Bad idea on a server?

[TubsAlwaysWins]

Is it a bad idea to run PfSense and something like Windows Server or FreeNAS (Not sure yet) on the same server using VM's?

[Space Reptile]

why?

[TubsAlwaysWins]

Just now, Space Reptile said:

why?

Why as in why would I do it or why do I ask

[Space Reptile]

Just now, TubsAlwaysWins said:

Why as in why would I do it or why do I ask

i mean why it would be bad , linus made a tutorial about how to run w7+ freeNAS via vms on the same computer 

[samiscool51]

PfSence is designed to be a router, as far as i know it doesn't work in a virtual machine it might but it's mainly designed to work on real hardware not a virtual machine

[TubsAlwaysWins]

1 minute ago, samiscool51 said:

PfSence is designed to be a router, as far as i know it doesn't work in a virtual machine it might but it's mainly designed to work on real hardware not a virtual machine

ive heard It works on Virtual Machines

[samiscool51]

1 minute ago, TubsAlwaysWins said:

ive heard It works on Virtual Machines

even if it does it's designed to be a router, it's better just to use your ISP provided router it's cheeper and probably is the best option for most people

[TubsAlwaysWins]

1 minute ago, samiscool51 said:

even if it does it's designed to be a router, it's better just to use your ISP provided router it's cheeper and probably is the best option for most people

My ISP provided router is shit and I like PfSense. I have a Watchguard X700 but a pentium 3 isn't the best thing

[samiscool51]

2 minutes ago, TubsAlwaysWins said:

My ISP provided router is shit and I like PfSense. I have a Watchguard X700 but a pentium 3 isn't the best thing

if you are more of a power user then thats a better option for you, but for someone who just wants it to work it's the best option

i don't use my ISP router but i work as a IT Administrator so i need a quick connection to work so if something has gone wrong i can remote in and fix it

[Sir Asvald]

5 minutes ago, samiscool51 said:

even if it does it's designed to be a router, it's better just to use your ISP provided router it's cheeper and probably is the best option for most people

I've had Pfsence on a working VM box. It was running VMware ESXI 5.5. Nothing wrong with it. Now I'm using Sophos UTM Home edition. 

[TubsAlwaysWins]

Just now, samiscool51 said:

if you are more of a power user then thats a better option for you, but for someone who just wants it to work it's the best option

i don't use my ISP router but i work as a IT Administrator so i need a quick connection to work so if something has gone wrong i can remote in and fix it

I would say im definitely a power user, as well as I like fun projects

[b1uew01f]

Its possible provided the hardware is appropriate with multiple ethernet adapters but for me it doesn't make sense, just get/make a cheap system and use it like you would a 'normal' router.

 

In terms of security issues its the standard discussion about a software firewall or a hardware one - the threat physically reaches the devices you're supposed to be protecting and therefore there's additional potential the network could be comprimised - but still very unlikely.

[samiscool51]

1 minute ago, TubsAlwaysWins said:

I would say im definitely a power user, as well as I like fun projects

thats a great reason for someone like you to make a PfSence router instead of using your ISP router

say i was a amateur Tech enthusiast (like many people on the form) and i want internet, it would be cool to have a PfSence router but it would be expensive to make(depends on the system config and the value of your contrys money) and run(depends on your power bill and how much you make), a ISP router is free with your plan and consumes MUCH less power, for someone like that it's a better option but you won't get fast internet

[TubsAlwaysWins]

9 minutes ago, samiscool51 said:

thats a great reason for someone like you to make a PfSence router instead of using your ISP router

say i was a amateur Tech enthusiast (like many people on the form) and i want internet, it would be cool to have a PfSence router but it would be expensive to make(depends on the system config and the value of your contrys money) and run(depends on your power bill and how much you make), a ISP router is free with your plan and consumes MUCH less power, for someone like that it's a better option but you won't get fast internet

Well the whole idea too is that I will have FreeNAS running so my server doesnt have 8 cores and 48GB of RAM for PfSense

[samiscool51]

2 minutes ago, TubsAlwaysWins said:

Well the whole idea too is that I will have FreeNAS running so my server doesnt have 8 cores and 48GB of RAM for PfSense

if that works for you go for it! just keep in mind other people have different needs or can't do that becuse it's too expensive or other reason

[TubsAlwaysWins]

Just now, samiscool51 said:

if that works for you go for it! just keep in mind other people have different needs or can't do that becuse it's too expensive or other reason

Any thoughts on what OS to use to get VM's up and running? (basically a free replacement for UnRAID)

[samiscool51]

1 minute ago, TubsAlwaysWins said:

Any thoughts on what OS to use to get VM's up and running? (basically a free replacement for UnRAID)

Vsphere by vmware i think it's free hit i can't remember

[TubsAlwaysWins]

8 minutes ago, samiscool51 said:

Vsphere by vmware i think it's free hit i can't remember

Lol definitly not free. More like $900

[p.david]

As a Freenas user I can tell you that it can be done, though it is a lot of work and not straight forward and you must know or be willing to learn FreeBSD.  Something else to think about is if your sever loses power your router turns off as well.  Though setting one up in a jail is a great way to test out the system.

 

i am currently running a pfsense router myself, I put mind on a Dell Poweredge R200 1U sever I got on ebay for about 80 bucks and it has worked great for me.

[TapfererToaster]

46 minutes ago, TubsAlwaysWins said:

Lol definitly not free. More like $900

VMware vSphere Hypervisor (ESXi) is free up to a certain degree. I think the limit was 8vCores per VM and only 1-2 physical CPUs total.

I'm not 100% sure on the exact limits of the free version, but its normaly fine for your average homeserver.

 

You need to register on their site, and the register for ESXi. After that you should get a free key.

 

Here the instructions how to get the free license:

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2107518

[TubsAlwaysWins]

2 minutes ago, TapfererToaster said:

VMware vSphere Hypervisor (ESXi) is free up to a certain degree. I think the limit was 8vCores per VM and only 1-2 physical CPUs total.

I'm not 100% sure on the exact limits of the free version, but its normaly fine for your average homeserver.

 

You need to register on their site, and the register for ESXi. After that you should get a free key.

 

Here the instructions how to get the free license:

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2107518

Oh thanks

[tt2468]

4 hours ago, samiscool51 said:

PfSence is designed to be a router, as far as i know it doesn't work in a virtual machine it might but it's mainly designed to work on real hardware not a virtual machine

Pfsense works fine within a VM. The only issues one might face would be passing through ethernet.

[brwainer]

It all depends on the order of software. 

 

• FreeNAS: wants direct access to the sata ports that the drives are plugged into. This ideally means you would buy an HBA card and use passthrough in ESXi so that FreeNAS is the only thing that can see the sata ports on the HBA. Alternatively you can use FreeNAS as your base OS and runs VMs within it (you should research the difference between VMs and Jails). I would not go with this approach.
• PFSense: will work on anything that it has appropriate ethernet drivers for. This includes running in a VM - but there are two types of vitualized ethernet adaptors - the first type emulates a well-known NIC, Like an Intel PRO/1000. This means that nearly every guest OS would support it, but you have more overhead. The second type is a direct virtual NIC. This has less overhead, meaning better performance and less CPU time wasted, but the guest OS has to have drivers for it. You should look up what types of ethernet adaptors your host OS can supply, and which of this PFSense supports.
• ESXi: Free and widely supported.
• HyperV Server: Free and almost as widely supported as ESXi, within nearly all the same features. The downside is that PCIe device passthrough is much harder to set up, and very finicky about what motherboards will even support it - this is for security reasons. But on the plus side you get Storage Spaces, which is vastly different from ZFS/FreeNAS but for most uses is equivalent. This means that your hypervisor also takes care of your storage pool/redundancy. I personally prefer this approach and it is how my homelab of 3 seperate servers is run.

Regardless of the host OS (FreeNAS, ESXi, or HyperV Server), you will need at least two ethernet ports on your server. Port #1 should only be usable by PFSense, and should be your WAN port to connect to your modem. Not even your host OS should be able to communicate via this port (or via the virtual switch you create on it). Port #2 is where everything else, like the host OS, PFSense LAN, and other VMs, and the rest of your network should be connected. You can change which port is which, the importnat thing is that the only OS that can use the WAN port should be PFSense.

[TubsAlwaysWins]

4 minutes ago, tt2468 said:

Pfsense works fine within a VM. The only issues one might face would be passing through ethernet.

Like back to FreeNAS?

[Eniqmatic]

8 hours ago, samiscool51 said:

PfSence is designed to be a router, as far as i know it doesn't work in a virtual machine it might but it's mainly designed to work on real hardware not a virtual machine

Please don't spread incorrect information, it works perfectly well in a VM. Providing design it correctly, no issues with running in a vm either.