Choosing Instance Type and Sizing¶
There are a range of specifications to choose from and this page will help guide through those choices.
Available EC2 Instance Types¶
An instance type will depend on the expected network throughput as well as the types of services the Netgate® appliance will provide.
For general firewall appliances that do not require high throughput, t3 amd64 AWS product instances are General Purpose Burstable Performance Instances that provide a lower baseline level of CPU performance with the ability to burst above the baseline to meet occasional increases in performance demands.
Warning
A t3 instance will consume CPU credits while it exceeds the baseline CPU utilization value for its instance size (e.g. 20% for t3.medium). Consult the AWS T3 instance product information to find the baseline for each size. When CPU credits are exhausted, AWS limits the instance to its baseline CPU level even if CPU demand is high. This can lead to degraded performance, network timeouts, throughput problems, and other errors. If this happens on a regular basis, redeploy with a larger instance size or different type.
Businesses looking for higher VPN throughput while keeping costs manageable should consider arm64/Graviton instances.
Tip
If the appliance will provide advanced services like web proxying, IDS/IPS, or Server Load Balancing, consider an instance that provides more CPU and RAM, such as a large or xlarge subtype.
The available EC2 instance types are listed on the product pages for either the amd64 AWS product or the arm64/Graviton AWS product.
Note
pfSense Plus software cannot run on “.nano” size instances as they lack sufficient RAM for certain key functions to work, such as upgrades.
Sizing the EBS Volume¶
The Netgate appliance is only compatible with EBS storage. For general purpose firewalls, storage requirements will typically be small and the default 8GB general purpose SSD volume should be more than enough.
In situations where the appliance may provide web proxying or caching to users, or other advanced features, consider increasing the volume size to something more appropriate, for example 64GB.