OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: guest17399 on March 14, 2018, 10:31:43 pm
-
There will be two cars in the cluster. If I'm not mistaken, then the cluster can be made with the means of opensense - that is, reservation, in case one machine fails.
In total there will be 2 completely identical machines.
The configuration of one of the machines:
HP DL360 G6
Xeon x5690 x2
I350-T4
4 + 4Gb RAM
72Gb HDD SAS (DG072A8B54) - HW Raid 1
2 PSU
What will happen:
Opensense Latest
Reservation machine.
100MBps traffic to the world.
1GBps traffic on the local network.
Suricata + signatures from Snort.
BGP Community.
NAT.
What can you expect from such a machine?
How feasible are the tasks?
Will there be problems with the disk subsystem?
-
Should not bei an issue. Perhaps a decrease of Suricata, but the rest is fine
-
I'm mostly afraid only that there may not be enough disk subsystem performance. And the HDD (SAS) needs SSD.
-
Without Proxy you dont need much disk speed
-
And how voluminous logs write?
When attacking, for example.
I'm afraid that the disk space may not be enough
-
72GB? Most files are clog's .. so they have a fixed size and older entries are deleted.
-
72GB?
~68
-
You should be fine with the disk. I run 2 OPNsense boxes with 60GB SSD's and stay under 10% on disk usage. Just don't use the swapfile option during install. Be careful using too many snort rules in IDS as they can eat memory.