Good low power server/pc for firewall?
Solution 1
What sort of load do you need to handle and (if you plan on needing to NAT) how many states do you anticipate needing to track? If under 50Mbit and 20k states or so, I'd highly recommend using an ALIX embedded computer. I have many of these deployed as router/firewall/vpn devices, running PFSense. PFSense is based on FreeBSD, so it's likely getting OpenBSD running on it will be quite easy. All of the units like this I've deployed are using the ALIX 2d3 board, which has three network interfaces (can add as many VLAN interfaces as you want to any of these physical interfaces), a 500MHz processor, and 256 MB RAM. They're rock-solid stable, run very cool, and draw a max of 6 watts or so.
If you need something with a bit more horsepower, then follow Wesley's advice. HP rackmount servers are very good, as long as, like he said, you stay away from the very low-end servers which are really just desktop motherboards stuffed into a rackmount case.
Edit: Total cost for the ALIX 2d3 solution will be about $150 for the board, power supply, case, and CF card.
Solution 2
Really, you just need to pick out one of the lower-end servers offered by a major vender. Just determine if you need a desktop or rackmount form factor. For example, HP's ML/DL 100 series of tower/rackmount servers would be good. Just avoid the lowest of the low such as the ML 110/115. Lowest end servers usually have some important corners that have been cut like disk controllers, NICS and management features.
You could get a decent lower end server for under $1,000 easy.
Solution 3
How about something based on a mini-itx motherboard?
- Barebones system - http://www.mini-itx.com/store/?c=40
- Motherboard only - http://linitx.com/viewproduct.php?prodid=11134
Solution 4
I 2nd the Alix + Pfsense.
I built one (http://tothelasttribe.com/blog/2009/04/building-a-firewall-pfsense-on-an-alix-2d3/), and have nothing but positive things to say about it.
-Josh
Solution 5
I am suprised that nobody mentioned the fit-PC2i that always seems to come up in this application area.
Related videos on Youtube
44 : 27
11 : 23
14 : 30
02 : 57
04 : 39
Sandra
Updated on September 17, 2022Comments
-
Sandra almost 2 years
Does anyone know of a low power server/pc that have 2 NIC's, so it can be used for a (OpenBSD) firewall?
Sandra
-
Sandra over 14 yearsRack mount would be great, but it is not that important. The biggest problem is the power consumption, as it should only be firewall for a 20Mbit connection. So I was thinking perhaps something in the 50Watt range? Does that exist?
-
Wesley over 14 years50watt? That's a bit of a stretch... You might have to go for a more specialized piece of machinery. Let us know what you find! =)
-
Sandra over 14 yearsAwesome stuff! It was just what I was looking for! =) I also found this soekris.com/net5501.htm
-
EEAA over 14 yearsYah, Soekris has been around for a long time and I do know of people running PFSense on them. For whatever reason, though, it seems like most people prefer the ALIX boards. I'm not sure if that's due to stability, performance, or some other factor. Enjoy the board! In my experience, they've been nothing but a pleasure to work with. -
Wesley over 14 yearsFit-PC rawks!! =)
-
Josh Brower over 14 yearsCheck out my post to see my exp with Alix + PfSense==tothelasttribe.com/blog/2009/04/…
-
Sandra over 14 yearsThe problem with Monowall is, that you can't access your own external IP from the inside. From that I can read, they have no plans on fixing this =( Also the dhcpd doesn't allow "Option"'s to be passed along.
-
hey over 14 yearsOT, but where did you get that from? i got the intel one from laser distributer some time back... SLS never seems to list the atom boxes on their fliers ;p
-
Joe Internet over 14 yearsNot to detract from pfSense; for those interested in DYI, there is also Vyatta Community Edition, which is built on top of Debian Linux instead of *BSD.
-
sheepbrew over 14 yearsI bought mine from Video-Pro.
-
TomTom about 14 yearsReality check: old PC's draw more power than new ones, unless you go ANCIENT. Power consumption thank heaven went DOWN the last years.
-
TomTom about 14 years+1 - that is about the best advice. Some nice micro system based on ATOM etc. will run your normal OS of any sort, draw little power and thre are boards with ton of ethernet interfaces. Plus a lot more horse power than 256mb etc. - dual core, 2gb ram are easily doable.
-
John Gardeniers about 14 years@TomTom, there is nothing in the question to indicate that the OP is looking for a low power consumption machine. I read it as meaning a low computing power machine. Only the OP can tell us which is correct but I'm getting really fed up with you downvoting my answers simply because you haven't read the question properly.
