I JUST finished this: Supermicro X11SBA-LN4F Review - Sweet! - ServeTheHome - Server and Workstation Reviews
Might be worth checking out.
Might be worth checking out.
N3700 is the beast! on low power with HW AES.I JUST finished this: Supermicro X11SBA-LN4F Review - Sweet! - ServeTheHome - Server and Workstation Reviews
Might be worth checking out.
is hidden that depends on the BIOS support....Whoa this might be a game changer. I did a quick search but didn't find any info about AM1 running ECC memory. Any links?
Any idea of Sophos UTM or PFsense would benefit from ECC?
that should be ok doing virt router/firewall as long the hardware supportedLots of folks on STH have virtualized their firewalls. I don't think I'd do it in a large production environment, but for home, lab, or my clients who outsource all of their small business needs it works great.
intel JXXXX and NXXXX do not support ecc sodimmThe lack of ecc on those sodimms might be a problem for some but the low power configuration and price is extremely tempting .
I didn't say broken vm, I said broken vm environment. You screw up the vm server, and it's a flaming pain to fix it if it's also your internet gateway. Yeah, you could implement multiply redundant failovers, but 1) that's actually hard on a residential internet connection without adding additional failure modes and 2) that's more stuff to screw up, especially if the only reason to be doing it is to play with things (things tend to break mostly when they're getting played with). Virtualization has its place, but it's helpful to use it when it makes sense and not because of a self-licking ice cream cone of circular requirements. In most households the home lab isn't particularly critical but the internet connection is--so why introduce an unnecessary dependency?As to hosed up vm... This, is the point of having vms. Instant restore to working state, transfer to other hardware... Virtualization adds a bunch of failsafes that a spare bare metal server has a tough time matching.
The big boss is cooking dinner and I don't know anyone with a service contract or sla's in their basementthat should be ok doing virt router/firewall as long the hardware supported
the issue is how the company get support from virt firewall..
I know that based some experience, support for virt firewall must be certified by the firewall vendor
do you want to pick apple or orange ....
btw. some componies charges your more for virt firewall supports? why?.... this is a hot topic and common today to do virt. they charge you more since you willing to do virt firewall.
best of wisdom:
listen whatever the big boss tell ..... boss do you want reall router/firewal or just virt with bla2 features? ...
You have a significant other and no requirement not to break the internet? Inconceivable!The big boss is cooking dinner and I don't know anyone with a service contract or sla's in their basement
Bolded for hilarity.I didn't say broken vm, I said broken vm environment. You screw up the vm server, and it's a flaming pain to fix it if it's also your internet gateway. Yeah, you could implement multiply redundant failovers, but 1) that's actually hard on a residential internet connection without adding additional failure modes and 2) that's more stuff to screw up, especially if the only reason to be doing it is to play with things (things tend to break mostly when they're getting played with). Virtualization has its place, but it's helpful to use it when it makes sense and not because of a self-licking ice cream cone of circular requirements. In most households the home lab isn't particularly critical but the internet connection is--so why introduce an unnecessary dependency?
That said, if you want to virtualize your firewall, go for it. But the question was why people would not do so.
Unfortunately I don't have experience with anything other than ESX, but it is difficult for me to imagine a scenario where one could screw that up to the degree of which you speak. In a single host environment (home use) you can back up the config by dd'ing the USB stick it should be installed on.I didn't say broken vm, I said broken vm environment. You screw up the vm server, and it's a flaming pain to fix it if it's also your internet gateway.
If I can't recover from a busted ESX host at home in a timely fashion and my Internet connection is down as a result, I can log into the AT&T supplied router, enable DHCP, and remove the static MAC forwarding thingie that passes through the static IP to my pfSense VM. Failing that I get a paper clip and activate the red reset button on the back.Yeah, you could implement multiply redundant failovers, but 1) that's actually hard on a residential internet connection without adding additional failure modes and 2) that's more stuff to screw up, especially if the only reason to be doing it is to play with things (things tend to break mostly when they're getting played with).
Why virtualize at home at all, then? For the same reasons you virtualize in the office - to save on power utilization, hardware costs, and physical footprint of additional devices. If you want to make the argument that there isn't a good reason for virtualization in a home environment, one could probably apply a great deal of your argument to the question of why not just use the "firewall" your ISP provides.Virtualization has its place, but it's helpful to use it when it makes sense and not because of a self-licking ice cream cone of circular requirements. In most households the home lab isn't particularly critical but the internet connection is--so why introduce an unnecessary dependency?
That said, if you want to virtualize your firewall, go for it. But the question was why people would not do so.
Why virtualize at home? Because you want to play with VMs. Why not use the ISPs firewall? Because they suck at basic functionality.Why virtualize at home at all, then? For the same reasons you virtualize in the office - to save on power utilization, hardware costs, and physical footprint of additional devices. If you want to make the argument that there isn't a good reason for virtualization in a home environment, one could probably apply a great deal of your argument to the question of why not just use the "firewall" your ISP provides.
After the fiasco that's the APU1 BIOS, I personally wouldn't give them my money until the BIOS for APU2 is actually finished. Note that the lastest APU1 BIOS is a beta from september 2014.I would get a PC-Engines APU2B4 board, it finally appears to be out of beta (although the BIOS is apparently still missing a couple of features).
Quad core AMD GX-412TC CPU with support for AES-NI and three Intel gigabit NICs for around 150 $ is pretty awesome.
It is not in stock today, but some were available yesterday, so perhaps they will be back in stock soon.
No stock on those. The nice bit is that they come with memory but no IPMI.I would get a PC-Engines board, it finally appears to be out of beta (although the BIOS is apparently still missing a couple of features).
Quad core AMD GX-412TC CPU with support for AES-NI and three Intel gigabit NICs for around 150 $ is pretty awesome.
It is not in stock today, but some were available yesterday, so perhaps they will be back in stock soon.
My understanding of the issues with the BIOS was that it was mostly due to an external contractor, Sage or something, have you or anyone else for that matter seen anything as to whether or not they have been hired to do the APU2 BIOS?After the fiasco that's the APU1 BIOS, I personally wouldn't give them my money until the BIOS for APU2 is actually finished. Note that the lastest APU1 BIOS is a beta from september 2014.
+1 for this. Always this. After getting used to remote management I could never go back....my 2016 resolution is - always IPMI.
+1 for this. Always this. After getting used to remote management I could never go back....my 2016 resolution is - always IPMI.