Page 1 of 3 123 LastLast
Results 1 to 10 of 29
  1. #1
    Untangler SidSid's Avatar
    Join Date
    Jul 2010
    Posts
    71

    Default For an elaborate home lab could this VM work?

    Core Hardware & Software:

    ESXI 5 on an Intel I5-2400 with VT-D.
    ------------------------------------
    The First ESXI 5 Virtual machine will be one Instance of PFsense physically connected to Internet.

    The second and third ESXI 5 Virtual machines will both be instances of Untangle handling two different internal networks through two different physical NICs.

    PFsense would be the router of course for the two Untangle machines through virtual NICs.

    Would this be enough horse power so that the timing would be adequate for Untangle? Or, is Untangle VMs always a poor idea even for only an elaborate home lab?

    I want to work with PFsense and two different Untangle networks at home without using three PCs if possible.

    Thanks
    Sid

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,510

    Default

    It will work, but CPU load from time to time will slow you down. But, if you don't put any other OSs on it, you should be fine.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Untangle Ninja dbunyard's Avatar
    Join Date
    Nov 2008
    Location
    Westerville, Ohio, USA
    Posts
    1,051

    Default

    Why do you need 2 different Untangle VMs? It seems like just having 3 NICs on one Untangle box would be sufficient to do what you are trying to accomplish. I actually was looking at doing something very similar at home I just couldn't come up with a box that had enough horsepower to run Astaro and Untangle. What's the rest of the spec on that box?
    Dan

    You may one day find something interesting here. Today is not that day. Tomorrow isn't looking too good either.

  4. #4
    Untangler SidSid's Avatar
    Join Date
    Jul 2010
    Posts
    71

    Default

    Quote Originally Posted by sky-knight View Post
    It will work, but CPU load from time to time will slow you down. But, if you don't put any other OSs on it, you should be fine.
    I'm not planning on any other OSs for simplicity and reliability. Would an Intel I3 be too light to handle the same?

    Thanks
    Sid

  5. #5
    Untangler SidSid's Avatar
    Join Date
    Jul 2010
    Posts
    71

    Default

    Dan,

    I'm trying to create two separate networks at home. It was my impression that this was not an Untangle feature when I reviewed similar forum posts.

    Thanks,
    Sid

  6. #6
    Untangle Ninja dbunyard's Avatar
    Join Date
    Nov 2008
    Location
    Westerville, Ohio, USA
    Posts
    1,051

    Default

    Quote Originally Posted by SidSid View Post
    Dan,

    I'm trying to create two separate networks at home. It was my impression that this was not an Untangle feature when I reviewed similar forum posts.

    Thanks,
    Sid
    Something like a 192.168.1.0/24 and a 172.16.1.0/24 both behind Untangle? You can do this as long as the Untangle box has 3 NICs. Put the WAN on one then your 192 on one and the 172 on one. It's actually a fairly easy setup and much easier than trying to maintain 2 different Untangle boxes IMHO.
    Dan

    You may one day find something interesting here. Today is not that day. Tomorrow isn't looking too good either.

  7. #7
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,510

    Default

    Better question is, why do you want to put Untangle behind PFSense? What are you using PFSense for?

    A single three interface device running Untangle can do everything the solution you've proposed will do. Except you don't have the multi-WAN features of PFSense.

    And you don't have the complexity of virtual networking, nor the resource allocation issues.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  8. #8
    Untangler
    Join Date
    Nov 2009
    Posts
    51

    Default

    Should be fine, at home I'm running a box with 2 x xeon e5310 quads (overclocked to 2.00, vt-x support but no vt-d), 24Gb ram and 9 x 15k sas drives in raid 5.

    This currently hosts my pfSense as main router and my Untangle (as transparent bridge) for my general LAN.

    The box also has another 12 or so VM's (server 2008r2, xp, 7, etc) and doesn't break a sweat, although I'm only using this box for web filtering with the lite modules.

    I've also got another box elsewhere with one quad e5310 @ 1.6 and 4Gb ram and 3 x 73Gb 15k sas in raid 5 - this also has a pfsense, an untangle, as well as a server 2008 vm for IIS, this runs fine as well, however this has never been used for webfiltering, just for email scanning.

    However I'm also interested in the multiple networks thing - my home pfSense has 3 LAN interfaces - my normal network, my test network and my voip network.

    I was thinking it would be nice to fire up another vm so I could set up another untangle for the test network, but thought it wasn't worth the bother in the end.

    I'm thinking to handle this type scenario the Untangle would need 4 NIC's - one in and one out for both subnets. Can one untangle support this kind of usage (basically run as two transparent bridges?)

    Also I haven't noticed any slow down or increase in latency, but I've intentionally decided against using a virtualised untangle to filter the VOIP lan due to the time critical nature of VOIP services. I would have no reluctance using a dedicated untangle box for this but decided it was not worth it for my home usage.
    Last edited by RGPEC; 02-26-2012 at 02:44 PM.
    weiyentan likes this.

  9. #9
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,510

    Default

    No, you can only have 1 Untangle bridge active. Well that is to say, all packets transiting an Untangle bridge will get there fine on layer 2, but they will be reconstituted based on layer 3. So one network will work, and the other will not.

    You'll need two separate Untangle installations for each IP range you want to support in this way.

    If you want Untangle to be handling all this, make it a router. It's far easier to disable NAT, and point it at different networks while still behind another router (mind you I'm still at a loss as to why you'd bother with PFSense in this position), than it is to monkey through all the quirks of UT bridges to make it work out in bridge mode.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #10
    Untangler SidSid's Avatar
    Join Date
    Jul 2010
    Posts
    71

    Default So how do I set up Untangle for mutiple networks . . .

    I was under the "false" impression that I could not have multiple NICs each with its own DHCP range.

    Quote Originally Posted by sky-knight View Post
    why do you want to put Untangle behind PFSense? What are you using PFSense for?

    A single three interface device running Untangle can do everything the solution you've proposed will do.
    ----------------------------------------------
    From . . . How do I get DHCP working on other Interfaces?

    "Please Note: Due to changes with the Source Interface matchers in v9.2, these instructions may be out of date - "
    ----------------------------------------------
    So how do I get DHCP working on other Interfaces?
    ----------------------------------------------

    I have DMZ, eth3, eth4, eth5 set as static and as one example 50.50.1.1 / 24

    Likewise under advance DHCP & DNS

    dhcp-range=eth3,030.30.1.100,30.30.1.200,14400
    dhcp-range=eth4,040.40.1.100,40.40.1.200,14400
    dhcp-range=eth5,050.50.1.100,50.50.1.200,14400

    Thanks Sid

Page 1 of 3 123 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2