Virtualizing pfSense on unRaid

[denniS_redbeast]

Since I am limited on space I wanted to know if I can run a NAS, firewall and router in one ATX chasis (the NZXT Source 210 Elite). I know that the onboard NIC on my motherboard will be used for unRaid, I will also add the Supermicro AOC-SGP-I4 for unRaid do use for link aggregation for faster write speeds. On the pfSense side of things, I will use the Intel I340-T4 or the StarTech ST1000SPEX42. I know that I will have to assign that nic and a USB card to the pfSense VM. A contender for the USB card is currently this:http://www.newegg.com/Product/Product.aspx?Item=N82E16815158354&cm_re=pci_e_usb_card-_-15-158-354-_-Product
Also, the on board graphics will be given to unRaid so I am including a cheap video card as the video device for pfSense which i will also have to assign to the VM.
In the end, the rig should look something like this: http://pcpartpicker.com/p/Fq6Ypg
The price is high however there is convenience in the fact that it is an all in one solution. Is the CPU and amount of ram a good decision. I am currently desperate for answers so can someone please help. 
PS: how can I lower the total cost?

[Bittenfleax]

You could cut the cost by getting a NIC from a different source. I was looking for a 2 Port NIC for my pfSense Build and saw the price and thought it was waayyy to high. In the end I went to eBay. I normally wouldn't buy from there but I got my 2 Port Gigabit NIC for £20 compared to £50/£60 from other sources.

 

This was not second hand as well, it was new but from one of those mass eBay sellers who probably collect/have lots of spares in stock. 

 

 

I'm not sure how taxing unRAID is on hardware, but I doubt it is a lot right?! I know that pfSense can have VERY little resource consumption. If it is a small home network it will barley affect anything. 

 

That is the current usage of my pfSense build. That is with a  "AMD Athlon(tm) 5350 APU with Radeon(tm) R3 4 CPUs" CPU as well. 

 

It goes up to about 7% Usage when my one PC is downloading at full speed. (8MB/s)

[Huntsman]

I think you should get a cheap PC to run pfsense. It won't do any good if the home network can only run when you big gaming rig is on right?

[Mikensan]

Can never have to much ram, and price per gb on the disks looks good especially for those drives. I'm not crazy about those SSDs but they'll get the job done.

How to lower cost - that 6600k is hugely overkill if you're just running a NAS/firewall. Buy your 4port NIC off ebay, 4 port intels go for $50-$100.

 

Other thoughts:

The 4 port NIC may not work the way you want it to for writes to the NAS. Link aggregation gives you more paths and thus bandwidth, but will not increase a single transfer's speed. 

 

For pfSense the only issue I've come across is on a low end CPU the total throughput drops quite a bit. I'm using a celeron N2930 (in an attempt to save energy and noise) and the total throughput is ~500mbytes per second. Your i5 will have no issues. I ran pfSense virtually for almost 2 years, and you can also get away with 2 ports if you have a switch that supports VLANs.

 

 

[denniS_redbeast]

On April 15, 2016 at 9:08 AM, Huntsman said:

I think you should get a cheap PC to run pfsense. It won't do any good if the home network can only run when you big gaming rig is on right?

This isn't my gaming rig. It's my home server (NAS, plex, firewall, and router) all in one box. That was my goal but the cpu seems overkill at this point. 

 

On April 15, 2016 at 8:02 AM, Bittenfleax said:

You could cut the cost by getting a NIC from a different source. I was looking for a 2 Port NIC for my pfSense Build and saw the price and thought it was waayyy to high. In the end I went to eBay. I normally wouldn't buy from there but I got my 2 Port Gigabit NIC for £20 compared to £50/£60 from other sources.

 

This was not second hand as well, it was new but from one of those mass eBay sellers who probably collect/have lots of spares in stock. 

 

 

I'm not sure how taxing unRAID is on hardware, but I doubt it is a lot right?! I know that pfSense can have VERY little resource consumption. If it is a small home network it will barley affect anything. 

 

That is the current usage of my pfSense build. That is with a  "AMD Athlon(tm) 5350 APU with Radeon(tm) R3 4 CPUs" CPU as well. 

 

It goes up to about 7% Usage when my one PC is downloading at full speed. (8MB/s)

 

23 hours ago, Mikensan said:

Can never have to much ram, and price per gb on the disks looks good especially for those drives. I'm not crazy about those SSDs but they'll get the job done.

How to lower cost - that 6600k is hugely overkill if you're just running a NAS/firewall. Buy your 4port NIC off ebay, 4 port intels go for $50-$100.

 

Other thoughts:

The 4 port NIC may not work the way you want it to for writes to the NAS. Link aggregation gives you more paths and thus bandwidth, but will not increase a single transfer's speed. 

 

For pfSense the only issue I've come across is on a low end CPU the total throughput drops quite a bit. I'm using a celeron N2930 (in an attempt to save energy and noise) and the total throughput is ~500mbytes per second. Your i5 will have no issues. I ran pfSense virtually for almost 2 years, and you can also get away with 2 ports if you have a switch that supports VLANs.

 

 

What are VLAN's? I am planning to use this switch: m.newegg.com/Product/index?itemnumber=N82E16833122139.

However I wasn't able to find and information regarding VLAN's in the Manual. If I use a 2 port NIC it will significantly decrease my total price. 

So after some reading some manuals, I figured out the the GS116 does not support VLANs however the GS116E supports VLANs. Here's the GS116E:

m.newegg.com/Product/index?itemnumber=N82E16833122596

 

 

First of all I know that link aggregation will not give me 400 megabytes from my PC to the NAS, it's not what I am using it for) It seems as if the CPU that I chose will only get used when plex it transcoding or when link aggregation is being heavily used. As Linus proved, high speed point to point connections require a decent CPU (I know that I won't be able to achieve 400 megabytes per second when one PC is  writing to the NAS however when multiple are writing (for example after an event when all the aspiring photographers of my family want to off load all their pictures, etc.) Also, if every one of loaded their media, will they be able to edit the pictures with photoshop or similar programs without transferring them to their PC, in other words just talking complete advantage of the Cache. 

 

PS: this array won't be stopped unless me and my family is leaving for a large portion of time (AKA: Vacation) And even then I won't be stoping it cause I wanna be able to access my files (mainly movies and older files) from the NAS when I am on the go (any time I am any where I always realize That there is something that I want to show to some one but I can't cause I dont have a copy of it on my laptop or my portable hard drive. However with such a NAS, I'll be able to access it when I an connected to a reliable network). 

PS2: Since the i5-6600k is overkill, what CPU will be better, the 6600(non-K), 6500 or 6400? I'm only focusing on skylake i5's because although haswell i5's are cheaper, the motherboard availability is low.

PS3: As far as I know, I cannot use the same two NIC's since I won't be able to  differentiate between the two when I am assigning one of them two to the pfSense VM. Is that right? 

@Huntsman 

@Bittenfleax

@Mikensan

[Mikensan]

On 4/15/2016 at 3:02 PM, denniS_redbeast said:

This isn't my gaming rig. It's my home server (NAS, plex, firewall, and router) all in one box. That was my goal but the cpu seems overkill at this point. 

 

 

What are VLAN's? I am planning to use this switch: m.newegg.com/Product/index?itemnumber=N82E16833122139.

However I wasn't able to find and information regarding VLAN's in the Manual. If I use a 2 port NIC it will significantly decrease my total price. 

So after some reading some manuals, I figured out the the GS116 does not support VLANs however the GS116E supports VLANs. Here's the GS116E:

m.newegg.com/Product/index?itemnumber=N82E16833122596

 

 

First of all I know that link aggregation will not give me 400 megabytes from my PC to the NAS, it's not what I am using it for) It seems as if the CPU that I chose will only get used when plex it transcoding or when link aggregation is being heavily used. As Linus proved, high speed point to point connections require a decent CPU (I know that I won't be able to achieve 400 megabytes per second when one PC is  writing to the NAS however when multiple are writing (for example after an event when all the aspiring photographers of my family want to off load all their pictures, etc.) Also, if every one of loaded their media, will they be able to edit the pictures with photoshop or similar programs without transferring them to their PC, in other words just talking complete advantage of the Cache. 

 

PS: this array won't be stopped unless me and my family is leaving for a large portion of time (AKA: Vacation) And even then I won't be stoping it cause I wanna be able to access my files (mainly movies and older files) from the NAS when I am on the go (any time I am any where I always realize That there is something that I want to show to some one but I can't cause I dont have a copy of it on my laptop or my portable hard drive. However with such a NAS, I'll be able to access it when I an connected to a reliable network). 

PS2: Since the i5-6600k is overkill, what CPU will be better, the 6600(non-K), 6500 or 6400? I'm only focusing on skylake i5's because although haswell i5's are cheaper, the motherboard availability is low.

PS3: As far as I know, I cannot use the same two NIC's since I won't be able to  differentiate between the two when I am assigning one of them two to the pfSense VM. Is that right? 

@Huntsman 

@Bittenfleax

@Mikensan

VLANs are virtual lan segments, it is a way to separate traffic over a single wire. It has a little bit of a learning curve but not terribly difficult.

 

You'll only get use of the aggregation when reading/writing from the SSDs too - unRaid doesn't stripe so the mechanical disks will only be as fast as the slowest one.

 

Instead of assigning the entire hardware to the VM, you should be able to assign ports to VMs - allowing you to use multiple identical NICs. I'm not entirely sure of the flexibility for unRaid's VM networking. In ESXi you create a virtual switch, associate it to a single port on a card (or more if you want) and then associate your VMs to that virtual switch.

 

You can now pre-transcode movies on plex, which allows devices to direct stream various resolutions taking a large load off the CPU during streaming.

 

The Non-K is a good choice, but if it's only saving you $10-$20 then might as well go for the K :-P I tend to over-buy if it's not a giant gap in price. I guess I didn't look originally but I see you can get the i5-6600k for ~$220 which in my opinion is not too expensive. Biggest savings will be the NICs.