It depends as you mentioned it is Alpha software and really both could be an
issue. For example right now I'm using 82.4 and I have to reboot for
Firewall / Rules changes to take affect. Since I have two firewalls and
they fail over seamlessly (well not entirely for some reason it fails over
to the backup just fine but when it preempts back to the primary some
outbound services seem to lose connectivity, no idea why) I can make rules
changes without loss of connectivity (ideally) during that reboot.
pfsense is damn impressive software. for about 2400 bucks (i'm using some
pretty beefy firewalls which are complete overkill for what I actually need)
I've got a fully redudant firewall setup that would have cost me 5-10x (ever
seen how much a firewall with 1 or 2 Gig interfaces costs? I've got 6 in
each of mine) that with a commercial setup and it gives me equal or better
performance with no licensing fees. pfsense has features that are otherwise
only available in commercial firewalls.
-Matt
----- Original Message -----
From: "Mojo Jojo" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Monday, September 12, 2005 10:17 PM
Subject: Re: [pfSense-discussion] Production Use?
This sounds like a sweet setup, the failover is one of the big reasons I
am looking at this software.
When you say "make a change", do you mean a change to the software
versions etc. or just simple things like adding rules and such?
Should I expect it to break by just using it or are you referring to
upgrades to the core product etc?
----- Original Message -----
From: "Matthew Lenz" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Monday, September 12, 2005 10:05 PM
Subject: Re: [pfSense-discussion] Production Use?
If you have two firewalls and are going to do failover I'd say go for it.
If you only have one you can't make a change and see if it breaks stuff
and still recover quickly. If you have two you can simply disable CARP
on the malfunctioning firewall until its fixed. Its worked well for me
and I haven't had any issues that resulted in any downtime.
----- Original Message -----
From: "Mojo Jojo" <[EMAIL PROTECTED]>
I am new to the list and PfSense, hope you folks don't mind a few newb
questions from me over the next few days.
The first and most important one is this...
I have 8 or 10 web/email type servers to protect at one of our
locations.
I know that PfSense is an Alpha product and it would be my own fault if
I used it for production use and got burnt.
However, I have been looking at the website for a few months and, well,
I need a solution and this looks great!
So, my question is, would any of you folks out there who may be
protecting web/email servers that are pretty much mission critical to
your business, dare use this product right now to do so?
Thanks in advance for any advice you can give!
