Questions about my ideal setup

Sergei_Shablovsky

@jt40 said in Questions about my ideal setup:

At this point, I ask myself why don't buy a Netgate box, like Netgate 2100... Looking at the performance declared, it's overkill for me...

According to what most users wrote here on forum, they quickly goes from “this is overkill to my needs” to “why I not spend a +$80 at beginning to avoid some problems / impossibilities now” :)

Waqar.UK

@jt40

https://www.asrock.com/mb/intel/h310cm-hdv/index.asp#Specification
ASRock H310CM-HDV

LAN
1 x Realtek RTL8111H

So you need a Intel based Ethernet card.

I do not think my setup consumes a large amount of electricity,
PFsense box is small and efficient and Asus RT-AX 88U barely gets warm.

JT40

@sergei_shablovsky said in Questions about my ideal setup:

@jt40 said in Questions about my ideal setup:

At this point, I ask myself why don't buy a Netgate box, like Netgate 2100... Looking at the performance declared, it's overkill for me...

According to what most users wrote here on forum, they quickly goes from “this is overkill to my needs” to “why I not spend a +$80 at beginning to avoid some problems / impossibilities now” :)

Ahaaha, that's how it goes :D

Before this post, I could not think to spend so much for a router...
Apparently, I have no choice, the minimum is 280 pounds, now the choice is on Netgate or a custom build.
What I can say about the custom build is that it's much more powerful than Netgate, which is probably what I need in the future (not tomorrow morning), plus I can also re-use that machine to do something else if I need to, which is great, it's X86 powerful HW in the end.

Components have been published above, I just need some recommendation on the network card.
Good ones are around 150 pounds, but I really don't know which one to pick up.

JT40

I found this one: Intel X710-da2 , it seems enough for me, I would love to have more ports but it's very difficult to find network cards that have more than 2 ports for my wallet :D .

Based on the recommendations written here: https://www.servethehome.com/buyers-guides/top-hardware-components-pfsense-appliances/top-picks-pfsense-network-cards-nics/

Sergei_Shablovsky

@jt40 said in Questions about my ideal setup:

@sergei_shablovsky said in Questions about my ideal setup:

@jt40 said in Questions about my ideal setup:

At this point, I ask myself why don't buy a Netgate box, like Netgate 2100... Looking at the performance declared, it's overkill for me...

According to what most users wrote here on forum, they quickly goes from “this is overkill to my needs” to “why I not spend a +$80 at beginning to avoid some problems / impossibilities now” :)

Ahaaha, that's how it goes :D

Before this post, I could not think to spend so much for a router...

;)

Apparently, I have no choice, the minimum is 280 pounds, now the choice is on Netgate or a custom build.
What I can say about the custom build is that it's much more powerful than Netgate, which is probably what I need in the future (not tomorrow morning), plus I can also re-use that machine to do something else if I need to, which is great, it's X86 powerful HW in the end.

Try to look at the NetGear 2100 Max from that point of view:

• time running fast and computers/parts price goes down quickly. So no reason long-term investing in HW in SOHO segment;
• much less power consumption (You point that electricity bills is important to You, because for example even old server with 2 x ~550W PSU (minimum for any rack server) eating ~ 250-300W / h, 24/7/365);
• stable and proven by NetGate configuration;
• not need to spend a months on NIC tuning, OS tuning, etc... (time = money, or just pay more attention to family;)

Components have been published above, I just need some recommendation on the network card.
Good ones are around 150 pounds, but I really don't know which one to pick up.

Better for this search on pfSense original doc, FreeBSD user forum, and on this user forum.

Pick up Intel, in Your usecase:

• 1Gb per port;
• 2-port NIC card for uplinks, and 2/4-port NIC card for LANs;

And care about UPS: online interactive models from Liebert, Eaton, Schneider are best choice.

slimypizza

For $250 at Amazon you can get a Qotom Q330G4 with 8G Ram, a 16G SSD, I3 AES-NI Crypto capable, 4 NICs, and HDMI video out. I have had this for over a year and it works great.

Sergei_Shablovsky

@jt40 said in Questions about my ideal setup:

I found this one: Intel X710-da2 , it seems enough for me, I would love to have more ports but it's very difficult to find network cards that have more than 2 ports for my wallet :D .

Fujitsu and IBM have Intel i350 based (Fujitsu D2745 Quad Port), they both are cheap on eBay.

Please take a time to read Original Intel EXPI9404PTG2L20 EXPI9404PT PRO/1000 PT vs Fujitsu PRO/1000 PT Quad Port Gigabit Network Card PCI-E D2745-A11 low profile.

Based on the recommendations written here: https://www.servethehome.com/buyers-guides/top-hardware-components-pfsense-appliances/top-picks-pfsense-network-cards-nics/

JT40

@slimypizza if I find any benchmark that can prove it...

JT40

@sergei_shablovsky said in Questions about my ideal setup:

@jt40 said in Questions about my ideal setup:

I found this one: Intel X710-da2 , it seems enough for me, I would love to have more ports but it's very difficult to find network cards that have more than 2 ports for my wallet :D .

Fujitsu have Intel i350 based

Based on the recommendations written here: https://www.servethehome.com/buyers-guides/top-hardware-components-pfsense-appliances/top-picks-pfsense-network-cards-nics/

Why did you mention Fujitsu?
But yes, that network card is enough, it's 1Gbit on both ports if I'm not wrong.

Sergei_Shablovsky

@jt40 said in Questions about my ideal setup:

@sergei_shablovsky said in Questions about my ideal setup:

@jt40 said in Questions about my ideal setup:

I found this one: Intel X710-da2 , it seems enough for me, I would love to have more ports but it's very difficult to find network cards that have more than 2 ports for my wallet :D .

Fujitsu have Intel i350 based

Why did you mention Fujitsu?

Stable work, robust, what’s else? ;) (read link above)

But yes, that network card is enough, it's 1Gbit on both ports if I'm not wrong.

I told You more: 4 x 1Gb port Fujitsu D2745 Quad Port cost $27-50 on eBay ;) Enjoy!

JT40

@sergei_shablovsky I swear I didn't see that :D
Thanks a lot, but now I'm in front of another problem.
It's almost impossible to find a mini ITX PSU on the UK soil... Or at least something good quality.
Also outside it's quite rare...

I think that I need to compromise from outside anyway, but at this point, why not this one alredy bundled, it's so cool all together already :D : https://www.aliexpress.com/item/1005003420929961.html?algo_pvid=6931b44c-ab16-4947-a5ba-0e605bdf7abd&algo_exp_id=6931b44c-ab16-4947-a5ba-0e605bdf7abd-43&pdp_ext_f=%7B%22sku_id%22%3A%2212000025713946221%22%7D
I checked the network card, it seems good, not the best though.
The model with I7 6500U and 16GB of RAM will cost me 300 without import tax, tax should not be much.

Reason why I like it it's because it's fanless, very important to avoid bad smell and noise in the house, plus it's X86 which could serve some other purpose.

Sergei_Shablovsky

@jt40 said in Questions about my ideal setup:

@sergei_shablovsky I swear I didn't see that :D
Thanks a lot, but now I'm in front of another problem.
It's almost impossible to find a mini ITX PSU on the UK soil... Or at least something good quality.

So, slowly You come to my first reply. :) From which country You are ;)
Ok, back to deal...

I think that I need to compromise from outside anyway, but at this point, why not this one alredy bundled, it's so cool all together already :D : https://www.aliexpress.com/item/1005003420929961.html?algo_pvid=6931b44c-ab16-4947-a5ba-0e605bdf7abd&algo_exp_id=6931b44c-ab16-4947-a5ba-0e605bdf7abd-43&pdp_ext_f=%7B%22sku_id%22%3A%2212000025713946221%22%7D
I checked the network card, it seems good, not the best though.
The model with I7 6500U and 16GB of RAM will cost me 300 without import tax, tax should not be much.

Khm....

If Your location now are in Great Britain (so cold for me! ;) there are great company, which I know 8+ years, Barracuda Networks. (Mostly known in UK, very zero known in USA because of marketing dept focusing on local market, and price tag are a little bit high (8-15%) for comparable models in US from other vendors.)

Barracuda Networks making a wide specter of network appliance, both bare metal and cloud. And most important- have great support for new coming (some sort of Barracuda University, with a lot of docs, usecases, education videos...).
One of the products line are Barracuda NextGen (NG) Firewall, both in bare metal standalone appliance and cloud solution. (Business Model close to pfSense, but much more closed proprietary software. And yes pfSense community are awesome!)

First models (in 2010-2012, like Barracuda NG200 ... NG450, 32-bit based CISC CPUs, modern models are all on 64-bit CISC CPU) based on famous OEM developer LANNER.
I well know all that old models, and need to say, all of them are VERY VELL designed from engineering point of view: fast and stable working (even in worst environment like hitemp, unstable main power, humidity), robust engineered. And, of course You able to add DIY extra NIC, larger / SSD disk,...).

Just choose x86 Desktop Network Applience from LANNER You like (i find usable to see this booklet with a all models comparison table), than seek Barracuda models on eBay.co.uk and eBay.de separately (because for unknown reason eBay.com not show all available items), or just buy the same one for a less price from LANNER partners or on eBay.com.

Reason why I like it it's because it's fanless, very important to avoid bad smell and noise in the house, plus it's X86 which could serve some other purpose.

The desktop Barracuda NextGen (NG) are SILENT (like Mac Pro “trash can”).

P.S. This is amazing story about that I start from CISCO, then quickly go to F5, Juniper, then go to more flexible and less cost solution like pfSense on standard x86_64 platform. So, when I seek info about bare metal, I found that in older low-end models NetGate also use OEM LANNER, but now this is SuperMicro OEM in high-end models. (Of course, SM better engendered than LANNER, different market.
But note LANNER are still VERY GOOD for low-end markets, MUCH BETTER that any crap You able to find on AliExpress). Even more, some of famous companies like F5, Juniper, Extreme, using LANNER in their rack products... ;)

Waqar.UK

@jt40 said in Questions about my ideal setup:

@waqar-uk Nice setup, but it's gonna consume a lot of energy...
At this point, it's simple X86 HW, I just noticed, I'm better of building something by myself, I just need to be careful with the compatibility of the network card and try to find a case that has at least 4 ethernet ports :D
Do you agree?

That Aliexpress link to a Qotom mini computer is what I use. So far, so good.
Good Internet speeds are hampered by cost in the UK. We are based in the UK so in the EU they enjoy much faster connections at reduced cost. But in the long term I am considering to build a 10 Gig capable Ethernet based machine. About £500 cost. Network card availability is the biggest problem.

JT40

@sergei_shablovsky said in Questions about my ideal setup:

ne of the prod

Thanks a lot but it's almost impossible to find such devices... All the stores that I found allow the purchase in bulk...
I found something used but it's soooo old hardware...

I think I'll stick with something less reliable as Qotom, or similar.

Thanks a lot for all the help :)

JT40

Thanks everyone, in the end I chose Qotom, not many other choices available this period.

I summarize here my reasons in case it can be of an help:

• Chance of fallback on X86 architecture in case I face some problem with PfSense (I doubt), I may use this box for something else

• I've chosen the Intel i5 8250U CPU, really the best considering the TDP of 15W and 4 core - 8 threads (major shift after the Intel series 7), otherwise it would have been 35W TDP.

• 16GB of Ram, I know it's a lot but the fallback needs may be 16GB of Ram... Plus I don't know how much the plugins can take with many VLANs etc, looking online, it's very difficult to exceed 4GB with 1Gbit download... Not sure with many devices though, but it shouldn't make much difference.

• SSD is not important, I don't need much space, in the worst case, I'll dump the network traffic on another HDD, but the USB bandwidht may not be enough. So I've chosen 256GB SSD.

• Network card is fundamental, make sure to check the specs and compatibility. The box I've chosen has 2 network cards , both supported.
  Due to high traffic in the LAN, which is most probably higher than your WAN, you may need to invest in 10 Gbit network cards, this kind of ready-made box is very hard to find, at that point, you need to setup all by yourself, highly suggested, at least you will have the choice of a better power supply :D , as well as the motherboard.
  Your setup may not be fanless though...

I'll let you know how it performs.
The only reason why I didn't choose Netgate is the missing chance to use that box for something else if things go wrong, otherwise, go for it.

Thanks everyone.

JKnott

@jt40

I think you'll be happy with it. Even with only 4 GB memory, mine's coasting with anything I've thrown at it. I have 64 GB SSD and only 3% is used.

Waqar.UK

@jknott

True, since I have a i5-2505U Qotom with an SSD and 8 GB RAM. works really well.

bingo600

@waqar-uk
i5-5250U ??

JKnott

@bingo600
I've forgotten. Regardless, the details are in my sig.

Waqar.UK

@bingo600
Yes a mis-type.

i5-5250U, 8GB RAM and Kingston 120 GB SATA SSD.

https://ark.intel.com/content/www/us/en/ark/products/84984/intel-core-i55250u-processor-3m-cache-up-to-2-70-ghz.html