Large Network Hardware Needs

[amitis5]

Hi Everyone,

I'm using OPNsense in some of our smaller installations, mostly hotel and small apartments.  We landed a large residential tower (850 residences), and it's getting ready to open.  I have one server onsite with Xeon, 8 gig RAM, 256gb SSD Msata with 2 10gig sfp+ (supermicro server) and it is running fine for the few residents that are there and the office, parking, etc systems. 

My concern is when the building fully leases and moves in in the next couple of months, what do you guys think for hardware expansion needs?  I'm already noticing the mbuf climbing, and a little bit more processor load.

Should I be looking into clustering?  If so, I've seen HA options with failover, but I should be able to cluster multiple servers together for performance right?  When all is said and done, we will have over 800 VLANs running on this system.  Trying to get ahead of it.

Thanks again for the advice.

[mimugmail]

You have to mention it's a Xeon-D, thats important. If you're using CPU intensive services this won't be enough (IPS, Squid, Netflow).

Managing 800 Vlans via Firewall rules tab .. going to be fun

[ruffy91]

Forewall Rules should be manageable using Interface Groups. No need to duplicate all the rules!
Maybe you should split up the VLANs and use 3 or 4 systems. You could then also use one as pilot group for upgrades/config changes and only have 200 users complain instead of 800 :-)

Gesendet von meinem MI 9 mit Tapatalk