What is pfsense based on?
Pfsense is an open-source firewall and router that has been around since 2002. Originally it was based on FreeBSD, but in later versions of pfSense the kernel has been replaced with Linux to provide better hardware support for today’s hardware devices. Pfsense allows you to use a single device as both your firewall and router so you don’t need two separate devices like some people do who have cable or DSL internet service from their ISP.
You can use pfsense to connect your whole house, or just a single computer in the home. It is also possible to configure it as an OpenVPN client and server which means you could even access resources on your local network when working from another location like at work or while traveling.
What does open source mean for pfsense?
If you are not familiar with open source software, it means that the pfsense software is free to use and modify. It also gives anyone the opportunity to contribute their own modifications back into the community for everyone’s benefit. This allows users of pfsense to have access to a much larger pool of knowledge which makes many issues easier if not completely avoidable.
Why is pfSense based on FreeBSD?
The pfsense project originally began based on FreeBSD because it was the closest open-source software to an embedded router platform. It also had a good reputation for being secure and stable which made it even more attractive when developing this kind of advanced internet infrastructure solution.
What is FreeBSD?
FreeBSD is a free Unix-like OS based from AT&T UNIX via BSD. It originally came out in 1989 as PC-UNIX, better known as “Big Computer eXtended” and then more simply as “BSD”.
FreeBSD is comes from BSD, which was called BSD Unix or Berkeley Software Distribution (thus the BSD acronym). 1993 was when it first came out and is continually worked on today.
What version of FreeBSD is pfSense based on?
While pfSense 2.4. 5 was based on FreeBSD 11.3, pfSense 2.5 is based on FreeBSD 12.2. We also get a host of changes to basic components such as an OpenSSL upgrade. One of the headline features is the ability to add a kernel-based WireGuard tunnel in pfSense.
What are some benefits of using pfSense?
There are many different reasons why people choose to use either hardware or just run their own Linux distribution instead of buying one that has all the features already installed like most consumer routers offer out there today without hacking them, but here is a list of things you can do with your very own piece of networking equipment:
- Easily configure everything from port forwarding rules to custom VPN connections.
- Has support for OpenVPN so you could easily leverage your pfsense box as a VPN gateway for all devices in the home including smart TVs and mobile phones without needing to configure each device separately.
- Using Snort or Suricata you can monitor network activity in real-time with very low CPU usage which is great if you have limited resources like a router that only has 128MB of RAM available.
- Since its open-source software, there’s always an active community behind it making updates when new security vulnerabilities are discovered or hardware becomes obsolete cutting down on development costs while still being able to provide support at no extra charge unlike most other companies out there.
- Since pfSense is based on FreeBSD, it has support for ZFS which provides snapshots and cloning of the router configuration to rollback if something goes wrong but also allows you to create an exact copy so you can use it as a backup or clone your entire network onto another device just by copying one file over.
What are some downsides?
- The biggest downside I personally have found with pfsense is that occasionally updates break things unexpectedly, but as long as you are willing to occasionally test updates or manually apply them, it can be a very stable operating system.
- The other downside is that the pfSense project does not have an official support channel for each individual package which makes troubleshooting issues with third-party software more difficult if no one else has encountered the issue before so there’s no resolution available yet.
What are some of the features that pfsense offers?
Some other great features offering more advanced capabilities include:
- Using OpenBGPD for dynamic routing to increase network redundancy which also allows you to have multiple default gateways.
- Utilizing HAProxy, Varnish Cache, or Nginx as reverse proxies so web servers load faster without needing extra hardware as a dedicated server would require.
- Running BGP with custom routes over IPvLite tunnels so it won’t violate any firewalls rules because packets are never actually routed through the internet instead only tunneling between two locations securely while being able to pass all traffic back and forth like a regular network connection.
I hope this article has given you a good understanding of what pfSense is and how it works. pfsense is a great choice for an open-source network firewall where you can easily configure all aspects of your home or business’s internet connection without having to pay extra costs for features that are available using pfSense.