On 2016-12-15, Aaron Mason <simplersolut...@gmail.com> wrote: > All > > I'm looking for a 1U appliance that I can re-purpose into a firewall > using OpenBSD. I've tried the near-free method by using an old Lacie > Ethernet Disk appliance I had lying around, but it turns out the > onboard SATA chipset is toast on this particular unit (it freezes at > CDBOOT when it detects hard drives and the BIOS freezes when I set it > to IDE mode with drives attached, plus it only has one onboard NIC and > one PCI slot, so I can't install another SATA card without removing > the other NIC I installed), so I'm looking for other options that fit > a limited budget. > > The most important criteria are that it must be 1U and it must fit > within a 420mm (~16.5") space (for reasons I will explain below). I > have a couple of Sun Netra X1s that meet the need, but I can't push > more than ~60mbps over the onboard FE ports and they run quite hot to > the point of causing kernel panics. > > For a bit of context - I manage network and systems for a group that > run regular LAN parties at a local university, and our network > infrastructure lives in a 4RU flight case (with 420mm between the > front and rear vertical rails) currently occupied by three HP > switches. We're currently using a Sun V20Z (admittedly running > pfSense, a decision made before I took over) but it's rather > cumbersome to carry along with three Dell 1950s (two VM hosts and a > Steam cache) and a Dell 2950 (NAS, provides iSCSI to VM hosts). We > don't usually get more than 35 players and we don't do any complex > filtering on the firewall. > > I've been considering looking at old firewall appliances like Nokias, > Sonicwalls, Watchguards or Barracudas - has anyone had any luck with > getting OpenBSD on any of those or other such appliances? > > Gigabit ports would be nice (the university finally bought gigabit PoE > switches) but will accept Fast Ethernet if my budget says no.
IMHO, you can get a fairly useful decent second-hand machine for a low enough price that it's not worth the hassle repurposing or using something from before GE was common, they're going to be more hassle to get working, and old enough that you may well run into things failing through age. How about a Dell R210 or an R210 II off ebay? 400mm deep, 2 nics onboard, if you need more ports then dual-port PCIe nics are pretty cheap. If you want to cut down on weight+noise at the expense of more cost and a less powerful cpu, maybe APU2 in a 1U case or something like supermicro SYS-5018A-FTN4.
