one PCI slot, so I can't install another SATA card without removing > > the other NIC I installed), so I'm looking for other options that fit > > a limited budget. > > > > The most important criteria are that it must be 1U and it must fit > > within a 420mm (~16.5") space (for reasons I will explain below). I > > have a couple of Sun Netra X1s that meet the need, but I can't push > > more than ~60mbps over the onboard FE ports and they run quite hot to > > the point of causing kernel panics. > > > > For a bit of context - I manage network and systems for a group that > > run regular LAN parties at a local university, and our network > > infrastructure lives in a 4RU flight case (with 420mm between the > > front and rear vertical rails) currently occupied by three HP > > switches. We're currently using a Sun V20Z (admittedly running > > pfSense, a decision made before I took over) but it's rather > > cumbersome to carry along with three Dell 1950s (two VM hosts and a > > Steam cache) and a Dell 2950 (NAS, provides iSCSI to VM hosts). We > > don't usually get more than 35 players and we don't do any complex > > filtering on the firewall. > > > > I've been considering looking at old firewall appliances like Nokias, > > Sonicwalls, Watchguards or Barracudas - has anyone had any luck with > > getting OpenBSD on any of those or other such appliances? > > > > Gigabit ports would be nice (the university finally bought gigabit PoE > > switches) but will accept Fast Ethernet if my budget says no. > > IMHO, you can get a fairly useful decent second-hand machine for a low > enough price that it's not worth the hassle repurposing or using something > from before GE was common, they're going to be more hassle to get working, > and old enough that you may well run into things failing through age. > > How about a Dell R210 or an R210 II off ebay? 400mm deep, 2 nics onboard, > if you need more ports then dual-port PCIe nics are pretty cheap. > If you want to cut down on weight+noise at the expense of more cost > and a less powerful cpu, maybe APU2 in a 1U case or something like > supermicro SYS-5018A-FTN4.
I can second that :-). I have a Sunfire v120 w/dual 100mbit nics, but had to stop using it as large amounts of throughput was causing panics I couldn't figure out + keep housemates happy. I ended up with a Dell R210 and couldn't be happier. It has been 100% stable since installation almost exactly a year ago now. FWIW -- noise was almost unbearable with the sunfire v120, but the r210 is actually nicely quiet. The fans spin down and I rarely hear it, it blends in with the 24 port gigabit poe switch I have. Cheers, -ryan
