Re: Hardware for a PF box

[BARDOU Pierre]

Hello,



I'll try to answer every suggestion...



I'm going to buy brand new HP servers, DL360 G5 or DL165 G7. So the choice for 
CPU is between AMD Opteron 24xx or Intel Xeon 55xx.

I've read that a PIII would be sufficient : I have performance issues actually, 
running on a Xeon 2.8GHz (monocore, FSB 800, socket 604). I don't think they 
come from PF BTW, it should be logging/relayd/OpenVPN which makes the box lag.



I'm actually on a test with dual xeon E5420 on GEMERIC.MP, it runs like a 
charm. But it's borrowed hardware, I have to give it back :)



I'm very interested in separated log machine, I think I'll do that. Could you 
give me an estimation on how many Mbps I need on the log server ?

I think I'll put this on a VM, we have an ESX cluster connected to a CX3-40 SAN 
which should give enough disk I/O...



Installing SSD on the machines is way more expensive with HP hardware : 72 GB 
SAS 15Ktpm costs 260b,, 60 GB SSD costs 950b,.

HP offers no way to install a compact flash as disk drive.



Networks cards are Intel Gb, using em(4) driver.



So, with all your considerations, here's my actual setup :

* Xeon E5504 quad core @2Ghz (don't need AMD's 6 cores, and costs nearly the 
same prize than the only dual core remaining, E5502 @1.86GHz)

* 3*1GB memory (Xeon are triple channel, so I need three DIMM for maximal 
memory bandwidth)

* 2x72 Gb SAS drives on raid0 



Does it sound correct to you ?

Do you have any suggestion/modification ?



Thank you very much for the help.



--

Cordialement,

Pierre BARDOU





-----Message d'origine-----

DeB : Aaron Mason [mailto:simplersolut...@gmail.com] 

EnvoyC)B : mardi 11 mai 2010 14:01

CB : Lars Nooden

CcB : misc@openbsd.org

ObjetB : Re: Hardware for a PF box



On Tue, May 11, 2010 at 4:56 PM, Lars Nooden <lars.cura...@gmail.com> wrote:

> On Mon, 10 May 2010, Chris Smith wrote:

>>

>> What about logging in this case? Can PF logs be sent to another system

>> running a syslog daemon?

>

> You answered your own question. ;)  Look at the 'action' field explanation

> in the manual page for syslog.conf(5)

>

> About the diskless machine, many of the so-called diskless machines actually

> use flash or ssd instead of a spinning magnetic platter.  The base

> installation of openbsd is still quite small.  If you are only running PF,

> you will have a lot of space left over on a 1GB CF to make a logging

> partition.  Flash can be very slow, so volitile caches can be stored in an

> mfs partition.

>

> /Lars

>

>



OpenBSD will happily fit into about 160mb by installing only base and

etc which provide plenty for a firewall.  My 1.4GHz Toshiba laptop

acting as a wireless-wired gateway runs OpenBSD 4.6 on a 512mb USB

drive (which I'd like to replace with a CF disk on a 2.5" compatible

adapter) with space to spare.  Sure it doesn't do anywhere near as

many packets as you propose, but it handles a constantly-running

seedbox and my gaming together without skipping a beat, which is more

than I can ask for.



-- 

Aaron Mason - Programmer, open source addict

I've taken my software vows - for beta or for worse