Disclaimer: Use this guide at your own risk! I accept no responsibility fordamages that may occur.
This guide comes after many painful hours getting everything setup just right. The mostchallenging part of this process will most likely be the problems encountered with missing orbroken packages in the ports system. I found that using a combination of ports and pkg_addseemed to do the trick. Be patient, because you will find the end product to be one of the moststable, secure and reliable firewalls you will ever use.
Recommended hardware
Server systems.
I always had good luck with the Compaq/HP DL380 or DL360 systems. FreeBSDsupports all of the components and installs very easily on these systems.
Processor.
Try to use a dual-core or higher. You can buy one for under $100.00 now, so there is noreason to go cheap on the processor. As services are added to the appliance, you will be glad youinvested in a decent CPU.
Memory.
Try to use registered memory if possible. This type of memory has better recoverymechanisms built in and is designed for 24x7 environments. A good 2-4GB of DDR2 or DDR3 of registered dual channel memory will do the trick.
Motherboard and Chipset.
SuperMicro makes some great server boards for those that want tobuilt your own. Cheap desktop boards will work, but may not live up to the requirements of a 24x7operation. FreeBSD works well with pretty much any Intel, AMD or Nvidia chipset. I personally hadvery good luck with the Nforce series chipsets. Pay very close attention to those integrated NIC'son the motherboards... some of them are not supported, especially if they are new.
Network Card.
You will need three Gigabit network cards (the WAN port can be 100Mbps). IntelPro1000's (e1000 driver) are good network cards and are widely supported. I have also usedSyskonnect and Nvidia Nforce network cards with great success. Most systems have twointegrated Gigabit NIC's, so one add-on card may be all that is required.
RAID.
There are many options out there (software vs hardware, etc). I always recommend truehardware RAID. The card is a dedicated resource and does not require any software on the O/S tobuild or maintain the RAID set. Get a decent card that has at least 256MB of cache, a batterybackup (BBU) and runs on at least a PCI-X 133 or PCIe 8x bus. Most decent cards you can buy nowwill run on a PCIe bus, which will give a significant performance boost over legacy PCI buses.
Hard Disks.
SATA is getting much better, but I still recommend 10-15K SAS for most 24x7environments. You get a substantial performance boost and these drives have a higher MTBFrating/Warranty. Try to get at least 4 drives so you can create a RAID1+0 array. This will give youthe best blend of performance and reliability without costing too much. If you must go with SATAdrives, make sure they are enterprise grade (examples: WD RE3, WD Raptor, Seagate ES.2).
Preconfiguration Steps
BIOS
. FreeBSD can be a little picky about ACPI at times so make sure your BIOS is up to the latestrevision. If you have updated and you experience problems during the beginning of theinstallation, try to start the installation without ACPI enabled (there will be an option for this at theinitial boot menu).
RAID Controller.
When creating your hardware RAID set, it may be a good idea to add a hot-swap-spare. You also want to make sure you have enabled write-back cache and the batterybackup unit (BBU) prior to completing the RAID configuration.
Download and install FreeBSD 8.0
Leave a Comment
Congrats great guide dude :)
uploaded a new revision for this document (#12)