Hardware suggestions

Thu Apr 28 11:13:43 UTC 2011

On Wed, Apr 27, 2011 at 10:42 AM, Jaime Kikpole
<jkikpole at cairodurham.org> wrote:
> My thanks to everyone for their replies.  I guess that I wasn't
> specific enough about my needs, though.  I don't need a tiny chassis.
> In fact, I need a proxy for around 750-900 computers, so an Atom
> system or the like wouldn't work for me.  I just have no rack space
> left.  Fortunately, I might have found a way around this.
>
> So if you have any pre-built servers to recommend, I'd greatly
> appreciate it.  For example, I'm currently reviewing the Dell
> PowerEdge T310's specs.
>
>
> Nate:
>
> Thanks.  I read the handbook's entry on CARP last night.  It looks
> easier than I had previously thought.  I've started setting up a
> VMware environment of 2 FreeBSD systems and a unix desktop to try it
> out as a way to build a fail-over proxy.
>
> Looks like I'd have to stop using my current "in-line" design, though.
>  Currently, I have a FreeBSD box between my network as a whole and the
> Internet connection.  It acts as a router, a firewall, and a
> transparent proxy.  CARP would require the system to not be "in-line,"
> because a failed system would mean no router.  Did I understand that
> correctly?
>
>
> Thanks to all,
> Jaime
>
> --
> Network Administrator
> Cairo-Durham Central School District
> http://cns.cairodurham.org
>

Actually - quite the opposite. I have a very similar setup, wherein I
have two machines running CARP on multiple interfaces such that if any
interface on system A goes down, system B takes over. Both of these
machines act in the same capacity as yours, (they are
router+firewall+proxy+NAT), they are physically cabled directly to my
network switches using VLAN trunking which presents as-if multiple
separate network cards on the host (they each have gigabit fibre to
the switch, carrying 8 independent networks). Each subnet (separate
VLAN segment) routes their primary gateway through these machines
using a single IP - both are always on, always running, and each is
connected to a different core switch (which offers switching
redundancy too in the event one goes out). I'm using mostly Cisco
networking gear, but all routing and proxying is done by FreeBSD/sparc
on Sun Netra series servers.

As far as your hadrware is concerned - I'm a bit biased towards Sun or
Dell, though I've also had great experience with Compaq (now HP)
Proliant series in the passed too. Again - same deal as white-boxes,
just check the hardware list to see what's supported. When you've got
an actual make/model you're thinking of, re-post a new thread to
questions at freebsd.org with a subject as such seeking opinions and
experiences with that model - chances are someone else might already
have it. (I did take note of the Dell model you specified - just
saying might be a good idea to put that as the subject in a new
thread; sorry no experience with that model personally, though I have
several 2800-series Dell 2U servers that I'm most pleased with
offering redundant power and decent hardware raid).

-- 
Nathan Vidican
nathan at vidican.com