Re: Hardware suggestions
On Wed, Apr 27, 2011 at 10:42 AM, Jaime Kikpole wrote: > My thanks to everyone for their replies. I guess that I wasn't > specific enough about my needs, though. I don't need a tiny chassis. > In fact, I need a proxy for around 750-900 computers, so an Atom > system or the like wouldn't work for me. I just have no rack space > left. Fortunately, I might have found a way around this. > > So if you have any pre-built servers to recommend, I'd greatly > appreciate it. For example, I'm currently reviewing the Dell > PowerEdge T310's specs. > > > Nate: > > Thanks. I read the handbook's entry on CARP last night. It looks > easier than I had previously thought. I've started setting up a > VMware environment of 2 FreeBSD systems and a unix desktop to try it > out as a way to build a fail-over proxy. > > Looks like I'd have to stop using my current "in-line" design, though. > Currently, I have a FreeBSD box between my network as a whole and the > Internet connection. It acts as a router, a firewall, and a > transparent proxy. CARP would require the system to not be "in-line," > because a failed system would mean no router. Did I understand that > correctly? > > > Thanks to all, > Jaime > > -- > Network Administrator > Cairo-Durham Central School District > http://cns.cairodurham.org > Actually - quite the opposite. I have a very similar setup, wherein I have two machines running CARP on multiple interfaces such that if any interface on system A goes down, system B takes over. Both of these machines act in the same capacity as yours, (they are router+firewall+proxy+NAT), they are physically cabled directly to my network switches using VLAN trunking which presents as-if multiple separate network cards on the host (they each have gigabit fibre to the switch, carrying 8 independent networks). Each subnet (separate VLAN segment) routes their primary gateway through these machines using a single IP - both are always on, always running, and each is connected to a different core switch (which offers switching redundancy too in the event one goes out). I'm using mostly Cisco networking gear, but all routing and proxying is done by FreeBSD/sparc on Sun Netra series servers. As far as your hadrware is concerned - I'm a bit biased towards Sun or Dell, though I've also had great experience with Compaq (now HP) Proliant series in the passed too. Again - same deal as white-boxes, just check the hardware list to see what's supported. When you've got an actual make/model you're thinking of, re-post a new thread to questi...@freebsd.org with a subject as such seeking opinions and experiences with that model - chances are someone else might already have it. (I did take note of the Dell model you specified - just saying might be a good idea to put that as the subject in a new thread; sorry no experience with that model personally, though I have several 2800-series Dell 2U servers that I'm most pleased with offering redundant power and decent hardware raid). -- Nathan Vidican nat...@vidican.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Hardware suggestions
On Wed, Apr 27, 2011 at 9:42 AM, Jaime Kikpole wrote: > My thanks to everyone for their replies. I guess that I wasn't > specific enough about my needs, though. I don't need a tiny chassis. > In fact, I need a proxy for around 750-900 computers, so an Atom > system or the like wouldn't work for me. I just have no rack space > left. Fortunately, I might have found a way around this. > > So if you have any pre-built servers to recommend, I'd greatly > appreciate it. For example, I'm currently reviewing the Dell > PowerEdge T310's specs. > I have a couple of T310 in production. They are nice machines but get the intel NIC's. Nate: > > Thanks. I read the handbook's entry on CARP last night. It looks > easier than I had previously thought. I've started setting up a > VMware environment of 2 FreeBSD systems and a unix desktop to try it > out as a way to build a fail-over proxy. > > Looks like I'd have to stop using my current "in-line" design, though. > Currently, I have a FreeBSD box between my network as a whole and the > Internet connection. It acts as a router, a firewall, and a > transparent proxy. CARP would require the system to not be "in-line," > because a failed system would mean no router. Did I understand that > correctly? > If you use CARP + HAST you can achieve true HA for your proxy. And no, the device would still be inline as you describe it except there would be two of them. If you get the intel NIC's, I'd dedicate them to your real traffic and reserve the broadcom's for HAST replication. If cache consistency is not uber important for your proxy, I'd probably skip the HAST though. It's relatively slow, and may not provide enough benefit in your setup. -- Adam Vande More ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Hardware suggestions
My thanks to everyone for their replies. I guess that I wasn't specific enough about my needs, though. I don't need a tiny chassis. In fact, I need a proxy for around 750-900 computers, so an Atom system or the like wouldn't work for me. I just have no rack space left. Fortunately, I might have found a way around this. So if you have any pre-built servers to recommend, I'd greatly appreciate it. For example, I'm currently reviewing the Dell PowerEdge T310's specs. Nate: Thanks. I read the handbook's entry on CARP last night. It looks easier than I had previously thought. I've started setting up a VMware environment of 2 FreeBSD systems and a unix desktop to try it out as a way to build a fail-over proxy. Looks like I'd have to stop using my current "in-line" design, though. Currently, I have a FreeBSD box between my network as a whole and the Internet connection. It acts as a router, a firewall, and a transparent proxy. CARP would require the system to not be "in-line," because a failed system would mean no router. Did I understand that correctly? Thanks to all, Jaime -- Network Administrator Cairo-Durham Central School District http://cns.cairodurham.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Hardware suggestions
On Tue, Apr 26, 2011 at 12:04 PM, Jaime Kikpole wrote: > I'm looking for new hardware for my web filter (FreeBSD + dansguardian + > squid). > > Can anyone suggest good (or warn about bad) models of hardware for > this? I'm looking for a small tower or compact chassis (not rack > mount) with two ethernet interfaces. I'd like RAID-1 as well, if > possible. I can spend anywhere from $1,000 to $3,500. > > My current system works well (2.0GHz, dual core, 8GB RAM, RAID-1, two > 160GB disks, 3 100Mbps NICs), but I want to replace it with two > identical boxes. Right now, its a single point of failure. So I'm > hoping to rsync configs between two systems that are on line at all > times. Then, if I need up upgrade software or the hardware breaks, I > can just swap the box. > > Any pointers on this project are appreciated, especially what models > of computers would work well with FreeBSD. > > Thanks in advance, > Jaime > > -- > Network Administrator > Cairo-Durham Central School District > http://cns.cairodurham.org > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > For what it's worth, I would do two things: #1 - consult the FreeBSD hardware compatability list, (see http://www.freebsd.org/releases/8.2R/hardware.html for 8.2-RELEASE), and piece together your own white-box hardware, (ie: pick compatible system board, processor, memory, disks and controllers) usually the best bang for the buck in my experience. #2 - instead of hot-spare (having both machines there but only one plugged in) - you might want to read up on using CARP; CARP will allow automatic failover and can trigger scripts to perform actions when the failover event occurs - this may be a far better option than having to physically plug a machine in place of another. See the handbook for more detail on CARP: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/carp.html -- Nathan Vidican nat...@vidican.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Hardware suggestions
>> On Tue, 26 Apr 2011 12:04:34 -0400, >> Jaime Kikpole said: J> I'm looking for new hardware for my web filter (FreeBSD + dansguardian + J> squid). Have a look at the Ars Technica system guides for suggestions on rolling your own PC. They discuss three general-purpose systems with an eye towards good gaming performance: the Budget Box ($600-$800), the Hot Rod (slightly higher-end at $1400-1600), and the God Box for when you hit the lottery. They don't emphasize any one OS, so check against the FreeBSD hardware compatibility list. http://arstechnica.com/gadgets/guides/2011/03/ars-system-guide-march-2011-edition.ars/ -- Karl Vogel I don't speak for the USAF or my company We are reluctant to admit that we owe our liberties to men of a type that today we hate and fear - unruly men, disturbers of the peace, men who resent and denounce what Whitman called "the insolence of elected persons" - in a word, free men. --Gerald W. Johnson, American Freedom and the Press, 1958 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Hardware suggestions
On Tue, 26 Apr 2011 20:09:41 +0100 Chris Whitehouse articulated: > On 26/04/2011 18:45, Jaime Kikpole wrote: > > On Tue, Apr 26, 2011 at 12:34 PM, Chris > > Brennan wrote: > >> Just out of curiosity, why not rack-mounted boxed? > > > > Space issues. They'll have to either fit on a shelf in one of two > > rooms, depending on the outcome of some other things. > > > > Any thoughts on brand or model? > > If you google for "low power pc" you'll find some interesting > machines mostly mini-itx with atom processors. The Intel Atom is Intel's line of low-power, low-cost and low-performance x86 and x86-64 microprocessors. It sounds like the OP is interested in something more substantial. -- Jerry ✌ jerry+f...@seibercom.net Disclaimer: off-list followups get on-list replies, ignored or reported as Spam. Do not CC this poster. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Hardware suggestions
On 26/04/2011 18:45, Jaime Kikpole wrote: On Tue, Apr 26, 2011 at 12:34 PM, Chris Brennan wrote: Just out of curiosity, why not rack-mounted boxed? Space issues. They'll have to either fit on a shelf in one of two rooms, depending on the outcome of some other things. Any thoughts on brand or model? Thanks, Jaime hi If you google for "low power pc" you'll find some interesting machines mostly mini-itx with atom processors. EG you could have a look at http://www.fit-pc.com/web/fit-pc2/fit-pc2i-specifications/ and http://www.lowpowerpcs.co.uk/ I think some of these have been discussed on this list, certainly mini-itx boards have. chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Hardware suggestions
On Tue, Apr 26, 2011 at 12:34 PM, Chris Brennan wrote: > Just out of curiosity, why not rack-mounted boxed? Space issues. They'll have to either fit on a shelf in one of two rooms, depending on the outcome of some other things. Any thoughts on brand or model? Thanks, Jaime -- Network Administrator Cairo-Durham Central School District http://cns.cairodurham.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Hardware suggestions
On Tue, Apr 26, 2011 at 12:04 PM, Jaime Kikpole wrote: I'm looking for new hardware for my web filter (FreeBSD + dansguardian + > squid). > > Can anyone suggest good (or warn about bad) models of hardware for > this? I'm looking for a small tower or compact chassis (not rack > mount) with two ethernet interfaces. I'd like RAID-1 as well, if > possible. I can spend anywhere from $1,000 to $3,500. > > My current system works well (2.0GHz, dual core, 8GB RAM, RAID-1, two > 160GB disks, 3 100Mbps NICs), but I want to replace it with two > identical boxes. Right now, its a single point of failure. So I'm > hoping to rsync configs between two systems that are on line at all > times. Then, if I need up upgrade software or the hardware breaks, I > can just swap the box. > > Any pointers on this project are appreciated, especially what models > of computers would work well with FreeBSD. > > Thanks in advance, > Jaime Just out of curiosity, why not rack-mounted boxed? You don't have to necessarily mount them I ran 2 1U boxes under a desk for years, they stood up on their short edge and leaned against the wall and no one was the wiser to them being their (and they kept my feet warm in the winter :P) -- > A: Yes. > >Q: Are you sure? > >>A: Because it reverses the logical flow of conversation. > >>>Q: Why is top posting frowned upon? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Hardware suggestions
I'm looking for new hardware for my web filter (FreeBSD + dansguardian + squid). Can anyone suggest good (or warn about bad) models of hardware for this? I'm looking for a small tower or compact chassis (not rack mount) with two ethernet interfaces. I'd like RAID-1 as well, if possible. I can spend anywhere from $1,000 to $3,500. My current system works well (2.0GHz, dual core, 8GB RAM, RAID-1, two 160GB disks, 3 100Mbps NICs), but I want to replace it with two identical boxes. Right now, its a single point of failure. So I'm hoping to rsync configs between two systems that are on line at all times. Then, if I need up upgrade software or the hardware breaks, I can just swap the box. Any pointers on this project are appreciated, especially what models of computers would work well with FreeBSD. Thanks in advance, Jaime -- Network Administrator Cairo-Durham Central School District http://cns.cairodurham.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"