Here is an interesting trick you can do with pfsense. For me, having the internet go down is worse than anything else. I have two ESXi servers, and the pfsense gateway is on one of them with a vmdk on the shared datastore. When I installed pfsense 2.1, I picked the option to allow an install to a mirrored disk, once of which is the previously mentioned vmdk. The other is a same-size vmdk on the shared datastore of the other ESXi server. Unless you are running squid or something, pfsense will not do much disk I/O, so the performance hit is not significant. This allows me to reboot if needed the storage appliance on the main ESXi server. If you happen to have HA/FT available, you can even FT protect the pfsense appliance and eliminate any single point of failure for internet access.