pfSense+ vs opnSense – Is it a competition?

I was recently caught out by the whole pfSense+ is going to be chargeable going forwards scandal that I’m sure many other pfSense users have been, I’ve kerbed my outrage, it’s not life ending, I moved from CE to Plus only a month before this happened and to be honest, apart from the inconvenience of reinstalling to move back – I can live with it howevere there is a similar alternative, a fork of the pfSense build. OPNsense.
Link to said announcement.

What a nightmare that’s been!!
I had it in my mind to swap the SSD my Dell R210 was running on anyway so whipped out the old Crucial and popped in a new one, installed OPN sense and that’s where the problems all started! Huge memory spikes (filling the 8GB hardware and 8GB swap), the firewall then proceeded to drop some services due to the memory being so high, CPU spiking to 60% plus randomly for periods. VLANs not working and I use a LAGG setup for my downlinks to LAN (I can so I do) also not coming up when needed meaning I had a situation where I managed to lock myself out due to the LAGG not coming up, a reset to factory and then start config again. Just a general nightmare.

Sat contemplating my poor life decisions, I remebered I swapped out the SSD in full, what had taken me the best part of 2 and a half hours, was reverted in a shutdown, SSD swap and power up (30 seconds max) to resume normality. Yes I have a CE reinstall to do and it does bug me I never get 1Gb any more only 850Mb (first world problem) but I am going to concentrate now on moving the interfaces to the built in ethernet and swap out the PCiE card for something 10Gb flavour.

I have read so much up on moving pf to opn and I was super excited to do so but pf for me is currently still where it’s at.

pfSense – A move to an easier life?

Even up to having the FTTP installed I was a MikroTik router through and through kidn of guy however running my CHR in the way I did meant some trade offs were made and my day to day work life forking further away from Mikrotik based or even theorised usage meant that my mind went that way for my home network as well. I did the unthinkable.

I’ve repurposed my DellR210ii which has been rebuilt with a Xeon E3-1220 v2, 8GB of RAM and an SSD. I also added in some Noctua fans to keep the noise down below a whisper as the rebuild meant it won’t be working hard as the whole install is now “bare metal” rather than the complexitiy of being virtualised.

Has it made a huge difference to my life? No. I still have a working router/firewall however it is now a decent GUI rather than an app that had to be levered onto my laptop (I’m also now a Mac boi) and to be honest the OpenVPN implementation has been a breeze to get working as has all of the firewalling and NAt rules as well as pushing on with trying to squeeze more from the LAN itself (10Gb backbone and tolerance).

I’ve gone for pfSense+ as it’s my home firewall and I qualify as such for the + usage FOC (for now) and I’m pretty happy with it. Time will tell but currently I don’t see me folding back to ESXi with a CHR running on top.

unRAID SSH Key Exchange

There’s a lot more to update you on than just this but my home setup has evolved a fair bit to the point where I need unRAID to unRAID RSYNC capability and previously I’ve done this manually. Now with SpaceInvaderOne’s guide on SSH key exchange. I have automated it. Happy days!

After a small break away…

I’m semi back. Not fully into the swing of things as I don’t thing the online gaming will ever reignite but the networky bit may evolve slightly into less Mikrotik, more variety and possibly some connectivity stuff as well.

Anyway… First update for a while, notable things to mention, PC has been upgraded to 12th Gen i7, laptop has changed now to an M1 Air and I’m moved away from the Ubiquiti wireless onto Zyxel Nebula.

Now that’s out of the way, living in the small out of city town I do, FTTP is due to be installed in 2 weeks. Fingers crossed it goes well (Openreach can go without issues sometimes).