FreeBSD as firewall/router on VMware ESXi
I'm going to be inheriting an old Compaq Proliant server from work to use at home. It's nothing special, has a couple PIII procs, 4GB of RAM. But it will run VMware's free ESXi product on it, which I'd like to do. We're moving to VMware at work and the more experience I get, the better. Besides, it's fun to play with!
One thing I'd like to consider doing is running a FreeBSD virtual box as my router/firewall for my home network (I have DSL). Right now that job is handled by a Buffalo router with DD-WRT on it, and I've learned some iptables from it, but I'd really like to learn from the ground up with pf.
However, my concern is the miserable network performance I think I'm seeing from FreeBSD 6.3 as a virtual device (I had problems loading 7.0 on ESXi). I read this page:
and it certainly makes sense, with the lnc driver network performance was pretty sad. Even pinging localhost gives me times around .165 ms, where as on two physical FreeBSD boxes (using fxp and sis network drivers) pinging localhost gives me responses in less than half that time.
I did use the article's advice and changed to the em driver. That did cut my ping to localhost time down a little bit (more like .141 ms). But obviously that still isn't as good as a physical box.
So, my questions would be, to anyone that has experience with this:
1. Is it worth my time to either recompile the 6.3 kernel or fight with 7.0 until it installs so I can use the le network driver instead of lnc or em?
2. Is it foolish to even attempt using a virtual machine as a gateway and firewall? (Obviously this is would just be for a tiny home network on a DSL line, so maybe I wouldn't notice a difference, but I'm curious what people's opinions are.)
Last edited by Bruco; 15th November 2008 at 12:13 AM.
|Thread||Thread Starter||Forum||Replies||Last Post|
|Is there a purpose for using pf if you have a hardware router/firewall?||guitarscn||OpenBSD Security||9||23rd January 2009 12:22 AM|
|import physical freeBSD into VMWARE (ESX) server as a vServer||ccc||FreeBSD General||6||3rd October 2008 08:04 AM|
|FreeBSD 6.1, VMWare Server , and ESX||Diceman||FreeBSD Installation and Upgrading||5||3rd August 2008 03:42 AM|
|Point-to-Point VPN + Firewall + Router (sorta) - What should I use?||Bruco||FreeBSD General||6||6th July 2008 12:09 AM|
|NIC-less FreeBSD and VMware||Nirbo||FreeBSD General||11||11th May 2008 06:34 AM|