* Sebastian Reitenbach <[email protected]> [2012-04-17 10:40]: > On Tuesday, April 17, 2012 09:35 CEST, Henning Brauer <[email protected]> > wrote: > > > * Marcin <[email protected]> [2012-04-17 08:59]: > > > I am looking for a hardware recommendation for a new OpenBSD based > > > firewalls. So far I have been using IBM x336s, but they are slowly > > > approaching end of life. > > > > > > What I am after: > > > * 1U i386/amd64 server, > > > * 2 sockets, > > > > what for? unless you run extremely heavy userland proxies, you don't > > get much (any) benefit, especially given that the one-socket machines > > are all 4core now. > > > > > * RAID 1 SAS/SATA controller (2 hard drives are enough) > > > > what for? that increases complexity and thus chance to fail with no > > benefit. you have no precious data on those disks and have two > > machines. > > > > I'm very happy with Supermicro X9SC* based systems, with Xeon E3-1220 > > and an Intel SSD. Check with your local supplier for exact model > > options. Superior performance, 35W idle, no trouble whatsoever, fair > > pricing. > > Sorry for hijacking the thread, but I was going to ask a very similar > question later today. > I've seen, some of those boards have IPMI interface, which would be one of my > requirements.
I don't use their ipmi, all hail cereal consoles. > The processor with its 4 cores should probably be fine handling a few > ftp-proxy and relayd. easily. > I'd like to put in two 10GB ethernet adapters, CX or fibre is still to be > decided. Looking > at the amd64.html page, I found the ixgb, ix, xge and tht supported. Looking > at the manual > pages, I'd probably go for the xge based cards, since they support checksum > offload and > VLAN tag insertion and stripping, to move some load from the CPU on to the > network cards. CPU cycles are not your problem really. memory bandwidth is another story. > I'd like to know if my assumption to the cards are right, and whether this > box would be able > to handle that kind of bandwidth the cards provide. It actually only needs to > handle about 3GB/s, > but don't want to start trunking GigaBit interfaces. Or if I'm wrong with my > assumptions, > if someone has good experience with other 10GbE adapters. it should, I think, but this is always a bit hard to predict. -- Henning Brauer, [email protected], [email protected] BS Web Services, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
