Getting started with networking as a beginner—router, firewall, and ad blocker setup.
Getting started with networking as a beginner—router, firewall, and ad blocker setup.
You're planning to set up a router/firewall OS on a Celeron N5105 with six i226V NICs. You're considering PFSense and organizing the network into several segments: WAN, LAN (including a wireless AP using your existing Orbi), a guest LAN, a Pi Hole Ad Blocker, and a NAS (Synology). You're thinking about using a budget N100 switch with at least two 10GBE ports. Your router has a 256GB drive, but you're concerned about storage usage and potential issues. You're new to networking and want advice.
You could avoid adding another device entirely by using the pfSense plugin pfblockerng along with appropriate blocklists. Another option is to set up Proxmox, dedicating separate resources for pfSense and an ad blocker, then installing both together. I favor AdGuard over PiHole because it’s easier to manage. I’ve seen users incorporate AdGuard blocklists inside pfblockerng. The main drawback of this approach is that all components rely on a single piece of hardware running continuously. If it fails, the whole system stops working. But since only two services are running together, the risk is lower. Adding more services increases the chance you’ll need bare metal solutions. On the plus side, you cut down on power use, heat output, and space requirements. I’ve recently stepped away from pfSense for a while, opting for a simpler configuration while focusing on other priorities. That means my advice might be outdated a bit. I recall that pfSense CE lagged behind in hardware compatibility compared to pfSense Plus. Depending on your choice, make sure it supports the NICs your device uses. Don’t overlook SFP/SFP+ if you need high bandwidth over short distances. It’s possible you’ll find that your costs and heat output are lower at these speeds than with Ethernet. By the way, investing in a quality UPS with surge protection and line conditioning is essential for expensive network gear. You probably won’t realize how crucial backup power becomes until your equipment fails due to a corrupt write during a power outage. Of course, if your power supply is stable and you’re not prone to lightning, this investment may be less urgent or can wait until funds allow.
It's great to hear you found the details helpful. I value the straightforward approach of having one machine handle multiple functions. I believe the Celeron N5105 has sufficient power for additional tasks. Honestly, my hesitation comes from limited experience with Proxmox. I plan to set up a network before diving into new projects. If needed, I'm flexible. I’m interested in exploring the pfSense plugin and tried building OPNsense but faced setup challenges. I found its GUI easier, though I wanted to test it fully. The N100 was initially chosen as an ad blocker, but I now see the importance of a reliable UPS. I use Cat6E cabling between my PC and NAS since both have standard NICs and no SFP+ support. I opted for 10GBE due to heavy photography work and storing Photoshop files on the NAS. For remote switching, I’d consider RJ45 on one side and SFP+ on the other if required. Anyone has suggestions for a quality switch—preferably at least two 10GBE ports plus four more?
I'll take a look. Appreciate the help. Do you know any reliable sources for setting up pfSense? Maybe a helpful video could clarify the issue with data flow? I was able to install it but haven't resolved the connectivity problem yet.