mirror of
https://github.com/opnsense/docs
synced 2024-11-10 19:10:55 +00:00
18b58b320a
commit 4fc58db7f361fca140119665107f562333ec416c
Author: Ad Schellevis <ad@opnsense.org>
Date: Fri Apr 7 18:52:35 2023 +0200
minor compile issue in https://github.com/opnsense/docs/pull/465
commit 5859bb84be40f20358549ec014f571e9c70858da
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Apr 4 17:08:55 2023 +0200
troubleshooting : add webgui recovery help, ipsec: explain async crypto a bit better
commit b2189c500314e67607952fd8eae68ccea72a3e17
Author: Ad Schellevis <ad@opnsense.org>
Date: Wed Mar 29 16:27:46 2023 +0200
VPN/IPsec/Examples - add a note about connecting childre. closes https://github.com/opnsense/core/issues/6451
commit e0bb5a46fe8cd46334b3849503b29aa4c28a4ff2
Author: Ad Schellevis <ad@opnsense.org>
Date: Wed Mar 29 14:26:56 2023 +0200
changelogs
commit b002a92e8e2cbd202e23d823079a5c69aa8e4d5c
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Mar 28 17:03:30 2023 +0200
System/Settings/Administration - minor fixes
commit e6c02aa1864c1f229e33f2046272351f4a25ef8a
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Mar 28 16:48:45 2023 +0200
System/Settings/Administration - reorganise settings a bit and add missing options. Also explain the risks of using "listen interfaces" and how to properly use them. Loopbacks are intended to create the environment needed to reliably bind a service in a changing world.
commit 1fae5cc8a81fda2ba790c2e3cfc357f46f2c6d8b
Author: Stephan <stephan.de.wit@deciso.com>
Date: Tue Mar 28 16:24:13 2023 +0200
unbound: update reporting/advanced/blocklist documentation
commit 8ffa3e1565bff8b8ffb986d7dd447e7f5371805f
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Mar 28 08:58:44 2023 +0200
update api endpoints
commit 07f9f614b6fa49847bd78b013d8c664c3ac50940
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Mar 28 08:56:00 2023 +0200
changelogs
commit f234f235b404a25e7b9af8ca27796369b53a0277
Author: Ad Schellevis <ad@opnsense.org>
Date: Mon Mar 27 17:38:49 2023 +0200
Access / Servers / Radius - add mnissing options
commit f6fc23f09ea2ec3b626f07ab92bac7b2e04e0001
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Mar 21 16:57:03 2023 +0100
changelogs
commit 831b0d54a209b13c54e9f4272a705d198cab86b2
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Mar 21 16:36:02 2023 +0100
IPS: change Emerging Threats documentation links
commit 1ed441a7fcce20a33d5c9eaccc0d63af663b9332
Author: Ad Schellevis <ad@opnsense.org>
Date: Fri Mar 17 15:30:16 2023 +0100
Interfaces: Diagnostics: Ping - update documentation, closes https://github.com/opnsense/core/issues/6378
commit f7e4ee76c158f2a0b73ae5a74c77ecb451b5dbd7
Author: Ad Schellevis <ad@opnsense.org>
Date: Thu Mar 16 21:59:34 2023 +0100
Interfaces: Diagnostics: Ping - documentation for https://github.com/opnsense/core/issues/6378
commit 82e2801b67
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Fri Apr 7 00:21:10 2023 +0300
Update zenarmor_hardwarerequirements.rst
Hardware Requirements content updated
commit 72e65f07e3
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Thu Apr 6 15:51:35 2023 +0300
Update zenarmor_hardwarerequirements.rst
HW req. Table Updated
commit 2d8e780e62
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 14:49:39 2023 +0300
Update zenarmor.rst
commit 59cde54661
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 14:43:18 2023 +0300
Update zenarmor_install.rst
commit 13a60a4564
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 14:38:36 2023 +0300
Update zenarmor.rst
commit 9fd1a80b34
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 14:35:54 2023 +0300
Update zenarmor.rst
commit 5f08f24b5f
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 14:28:47 2023 +0300
Update zenarmor.rst
commit 29e34ff9c2
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:33:23 2023 +0300
Update zenarmor_install.rst
commit b4e97197f1
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:28:16 2023 +0300
Update zenarmor.rst
commit 4b36e1f03e
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:21:25 2023 +0300
Update zenarmor.rst
commit a20fd312d0
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:16:38 2023 +0300
Update zenarmor.rst
commit 647a134479
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:16:11 2023 +0300
Update zenarmor.rst
Feature list is updated
commit b573a10a2d
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:12:12 2023 +0300
Update zenarmor.rst
Youtube URL Updated
commit e9d2a63c00
Merge: e132115 f3c6e5b
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:10:46 2023 +0300
Merge branch 'opnsense:master' into master
commit e132115879
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Mon Nov 7 15:32:39 2022 +0300
Update zenarmor_install.rst
commit e348b92a5b
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Mon Nov 7 15:25:03 2022 +0300
Update zenarmor_install.rst
commit 0709b7a09a
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Fri Nov 4 15:41:44 2022 +0300
Update zenarmor_install.rst
commit b64a2e497b
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Fri Nov 4 15:38:05 2022 +0300
Update zenarmor_install.rst
commit 3f660a01e8
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Fri Nov 4 15:16:46 2022 +0300
Update zenarmor_hardwarerequirements.rst
commit 2d3883035d
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Fri Nov 4 15:04:34 2022 +0300
Update zenarmor_hardwarerequirements.rst
65 lines
3.9 KiB
ReStructuredText
65 lines
3.9 KiB
ReStructuredText
========================================
|
|
Zenarmor (Sensei): Hardware Requirements
|
|
========================================
|
|
|
|
Due to the nature of deep packet analysis and detailed drill-down reporting functionality, Zenarmor requires more hardware resources than a standard L3-L4 firewall.
|
|
|
|
**Note**
|
|
|
|
With the Sensei 1.5 release, you can offload your reporting database to an external system. This allows you to be able to run Zenarmor on systems with a constrained amount of RAM.
|
|
|
|
|
|
It is recommended that you check if your Ethernet adapter functions well with netmap.
|
|
|
|
-------------
|
|
CPU & Memory
|
|
-------------
|
|
|
|
Because the analytics module relies on Elasticsearch to process large amounts of data, the amount of the memory available in the system is crucial for the overall performance of Zenarmor.
|
|
|
|
**Tip**
|
|
|
|
If the number of active devices are more than 500 and the sustained WAN bandwidth is higher than 500 Mbps, we do not recommend deploying Zenarmor as a virtual guest since resources in virtual environments are generally shared between guest systems.
|
|
|
|
Below is the recommended minimum hardware requirements for Zenarmor based on the number of devices and the amount of sustained bandwidth:
|
|
|
|
===================== ========================= ================== ======================================================================
|
|
**# Active Devices** **Maximum WAN Bandwidth** **Minimum Memory** **Minimum CPU**
|
|
0-50 300 Mbps 1 GB A Dual-Core CPU (x86_64 compatible, single core PassMark score of 200)
|
|
50-100 500 Mbps - 10 Kpps 4 GB Intel Dual-Core i3 2.0 GHz (2 Cores, 4 Threads) or equivalent
|
|
100-250 1 Gbps - 20 Kpps 8 GB Intel Dual-Core i5 2.2 GHz (2 Cores, 4 Threads) or equivalent
|
|
250-1000 1-2 Gbps 40 Kpps 16 GB Intel Dual-Core i5 3.20 GHz (2 Cores, 4 Threads) or equivalent
|
|
1000-2000 1-2 Gbps 32 GB Intel Quad-Core i7 3.40 GHz (4 Cores, 8 Threads) or equivalent
|
|
2000+ 2-4.5 Gbps 64 GB Intel Quad-Core i9 3.0 GHz (24 Cores, 48 Threads) or equivalent
|
|
===================== ========================= ================== ======================================================================
|
|
|
|
**Note**
|
|
|
|
Zenarmor requires at least 1 GB of memory. Installer will not continue if you have less than 1 GB of RAM. We recommend 8 GB memory to have an exceptional reporting experience with elasticsearch database.
|
|
|
|
-----------------
|
|
Ethernet Adapter
|
|
-----------------
|
|
|
|
Zenarmor uses a FreeBSD subsystem called `netmap(4) <https://www.freebsd.org/cgi/man.cgi?query=netmap&sektion=4>`_ to access raw Ethernet frames. With FreeBSD 11 (OPNsense version <= 20.1) this software can be very particular in terms of proper driver compatibility.
|
|
|
|
Intel based adapters, particularly em(4) and igb(4), are observed to perform well in terms of stability and performance.
|
|
|
|
Sunny Valley Networks is sponsoring developments on this project so you can expect netmap(4) will better support a wide range of Ethernet drivers.
|
|
|
|
-----------
|
|
Disk Space
|
|
-----------
|
|
|
|
Zenarmor uses `Elasticsearch <https://en.wikipedia.org/wiki/Elasticsearch>`_ or `MongoDB <https://www.mongodb.com/>`_ as its backend to store large data sets. Please allow at least 5 MB of disk space per hour per megabit/second throughput.
|
|
|
|
If you're running a 100 Mbps link \(about 100 users\) which is quite active during the daytime and idle rest of the day, you may calculate the space needed as follows:
|
|
|
|
.. code-block:: none
|
|
|
|
5 MB x 12 hours x 100 Mbps = 6 GB per day.
|
|
6 GB x 7 days a week = 42 GB per week.
|
|
42 x 4 weeks a month = 164 GB per month.
|
|
|
|
As of `version 0.7.0 <https://www.sunnyvalley.io/docs/support/release-notes#07>`_, Zenarmor expires old report data to free up disk space for the most recent data based on the configured number of days of history to keep.
|