PCPartPicker

  • Log In
  • Register

Build

pfSense Router Build

by kevdogger

7
8 Comments

Part List View full price breakdown

  • Storage

  • Storage

  • Custom

    $361.30 (Purchased)Mini PC 7th Gen Kaby Lake Intel i5 7200u 2.5GHz Dual Core fanless case 6 lan mini server pc support AES-NI
  • Custom

    $120.00 (Purchased)16GB SODIMM DDR4 2133MHZ 2RX8
  • Custom

    $120.00 (Purchased)16GB SODIMM DDR4 2133MHZ 2RX8
    • $919.28

      Total:

Details

Date Published

March 23, 2019

Description

This is a protectli like device used to create a virtualized pfSense router. I use xcp-ng as the hypervisor and installed pfSense as a Virtual Machine. Ubuntu is additionally installed as another virtual machine within the hypervisor and the Xen Orchestra Community edition is installed within Ubuntu. Xen Orchestra acts as a control mechanism of the xcp-ng machine where snapshots or backups or created and exported to a local FreeNAS box (Not pictured).

Comments Sorted by:

ColdConduct 1 Build 1 point 29 days ago

Would like to get into this stuff one day. Were you self-taught? Part of your day job or somethin'? Nice work, though.

kevdogger submitter 1 Build 2 points 29 days ago

I guess I'd say I was self taught. I don't work in the computer industry although I would like to -- maybe someday if I could go back in time. The actual hardware build in this case is extremely easy. In terms of installing a hypervisor and then virtualizing the router software, the best resource I can think of are the videos from Lawrence Systems on YouTube https://www.youtube.com/channel/UCHkYOD-3fZbuGhwsADBd9ZQ. He goes into a lot of detail about hardware selection, firewalls, and hypervisors. After watching the videos you'll see its fairly easy and straightforward to do -- although I think some knowledge of linux is necessary.

ColdConduct 1 Build 1 point 29 days ago

Thank you for the response, I'll look into it. And, yeah, figured as much with the Linux knowledge as a prerequisite. I'm still too hesitant to run anything other than a Mint dual-boot until I become more familiar with it. Opens up a whole new world when you dive into that stuff. Take care.

kevdogger submitter 1 Build 2 points 28 days ago

Just keep doing what you're doing and you'll be great. I ran Ubuntu starting with 7.04 as a dual boot for a long time until I started replacing computers and converted the old computers exclusively to Linux. Overtime I just learned more and more. I eventually tried FreeBSD within VirtualBox and then eventually built a FreeNAS box (which runs on FreeBSD). It's been really fun learning along the way -- if you enjoy such things.

codex41 3 Builds 1 point 28 days ago

For someone completely unfamiliar with any of this, what is the purpose of this build? what does this do better than my sub-$100 router? do routers normally have this much storage/ram?

kevdogger submitter 1 Build 2 points 28 days ago

Honestly you are probably right. Currently its probably overkill for my situation for home use however I'm slowly migrating toward introducing vlans (for example video cameras/monitoring equipment on one VLAN, servers on another and mobile devices for another) for different components of the system and for running an OpenVPN server on a different LAN. I also wanted a more restrictive firewall and actually wanted to experiment with the IDS (Intrusion Detection System) that pfSense offers. All these features I admit are probably overkill for home use however once you start playing with tools that are used in the corporate world it starts becoming very addictive. Additionally right now the router is connected to 2 wired Airport Extremes that act as Access Points. I actually want to change these sometime to Unifi AC-PRO access points that act more like a mesh network seen in corporate environments. The Unifi Products require separate controller and in this situation it will be fairly easy to create the controller by creating another VM within the xcp-ng hypervisor and installing the necessary software. https://arstechnica.com/gadgets/2015/10/review-ubiquiti-unifi-made-me-realize-how-terrible-consumer-wi-fi-gear-is/ and https://arstechnica.com/information-technology/2018/07/enterprise-wi-fi-at-home-part-two-reflecting-on-almost-three-years-with-pro-gear/

codex41 3 Builds 1 point 25 days ago

That's pretty sweet! A lot of it goes beyond what I would need, but everyone needs a hobby! Kudos to your assumed SO for letting you tinker around lol

andyshinn 2 Builds 1 point 28 days ago

Pretty neat. I had never heard of xcp-ng. I've done a lot of ESX and XenServer in the past but xcp-ng looks like a free alternative.