Deploying Projects on Hardware Boxes

Low Cost - Desktop or Decommissioned PC Compatibles

As far as Operating Systems are concerned, there is little difference (other than performance and capacity) between a desktop computer and a rack mount server. If you happen to have some rack mount servers available, you can deploy these projects in them just fine. However, for training or trial deployment in a corporate or academic environment, inexpensive desktop PC compatibles will also work fine. You don't really need high end performance, reliability, or tons of memory or disk space to deploy these projects, and use them in a testbed network. This is assuming that the boxes used are compatible with the OS.

For Windows, you can deploy the 32 bit versions on older "x86" or "x64" PC compatibles (of any form factor). The 64-bit versions of Windows will install on almost any 64-bit ("x64") PC compatible, even early Intel 64 bit processors. For RAM, I recommend a minimum of 2GB for Windows 7 and 4G for Windows Server 2008 R2. Virtually any hard disk will work for any version of Windows, but see the Microsoft website for minimum requirements if you are sharing a drive with other Operating Systems in a multi-boot environment.

For FreeBSD, you can deploy the 32 bit versions ("i386") on older "x86" or "x64" PC compatibles (of any form factor). The 64-bit versions ("amd64") require 64-bit AMD or newer Intel 64-bit processors (ones that are "Intel 64" compliant). The early Intel 64 bit processors (pre "Intel 64", e.g. EM64T) will not run FreeBSD amd64 versions. FreeBSD does not require anywhere near as much RAM as Windows. 512MB is plenty or RAM for these projects, but for good measure, use 1GB.

In a corporation or academia, there are often older "decommissioned" desktop or server boxes that are no longer adequate for production servers. These will work fine for these projects, but at least verify that the platforms are reliable and won't crash.

On any platform, host systems (ones that have only a single network interface) only need one NIC, which is almost always present on the motherboard. It must be one supported by the Operating System you are installing. With Windows that is rarely a problem. For FreeBSD or Linux, you may run into some recent NICs (especially built-in ones on motherboards) that are not supported. If you install FreeBSD or Linux and the network interface does not appear, you have one without driver support. You may be able to find and download a driver for it, but it is usually easier to install supported NIC(s) in daughterboard slots.

On any platform, a router or firewall requires at least two NICs supported by the Operating System. On desktop units, there is usually one NIC on the motherboard. On rack mount units there are often two NICs built-in. Most desktop computers have daughterboard sockets in which you can install a second NIC card.

Ideally all NICs and switches used should be Gigabit, but again, for training and testbed deployment, Fast Ethernet (100Mbit) will work just fine. Again, there may be decommissioned Fast Ethernet NICs and switches available for use.

It is handy to have a video interface, monitor, keyboard and possibly mouse connected to the node while you are installing the Operating System, but in many cases, once it is installed you can remove those and use the box in a "headless" mode (or as one box connected to a KVM switch). With FreeBSD it is very easy to use ssh to manage the server. You can use an external X Server (a dedicated terminal or X Server software) for remote graphical access, as well. X remote access is beyond the scope of these articles. With Windows, the Remove Desktop Connection is well suited to remote management, or you can install the Windows Server 2008 R2 Remote Administration Tools on a Windows 7 Node.

It is handy (and not all that expensive) to include an internal DVD drive in these boxes, but as long as they have an available USB connector, you can use an external USB DVD drive when installing the Operating System (an optical drive is rarely needed after OS installation).


Network Appliance Boxes

Here are some examples of purpose built "network appliance boxes" that are very suitable for deploying the open source or commercial products. These are great for router or firewall deployment, but you could also use them for web or mail servers. Most have two or more gigabit NICs. Some have cheap "Atom" grade processors, and relatively small amounts of RAM, but these are actually better than the CPUs and memory in many commercial routers. Few if any have custom network interfaces such as v.35 serial, for connecting to CSU/DSU devices from your ISP. You can get separate CSU/DSU boxes or cables that connect to standard Ethernet interfaces if you need one.

These "network appliance" boxes are intended to run "headless" although many include an internal video adapter and USB ports for connecting keyboard and external DVD drive during installation. Once installed, those can be removed and the box managed entirely via ssh and/or web. Many have multiple NICs making them very suitable for dual stack firewalls. These boxes have places to mount 2.5" SATA drives, and some can use Compact Flash cards in lieu of hard disk drives.

The more powerful the hardware, the higher performance your end result will be. However, it doesn't take an incredibly powerful CPU (e.g. Atom or Celeron), very much memory (1G is enough for most applications and 2G is ample) or much hard disk space to run a router or firewall. For a web or mail server, you might want to include a fairly large SATA drive. If you are planning to have lots of users and support SSL/TLS, you might want a more powerful CPU. Check with these vendors for resellers, pricing and availability. Most of these boxes are Intel-64 or AMD 64-bit compliant, but you should check the CPU online before ordering. Even if they are not, some firmware is still available in 32-bit versions. Very nice platforms like these can be had starting at around US$400.


Typical Vendors of "Purpose Built Network Appliance Boxes"


Portwell has a wide range of price points based on CPU, amount of RAM, number of Ethernet ports, etc. The CVR-1200 is well suited to SOHO networks.


Like Portwell, Lanner has a wide range of boxes ideal for building your own network appliances. I've had very good luck using their FW7540B and FW7581 platforms for firewalls, routers and other network infrastructure boxes. All run FreeBSD 8.x with no problems, including NICs.



Acrosser has some micro boxes and some rack mount units. They run FreeBSD fine.


For other vendors, search for "OEM Network Security Appliance"