The rest of the story (what is everyone using for routers, switches, firewalls, etc?)

Status
Not open for further replies.
NorCalTechSupport

NorCalTechSupport

Explorer
Joined
Aug 25, 2014
Messages
89
Mikrotik routers that have firewall functionality built in. Then for switches we are very HP centric and I use a lot of HP Pro Curve PoE+ 24 port and 48 port models. When we just need a port or two we get the HP 2530 as it has Gb & PoE built in.
 
Spearfoot

Spearfoot

He of the long foot
Moderator
Joined
May 13, 2015
Messages
2,478
Peplink Balance 20 dual-WAN router+firewall+4-port gigabit switch
Motorola NVG-589 (AT&T Uverse, gateway+router+firewall+wireless-N AP+4-port gigabit switch)
Motorola SB-6121 (Comcast Xfinity, cablemodem)
Netgear GS108Tv2 managed switch (8 gigabit ports)
Dell 2816 managed switch (16 gigabit ports)
Various Netgear 8 and 5 port gigabit switches
Linksys 4-port 100Mb/s switch
2 x Linksys WAP54G AP's for wireless-G only
 
DaveF81

DaveF81

Explorer
Joined
Jan 28, 2014
Messages
56
Attached is a picture from my utility closet. It's not much to look at.

Recently switched out my Mini-ITX system running pfSense for a Ubiquiti EdgeMax EdgeRouter PoE (top right). Pretty much replicated the entire configuration from pfSense, complete with two outbound OpenVPN via Private Internet Access using policy based routing. A little disappointed with the OpenVPN performance, since crypto acceleration for OpenVPN is not supported right now, should I be using IPSec, it'll be a whole different story.

Rest of the equipment is a Thomson DCM475 cable modem (top left), D-Link DGS-1100-08 8-port smart switch (bottom left) mostly use for port trunking and a couple of VLANs (will replace this for something better in the near future). Not pictured is the Ubiquiti UniFi AP, being powered by the EdgeRouter.
 

Attachments

  • 20150720_163155.jpg
    20150720_163155.jpg
    270.8 KB · Views: 406
Joshua Parker Ruehlig

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
My networking closet consists of...
* modem is a Zoom 5341j
* router is a C2558 running pfsense
* 2 unmanaged 8 port switches
* wireless access point is a Nighthawk R7000 running dd-wrt
* also got my freenas, freebsd webserver, 3 UPSs, and a Keyboard-Video setup in case I need to troubleshoot a server

https://m.youtube.com/?#/watch?v=Ujekt6lFXjM
 
Joshua Parker Ruehlig

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
DaveF81 said:
Attached is a picture from my utility closet. It's not much to look at.

Recently switched out my Mini-ITX system running pfSense for a Ubiquiti EdgeMax EdgeRouter PoE (top right). Pretty much replicated the entire configuration from pfSense, complete with two outbound OpenVPN via Private Internet Access using policy based routing. A little disappointed with the OpenVPN performance, since crypto acceleration for OpenVPN is not supported right now, should I be using IPSec, it'll be a whole different story.

Rest of the equipment is a Thomson DCM475 cable modem (top left), D-Link DGS-1100-08 8-port smart switch (bottom left) mostly use for port trunking and a couple of VLANs (will replace this for something better in the near future). Not pictured is the Ubiquiti UniFi AP, being powered by the EdgeRouter.
Click to expand...
are you sure OpenVPN isn't accelerated with aes-ni? this doc page seems to say otherwise https://doc.pfsense.org/index.php/Are_cryptographic_accelerators_supported
maybe you didn't choose a supported cipher?
 
Joshua Parker Ruehlig

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
hugovsky said:
He's using the edgeRouter from Ubiquiti, not pfSense.
Click to expand...
ahh, for some reason I lost the context when I read this. was reading it way too late, lol
 
TheDubiousDubber

TheDubiousDubber

Contributor
Joined
Sep 11, 2014
Messages
193
I'm a bit of a newb here. I currently have a TP-Link Archer C7 flashed with latest DD-WRT firmware. I have my Xbox and my FreeNAS box hardwired directly to the router and all other devices are wireless so no need for any switches. It's interesting hearing about all these crazy setups. I imagine the switches are for those who have a multitude of wired devices, but what is the point of having a pfSense box? Obviously you have a lot of capabilities with it, but what advantage does it have over a nice router with custom firmware, especially when using a wireless router as an AP?
 
Jailer

Jailer

Not strong, but bad
Joined
Sep 12, 2014
Messages
4,977
TheDubiousDubber said:
I'm a bit of a newb here. I currently have a TP-Link Archer C7 flashed with latest DD-WRT firmware. I have my Xbox and my FreeNAS box hardwired directly to the router and all other devices are wireless so no need for any switches. It's interesting hearing about all these crazy setups. I imagine the switches are for those who have a multitude of wired devices, but what is the point of having a pfSense box? Obviously you have a lot of capabilities with it, but what advantage does it have over a nice router with custom firmware, especially when using a wireless router as an AP?
Click to expand...

Packages to expand the usage beyond just a router/firewall. That and the ability to easily pass all those packets for those who have access to really fast internet as long as the hardware it's installed on is up to the task.
 
Joshua Parker Ruehlig

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
TheDubiousDubber said:
I'm a bit of a newb here. I currently have a TP-Link Archer C7 flashed with latest DD-WRT firmware. I have my Xbox and my FreeNAS box hardwired directly to the router and all other devices are wireless so no need for any switches. It's interesting hearing about all these crazy setups. I imagine the switches are for those who have a multitude of wired devices, but what is the point of having a pfSense box? Obviously you have a lot of capabilities with it, but what advantage does it have over a nice router with custom firmware, especially when using a wireless router as an AP?
Click to expand...
for my house where I run some external services, I use it as my SSL terminator (HAProxy) and caching reverse-proxy (Varnish). It handles SSL connections, gzipping, and static asset caching, then passes HTTP requests to my webserver.

At some of my family members homes, where they only have a single server, I have pfsense with a jail for downloading their TV shows/media. I could have just as well had dd-wrt as the router and instead had freenas on the network, but this setup has been super stable, and that's my main goal when managing it from an hour drive away.
 
TheDubiousDubber

TheDubiousDubber

Contributor
Joined
Sep 11, 2014
Messages
193
Jailer said:
Packages to expand the usage beyond just a router/firewall. That and the ability to easily pass all those packets for those who have access to really fast internet as long as the hardware it's installed on is up to the task.
Click to expand...

I just found the doc listing a lot of the features/packages. That's a bit much for me. I'm sure that will change as I learn more, but dang. I'm hardly using all the features on my router, I can't imagine making use of many of these not to mention having to add a new piece of hardware to the mix.
 
TheDubiousDubber

TheDubiousDubber

Contributor
Joined
Sep 11, 2014
Messages
193
Joshua Parker Ruehlig said:
for my house where I run some external services, I use it as my SSL terminator (HAProxy) and caching reverse-proxy (Varnish). It handles SSL connections, gzipping, and static asset caching, then passes HTTP requests to my webserver.

At some of my family members homes, where they only have a single server, I have pfsense with a jail for downloading their TV shows/media. I could have just as well had dd-wrt as the router and instead had freenas on the network, but this setup has been super stable, and that's my main goal when managing it from an hour drive away.
Click to expand...

I think I understood about 20% of that.
 
Jailer

Jailer

Not strong, but bad
Joined
Sep 12, 2014
Messages
4,977
TheDubiousDubber said:
I just found the doc listing a lot of the features/packages. That's a bit much for me. I'm sure that will change as I learn more, but dang. I'm hardly using all the features on my router, I can't imagine making use of many of these not to mention having to add a new piece of hardware to the mix.
Click to expand...

The hardware requirements for pfsense aren't that steep unless you have something like GB internet. I'm running mine on a 13 year old P4 rig that was decommissioned so it didn't cost me a thing. I'm also running with Snort and PFblockerNG installed and it doesn't even break a sweat with my lowly 4.5/1.2 connection.
 
TheDubiousDubber

TheDubiousDubber

Contributor
Joined
Sep 11, 2014
Messages
193
Sounds like I need to do some more learning to see what I can make use of or if it is even worth the effort for me. Thanks for the input.
 
Status
Not open for further replies.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "The rest of the story (what is everyone using for routers, switches, firewalls, etc?)"

Similar threads

T
  • Locked
Enterprise Switches = great value. Need help avoiding errors
Replies
7
Views
2K
Ericloewe
Ericloewe
Bhoot
  • Locked
Need help for a project
Replies
4
Views
2K
Bhoot
Bhoot
E
  • Locked
HomeNas configuration, because everyone is not the same..
Replies
7
Views
2K
Eli Martin Leiva
E
A
pfSense VM on FreeNAS (not working)
Replies
4
Views
3K
Turgin
T
Obi-Wan
SOLVED Is the User Guide supposed to not tell you what anything *is*?
Replies
9
Views
3K
Chris Moore
Chris Moore
Top