# Open hardware architecture



## bsaidus (Mar 2, 2014)

Hello.
I'm wondering, if I want to deploy a firewall based on FreeBSD and don't want to use a PC but want to use an embedded hardware.  So can you enlighten me about what kind of mother board and processors exist for that?
In other words: Can I make my own hardware to run firewall based on FreeBSD and (if exists ) where to find this hardware. or where to find schema to realize that.

Excuse my English.
Thanks.


----------



## ondra_knezour (Mar 2, 2014)

See following as starters:
https://wiki.freebsd.org/FreeBSD/arm
https://wiki.freebsd.org/FreeBSD/mips
https://wiki.freebsd.org/EmbeddedHandbook
https://wiki.freebsd.org/AdrianChadd/EmbeddedDevices


----------



## bsaidus (Mar 2, 2014)

Thanks.


----------



## ralphbsz (Mar 2, 2014)

What are you trying to accomplish?  Here is what I mean by this question.  Question 1: What is the expected workload of the machine?  You say it's a firewall, probably for the typical home connection (slow connection, say a dozen Mbit/s).  Will it have no other function?  Or is it going to grow into a house server (the typical path there is PF/NAT -> DHCP -> DNS -> sendmail -> squid proxy -> apache -> file system -> NFS -> samba -> ...) ?  That progression is "logical", because once you have a functioning machine with a high-quality operating system, it's just too convenient (in terms of effort and cost) to use it for other services. 

Question 2: What are you trying to optimize for?  Probably not maximum speed (meaning high CPU power, lots of RAM, many fast disks), because your workload probably doesn't require it.  You are probably wanting to optimize for low power consumption, low cost, easy of setup and administration, and security.  And unless you are building a very very small system that has little function other than firewalling, the PC architecture is actually a pretty good compromise.  You can obviously get PCs cheap, cheaper than any embedded system (matter-of-fact, many of them are free, for a firewall you can use a system that has been discarded from other uses).  You can get x86 machines with remarkably low power consumption (a dozen to two dozen watts is not heard to accomplish, by going with an Atom or similar embedded version of the x86).  As far as ease of administration is concerned, x86 is hard to beat, because it is so ubiquitous.  Security is a wash.

What I'm really saying is: You need to think separately about the choice of CPU and instruction set, and form factor of the machine.  There are some very interesting compromises (like the Alix or the Soekris) that give you a PC-like x86 architecture, and a small form factor and low power consumption.  I ran my home server on a Soekris for several yeras, with a single 2.5" disk in it.  I was a NAT-ing firewall, internal DHCP/DNS/NTP server, wireless AP, print server, small file server, and NFS/Samba server.  Worked pretty well, but eventually it ran out of SATA ports (a single disk was not longer sufficient).


----------



## bsaidus (Mar 6, 2014)

Thank you for all answers.
I like to build a box same as fortigate with 6 or 7 net cards and install a customized FreeBSD distro like pfsense or mine.
So please tell me if there is a ready to use Box's like this or what should I do to build one's like this.
thanks


----------

