From owner-freebsd-questions@freebsd.org Fri Jan 25 09:32:36 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 02BC014AECA3 for ; Fri, 25 Jan 2019 09:32:36 +0000 (UTC) (envelope-from SRS0=RKSP=QB=perdition.city=julien@bebif.be) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 2025A72128 for ; Fri, 25 Jan 2019 09:32:35 +0000 (UTC) (envelope-from SRS0=RKSP=QB=perdition.city=julien@bebif.be) Received: by mailman.ysv.freebsd.org (Postfix) id D1DB514AEC9A; Fri, 25 Jan 2019 09:32:34 +0000 (UTC) Delivered-To: questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AF41E14AEC99 for ; Fri, 25 Jan 2019 09:32:34 +0000 (UTC) (envelope-from SRS0=RKSP=QB=perdition.city=julien@bebif.be) Received: from orval.bbpf.belspo.be (orval.bbpf.belspo.be [193.191.208.90]) by mx1.freebsd.org (Postfix) with ESMTP id 49F7072125 for ; Fri, 25 Jan 2019 09:32:34 +0000 (UTC) (envelope-from SRS0=RKSP=QB=perdition.city=julien@bebif.be) Received: from mordor.lan (213.219.145.216.adsl.dyn.edpnet.net [213.219.145.216]) by orval.bbpf.belspo.be (Postfix) with ESMTPSA id AD8B11D4FC1B; Fri, 25 Jan 2019 10:32:25 +0100 (CET) Date: Fri, 25 Jan 2019 10:32:24 +0100 From: Julien Cigar To: Simon Connah Cc: questions@freebsd.org Subject: Re: Building a FreeBSD switch with commodity hardware Message-ID: <20190125093223.GF64829@mordor.lan> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="hcut4fGOf7Kh6EdG" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.11.1 (2018-12-01) X-Rspamd-Queue-Id: 49F7072125 X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.98 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.98)[-0.982,0]; REPLY(-4.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jan 2019 09:32:36 -0000 --hcut4fGOf7Kh6EdG Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jan 24, 2019 at 08:39:51PM +0000, Simon Connah wrote: > Hi everyone, >=20 > First of all I am not a networking wizard so would appreciate a little=20 > help to see if my plan is achievable. >=20 > I need a 1U switch to put in a datacentre and due to my familiarity with= =20 > FreeBSD I thought building a switch based on FreeBSD would be the=20 > perfect solution but I'm not sure what the hardware requirements would=20 > be. I have 10 to 20 1gbps Ethernet devices to connect to the switch and= =20 > a single 1gbps uplink to the rest of the internet. >=20 > I'd like to be able to configure VLANs, allocate IPv4 and IPv6 addresses= =20 > to individual machines and use FreeBSD as a firewall for the whole=20 > process. I also want to be able to expand my system at a later date if I= =20 > need to be able to handle more devices on the local network so I'd need= =20 > to be able to hook the two networks together somehow. >=20 > What I'm not sure about is what hardware specs I'll need for this. What= =20 > kind of CPU and RAM will I require and which Ethernet cards should I=20 > get? This is not a project that requires 100% up time but realiability=20 > is important during certain hours of the day. >=20 > I'd appreciate some advice. If you need any more information then let me= =20 > know and I'll try and provide it. You can also buy two "simple" L2 switches (we use two https://www.fs.com/fr/products/72944.html stacked) and buy two "small" devices where you install FreeBSD with PF, CARP, Unbound, etc (we use two https://www.netgate.com/products/rcc-ve-4860-1u.html) to do the routing/firewalling/dns cache/DHCP server/...). That's what we do here and it works like a charm for years. You'll have better performance with an L3 switch of course.. >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" --=20 Julien Cigar Belgian Biodiversity Platform (http://www.biodiversity.be) PGP fingerprint: EEF9 F697 4B68 D275 7B11 6A25 B2BB 3710 A204 23C0 No trees were killed in the creation of this message. However, many electrons were terribly inconvenienced. --hcut4fGOf7Kh6EdG Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE7vn2l0to0nV7EWolsrs3EKIEI8AFAlxK16QACgkQsrs3EKIE I8AY0g//Y4sjvfkoRcjdZk3ox+IxnAX/kfNFisZxUYMA3FcukDtVPpLjMPuYJMY/ qLLEDK9Pc74394vkvqO35bIul1k17SFso0RFO2Atk83VQt74/GeZGCtNp3aNsi08 qpUOffhrg5byhPS5r8jXUOC9BcnOcmIYxPgs+jO/y5owbqWnCXee0IBwdJRsRdVE 7lR8RqsPrnzyg+b9h7unwj1qRt3jE4h6HiK96FY1jv0/jL5nvEZXolRu+bdsxj4n kupGI5JclPpdDNMO4Eh0ukRrS1UcjM7M2CQSUEETvIfJBMb4jb06gd5+8AxEILAr G8zxKJNSBNjVis25YQxAQ37BlKz21tBrPy3hNod4tbCvzhUiA8Y90JCUlIfHfTxz D0PmOYBgLMjwclFDB1UGFuaPKFY8QXGBx4hpe+Vaw4INsGFlETi6OxVBebQQelci 2X+yZQ28910grEo6Om8A0FurP9Miilfu1hH0rueOIb6VVeq0bkFXr+Xen+lVChKC LKsek2fDrl2k2dxqwaeQb9sAwrfuTZ4Q0VNAM63K4HWkMa1WNtm0qXE9qTVux/ik kCNJ7aFXtoDWBq7Rgjp9eSQjjgBsjQuUCcfxHpkJRaEDCS0VxREFqbLA790NAieH 0k4gysctZrAfwfIABjAblgoqxSVOd+2CuwU897AWsVSsxklTVZ4= =T1r7 -----END PGP SIGNATURE----- --hcut4fGOf7Kh6EdG--