Custom M-ITX board
-
I know someone who is having a custom m-ITX board made. 200 copies of this board will be made in the first run. The board will be based on the new C206 chipset and will take any of the E12XX series Xeon CPU range as well i3, i5 and i7 procs.
The E1220 Xeon is interesting….20w TDP. The i3 proc could be interesting to run a fw on as well.
I need 20+ boards myself so have got involved in this custom board. I have asked for 4 x Intel 82574L Nics to satisfy my requirements and they have said this can be done.
Is there anything else desirable to include on this board for pfsense use you can think of? The E12xx Xeons and the i3/5/7 have the encryption acceleration instruction set onboard so that's covered already. Anything else? I am wondering if a daughter board that takes 2x Fiber connections would be useful - any of you think that would be useful?
In general would sort of features would make this board kick ass for a fw use?
-
The E1220 doesn't have an integrated GPU though. So that board will either need to support booting without graphics or have some form of embedded VGA. Or have bios redirected to serial.
-
Yes true.
Something to think about adding to the wishlist. The manufacturer is currently doing a M-ITX based on the Q67 chipset. When that is done they can do the custom c206 board. They seem to be very obliging on what we can add.
Good catch by Dream slacker…anymore suggestions ?
-
The AES-NI instructions are worthless on pfSense, at least in 1.2.3 and 2.0, as they are not supported until FreeBSD 8.2.
EDIT: Some additional notes:
- There is little point in using the C206 chipset as your choice of CPU would be limited to those with built-in video. You should really be using the C204 and an add-on video chip, Matrox, whatever.
- The 82574L NICs you want are supported in pfSense but the integrated 82579 is not. Are you going to have it disabled?
- Expansion options? Most Mini-ITX boards have one slot. I'd use an x8 PCI-e 2.0 if you can fit it.
-
I don't have on board VGA in my box and it's never been a problem.
Why do you want video on a firewall? :-\Steve
-
I second Steve's comments. I would be asking for a dedicated console port or three or more serial ports.
-
I don't have on board VGA in my box and it's never been a problem.
Why do you want video on a firewall? :-\Steve
It's more of a matter of whether the board will boot without a vga adapter being detected.
-
If it's a Custom board using Intel chipsets ask that EFI be a requirement for what Intel used to call a "Pre Boot Environment." vs using the old BIOS chips that are legacy. I know EFI does console redirection.
-
No real need for EFI though it's nice to have. ;D
They just need to ensure that the BIOS does not halt POST when there is no VGA adapter.
I reckon the board will be a complete overkill for most firewall setups though. And for those setups with throughput high enough to warrant such a setup (typically datacenters or intranet routing), space is probably the least of the worries.
-
Agree - complete overkill.
However the board looks like being about $200 +CPU and RAM. If this does come to fruition i know what i'd rather have for the money - i3/Xeon compatible m-ITX with 4 x 82574L's onboard or an Atom D525 with 2 x 82574L's onboard for about the same sort of money - well not really - the Atom m-ITX costs about $220 with CPU so a bit of difference - still i know what i would rather have.
The board is currently spec'd with RS 232/422/485. I've asked to strip these off to make room for the Lan ports. Are serial ports REALLY needed these days Vs having the 4 82574L's? Could easily leave the serials on if required.
EFI is a god one - i'll check.
Will check on the BIOS issue regards not halting with no VGA adapter.
As for video out , it already has HMDI 1.4, + asking for a DP and DVI
The main idea here is to have one board that can do many specialist jobs. fw with i3. Mini server with Xeon for running a few VM's(VT -d as well), a HTPC board (one of the guys involved is asking for Optical out for Audio).
My interest is the fw aspect. I need a lot of boards to get out into the field for different duties plus i need to setup mail relay servers at many client sites - hence one board that can take different CPU's for different jobs and if we can bring them in at $200 what a bargain!. early days on pricing yet though and they do quote 90 days to manufacture.
Not sure if we can pull it off but the manufacturer has agreed to some mods already - not sure how far we can press them, but we can try. I would have thought that for fw use not that many mods are required. Some good points raised already so far
-
forgot one thing - RAM - it takes ECC or non ECC. Thats different for a m-itx.
Currently it takes up to 8GB Ram via 2 slots. I've asked for it to take 16GB RAM via its two slots - ie 8GB sticks. OK 8 GB sticks are expensive now but in the future i expect they will become reasonable and yes i know we don't need 16 (or even eight) Gigs RAM for a firewall but the idea behind this board is versatility - 16 GB RAM for a Xeon E1280 mini ITX anyone?
Checkout the Travla T2240 and T2280 2U rack mount cases. 2 x M-ITX in one 2U enclosure. Perfect for carp. Or fw with i3 one side, mail server with Xeon the other side Or fw with i3 one side and Xeon with E1245 the other side for running a few VM's - all in one 2U rack mount case with either 4 or 8 HDD caddies in the front panel…...... many possibilities here
-
However the board looks like being about $200 +CPU and RAM. If this does come to fruition i know what i'd rather have for the money - i3/Xeon compatible m-ITX with 4 x 82574L's onboard or an Atom D525 with 2 x 82574L's onboard for about the same sort of money - well not really - the Atom m-ITX costs about $220 with CPU so a bit of difference - still i know what i would rather have.
That's dirt cheap for what we're looking at.
The board is currently spec'd with RS 232/422/485. I've asked to strip these off to make room for the Lan ports. Are serial ports REALLY needed these days Vs having the 4 82574L's? Could easily leave the serials on if required.
At least 1 serial port is required. This allows for embedded applications/ OS that don't use the VGA. An extra header (RS232 only) on the board (for a total of 2) would be nice for those who want to add a LCD to the system but otherwise not required.
Will check on the BIOS issue regards not halting with no VGA adapter.
As for video out , it already has HMDI 1.4, + asking for a DP and DVI
I doubt DP is required. A single DVI-I would actually suffice since it'd support analog VGA via common adapters.
-
When this board is available?
And where this is going to be available?Sound's like a dream already
-
I'm less interested at this point. I hate hardware that tries to do it all and that's what it sounds like this is turning out to be. DVI, DP, optical audio out, none of that is needed for a firewall. I'd want (4) Gig-E ports, VGA and/or Serial, and a USB port.
-
I'm less interested at this point. I hate hardware that tries to do it all and that's what it sounds like this is turning out to be. DVI, DP, optical audio out, none of that is needed for a firewall. I'd want (4) Gig-E ports, VGA and/or Serial, and a USB port.
DVI-I would be better than a VGA. It will be one port supporting both DVI (if VGA gets phased out somehow) and VGA (via commonly available adapters). PS/2 is probably a requirement as well (USB KVMs can be quite flaky when they're not self-powered and PS/2 KVMs are much cheaper).
-
I thought that if i get more than one board, so i could create htpc or small LAN-gaming pc.
-
KVM redirection via serial/lan would be nice, like IPMI… :)
-
The board has Intel Active Managment Technology (Intel AMT 7.0) onboard. This is via the 82579 as jasonlikta points out. So need to think about this a bit because from what i have been able to find out the 82579 is needed for the AMT 7.0. Another issue is that you need a CPU with GPU onboard (ie E12x5 series CPU) to be able to access the AMT 7.0.
Not sure how viable it is to do major rework on this board. Even if we did decide it was financially viable to do a respin of the board it will certainly extend the delivery time.
So what may work is to have 5 LAN ports onboard - (issue there of course is there is only so much room on the m-ITX board) 1 x 82579 for AMT 7.0 use and 4 x 82574L for fw use. Need to find out way more about AMT 7.0 but i cant find much. Is this like IPMI? I believe it is part of the chipset?
4x 82574L and some sort of IPMI like setup and access are essential to me - without those its a deal breaker.
Has anyone got any link to AMT 7.0 features / details so we can check this out more fully. If not, i wonder if it is possible to get a BMC chip on the board and use openIPMI or something similar? That approach might be more flakey then anything. Probably best to continue down the AMT 7.0 road.
And lets be clear - we are only going down this road after six months of checking out about every m-ITX board ever produced. Simply cant find one with all the features needed hence the custom route. Lucky i stumbled across someone who was thinking the same thing but way ahead of me on this and had already got the ball moving.
One thing very clear though is that we have total freedom on PCIE slots and can have this arranged as we want - the consensus in the group so far is that 2 x 8x slots is ideal if the board ended up being D-ITX or 1 x 8x slot if it stays M-ITX.
-
When this board is available?
And where this is going to be available?Sound's like a dream already
Its not available at this time. We are working with the manufacturer to see how many mods can be done without retooling their setup to make this board. As it stands it has been designed as a Xeon m-ITX with Intel C206 PCH chipset with Two 240pin DIMM sockets dual channel DDR3 SDRAM up to 8GB, Dual Display by VGA / DVI / HDMI, 6 x SATA ports (4 x SATA 3Gb 2 x SATA 6Gb), 4 x USB 2 and 4 x USB 2 headers.
So in that configuration it IS going to happen. What we as a small group are trying to work on is having some changes to this board for our own respective needs - i want a fw board with 4 x 82574L's onboard because i cant find that config for love nor money anywhere on the planet. Another guy wants USB 3.0 and yet another wild idea that i don't think will see the light of day is 2 x SPF 8077's on board…..its only got m-itx real estate after all.
At this stage its abit of a mish mash with ideas coming left right and center from the group - for my needs as a fw board i need to sort out what is REALLY needed to be a good fw board. As for what else gets on it i am not really fussed about - i only insist on the 82574L nics x 4 and some sort of IPMI or equivalent. 16GB of RAM would be nice because with a higher end Xeon it is suitable as a mini server for running a few VM's as the chipset and the CPU support VT-d. Nice to have one board that can do a few tasks if possible.
There are two low power Sandy Bridge Xeons in the range so far. the E1220 and the E1260. Neither have a GPU onboard but thats how they get the power low. The E1220 is 20W TDP and dual core and the E1260 is 45W TDP and quad core. Then there is the i3 that is supposed to work on this board but not yet 100% confirmed.
There is a long way to go on this. At this time casting around for ideas for the ideal fw board. Customization may or may not happen at this stage.
-
hmmm….... came across this regards the AMT 7.0 feature....
"To support KVM there is an additional requirement of Intel Integrated Graphics (required because KVM reads the framebuffer memory directly). CPU's that support integrated graphics should work with KVM (I believe this would be the dual core variants of the i5 line, and some i7 processors on the mobile side). Additionally an OEM needs to support these features in thier BIOS and enabled them when they flash the system firmware. Some OEMs will disable the KVM features (or they will manufacture system with 3rd party graphics solutions). The best approach is to contact your PC vendor directly and verify they support the feature. "