looking for a bsd solution

[Journer]

all i want to do is combine the features of FreeNAS and pfsense (monowall). i'm thinking the easiest way to do this would be to start with a small freeBSD install, load the deamons that they use, then try to get the web interface to work with it. or maybe i should start with monowall and add packages from there? what do you guys think? is there something out there already like this?

 

[cleverhandle]

I have no experience with those particular products, but my WAG is that the web interface is going to be hooked into a bunch of different configuration files and not be so easy to plaster on top of a base install. But if your needs are already exceeding what the prepackaged distros offer, why bother trying to emulate them? Just install BSD (I prefer Open for this kind of thing) and learn how to do it the right way. The majority of stuff you probably want to do (filtering, port forwarding, PPPoE, etc.) is really pretty straightforward anyway. And you're always going to have a lot more flexibility running the real system straight-up rather than trying to fit into a canned distribution.

 

[Journer]

Originally posted by: cleverhandle
I have no experience with those particular products, but my WAG is that the web interface is going to be hooked into a bunch of different configuration files and not be so easy to plaster on top of a base install. But if your needs are already exceeding what the prepackaged distros offer, why bother trying to emulate them? Just install BSD (I prefer Open for this kind of thing) and learn how to do it the right way. The majority of stuff you probably want to do (filtering, port forwarding, PPPoE, etc.) is really pretty straightforward anyway. And you're always going to have a lot more flexibility running the real system straight-up rather than trying to fit into a canned distribution.

yah basically what i want is:

basic routing functions
DNS server, dhcp server, ftp server, http server, port forwarding, bandwidth monitoring, RAID support, NAS daemon, traffic shaping, and a few other small things.

do you know of any limitations with BSD on a windows domain? i dont have my pfsense box on one right now but i was hoping to get a domain up when server 08 comes out for learning purposes

 

[cleverhandle]

Originally posted by: Journer
yah basically what i want is:

basic routing functions
DNS server, dhcp server, ftp server, http server, port forwarding...

Built in. Just edit a couple of text files and you're good to go.

bandwidth monitoring

There are a number of ways you can do this, depending on your needs. You may need to download extra packages.

RAID support

Software or hardware? Software RAID support will be built into the OS. I haven't done an OpenBSD install to software RAID in a while, but it used to be somewhat involved. I don't know how FreeBSD handles it. Hardware RAID support will be transparent, provided you're using a supported card - check carefully before you buy.

NAS daemon

This can mean a number of things. Do you just want file service via SMB/CIFS or something more involved?

traffic shaping

Surely there are traffic shaping solutions out there, but I haven't examined them personally. Worth Googling.

do you know of any limitations with BSD on a windows domain?

I'm not sure what you mean. Most of the functions you're talking about work at a far lower level than Windows cares about. The only thing that comes to mind is DNS - the easiest way to handle that is to delegate a subdomain to the Windows AD server for the Windows boxes and just use BIND for static, public addresses like your webserver, etc. You might consider throwing DHCP to Windows along with it just to keep AD configuration simple.

 

[nweaver]

I would try and do this on 2 boxes. Running all those services on one box, and then making that box ALSO your primary router is a bad decision security wise. Find an old P2 and install pfsense or *bsd for firewall duties alone, and get a seperate box for HTTP/FTP/SMB/DHCP/DNS duties.

 

[skyking]

Originally posted by: nweaver
I would try and do this on 2 boxes. Running all those services on one box, and then making that box ALSO your primary router is a bad decision security wise. Find an old P2 and install pfsense or *bsd for firewall duties alone, and get a seperate box for HTTP/FTP/SMB/DHCP/DNS duties.

QF good advice. The all-in-one is not only a security hazard, it makes any troubleshooting and initial setup a PITA, especially if you are not totally comfortable in the distro and CLI administration in general.

 

[Brazen]

If you only have one box to use, I would suggest splitting it up with VMWare Server and install FreeNAS in one virtual machine and pfsense in another. The difficult part will be setting up your networking; one NIC will need to be assigned a bridged interface with your internet connection and the other bridged to a nic on your internal network, then make sure your FreeNAS only uses the internal NIC (and the pfsense would use both).

 

[Goosemaster]

<--m0n0wall box (dhcp, dns, QoS, etc) + freenas box + adding another box for higher security (probably astaro or just soemthign on top of centos for better QOS and ssl vpn)

wouldn't have it any other way