Looking for PASSIVE + LOW POWER suggestions (no fans, no moving parts)
-
I have 2.0 running on a bunch of Dell Precision 490 workstations (the size of a desktop PC). They are robust and cheap however they are HUGE, loud, consume a lot of power - and are generally overkill for their current applications.
I've been looking over the stickied list of hardware for the last few days but haven't found anything that sticks out as a "perfect fit" for what I'm looking for.
Looking for something that is silent, low power consumption, 1U/rack-mountable OR able to sit on a shelf. Integrated WiFi is ideal, if not something that has at least one PCI and one PCIe expansion slots.
Price is a huge factor - want this to be a cheap hardware swap.
Right now I'm running 35/35, 50/50 or 100/100 circuits over Dell P490 workstations with 2x Xeon 3.2ghz (dual-core with HT so 4 real cores, pf sees CPU0-7) and 4GB DDR2 RAM. Its so stupid overkill that I never see more than 1% CPU or Memory or disk usage.
I can ebay the P490's (put Windows OS back on them) for around $350-$400 each so my budget for each new PfSense hardware PLUS A 16-Port MANAGED SWITCH (used) is around $300-$400. (current boxes are packed full of NICs so I'm not using switches. If I move to hardware with only 2-4 onboard/internal NICs I'll need decent switches.
Can I make this work for about $200 per PF hardware chassis? (Assume I own all SSD/HDD and RAM required so barebones or all integrated is ideal.)
Thx for any replies!
-
it depends your wan speed and packages, how powerful machine you need.
-
it depends your wan speed and packages, how powerful machine you need.
Sorry if it wasn't outlined clearly enough in first post. I need something that can handle up to 100/100 but no more.
The majority of the connections are similar to T3 with T1 dr/failover (or 25/25 with a 10/5 backup). The fastest connection is a 100/100 with a 50/50 failover.
-
I don't know what hardware will match you're requirements
-
I don't know what hardware will match you're requirements
Could you be more specific please as to what is not realistic?
Are my hardware requirements possible but not within my stated price range… or are my hardware requirements simply not possible?
Thx for taking the time to reply!
-
Maybe one of these:
http://store.netgate.com/Netgate-Hamakua-1U-P229C84.aspx
Never used one myself…
-
@pf2.0nyc:
I don't know what hardware will match you're requirements
Could you be more specific please as to what is not realistic?
Are my hardware requirements possible but not within my stated price range… or are my hardware requirements simply not possible?
Thx for taking the time to reply!
I use pc hardware, which isn't actually powerefficient. some nano-itx would do your requirements, but then price is coming up
-
What would help also is answering these questions:
1. What is the peak load your "device" will use (most ppm) along with the sustained load?
2. What packages (squid, havp, squidguard, snort, etc) do you plan on running?
3. Are you load balancing or using each connection separately?
4. VPNing? if so, how many users max?
5. Basic network setup would be helpful too -
What would help also is answering these questions:
1. What is the peak load your "device" will use (most ppm) along with the sustained load?
2. What packages (squid, havp, squidguard, snort, etc) do you plan on running?
3. Are you load balancing or using each connection separately?
4. VPNing? if so, how many users max?
5. Basic network setup would be helpful tooConsider each instance seperate, no failover, etc.
I was using dd-wrt on Linksys 100/1000 routers across 10-15 locations for about 3 years and was very happy. Over time the routers started to break down and needed replacing so I migrated to PfSense.
By "break down" I mean the external web GUI would lock me out for no reason…. the VPNs would get slow... WOL would take 10min to reach a machine (slow but never failed... strange right??). I replaced hardware - used or new and old & trusted OS or new beta didn't matter - they just couldn't handle it. I never took the routers apart but they were always hot...
Consider a retail store or a small office. At most 5-10 machines + small wifi (staff/internal only) and very few shared resources. The demographic is pretty opposite - the smallest install has the fastest connection (10G with 7 machines total (no wifi) while the largest is 250+ and has 35/35 (not T3 but close) WAN.
I have had two machines stolen, a few burn out (heat) and the majority of clients complain that the machines are big, loud and the electric bill went up since I came onboard.
Need small, quiet, passive, low power consumption and want it to be cheap.
is that possible?
Thx/
-
@pf2.0nyc:
the VPNs would get slow…
So you are using VPNs. How many? What bandidth?
If you simply need to firewall a 100/100 connection you can get by with some relatively low end hardware like an Atom based system which can be passively cooled. However as soon as you introduce some packages like Snort or Squid you increase your cpu requirement substancially. If you need to VPN the entire WAN connection you need something a lot more powerful or dedicated encryption hardware.
For example my system with a single core Pentium-M at 1.7GHz consumes <25W at idle and can VPN around 50Mbps in one direction. It has onboard encryption hardware but it isn't supported by FreeBSD. :(Have look here for some great test results from an Atom:
http://forum.pfsense.org/index.php/topic,27780.0.htmlSteve
-
Per box maybe 3-5 VPNs, bandwidth is variable - usually restricted to the remote user's ISP and usually well under 10mbps each way (20 combined).
The Dell Precision 490 boxes I have are awesome - dual x5060 CPUs (2-cores @ 3.2ghz with hyperthreadding so PF sees CPU0-3), memory is cheap, etc. but they are huge, loud and power hogs.
Essentially looking to shove the existing hardware I am running into something more modern and smaller - hopefully this is possible simply by upgrading to newer technology.
-
Have checked this kind of solutions?
-
Have checked this kind of solutions?
far too expensive but thank you for the link. I could pick up a SuperMicro (or other) 1U half-depth chassis and swap over most of my parts into that to condense size - was just looking for something passive because server fans are going to be too loud for most of my applications.
-
I don't think you are going to be able to get a completely passively cooled system with sufficient cpu power for $200. That will get you an Atom based passively cooled system but that's not going to support 3-5 vpns at 20Mbits each, no where near!
A passively cooeld i3 or i5 would do it but that's going to mean massive aluminium heatsinks and heatpipes and those are expensive. :-
You are going to need to look for a middle ground, quiet but still powerful.Steve
-
I don't think you are going to be able to get a completely passively cooled system with sufficient cpu power for $200. That will get you an Atom based passively cooled system but that's not going to support 3-5 vpns at 20Mbits each, no where near!
A passively cooeld i3 or i5 would do it but that's going to mean massive aluminium heatsinks and heatpipes and those are expensive. :-
You are going to need to look for a middle ground, quiet but still powerful.Steve
At this point my challenge is more with noise than with power consumption. The Dell P490 has a 750W PSU which is more than adequate for power but the combination of the PSU and the internal fans makes the box quite loud.
A few of my locations are in small offices and/or retail/home applications where a server is out of the question because the Dell workstation box is already too loud. The real thing is the fans and getting something that's quiet and hopefully into a smaller form-factor. At this point if I could maintain equal power consumption but move to a unit that's smaller and silent (or as close to silent as possible) that would be excellent.
Any ideas would be much appreciated. I've been running this on Dual-Xeon X5060 (3.2ghz dual core with hyperthreadding so 4 physical cores and 4 virtual cores across 2 CPUs). I'm thinking about going to something in the i3 range or possibly going to an E8400 CPU - but not sure if that will lower the power consumption by anything substancial.
Thx for replies so far - very much appreciated!
-
@pf2.0nyc:
I'm thinking about going to something in the i3 range or possibly going to an E8400 CPU - but not sure if that will lower the power consumption by anything substantial.
It will!
Have a look here: http://www.tomshardware.com/reviews/d510mo-intel-atom,2616-11.html
82W peak system power on the i3. They are using a 750W PSU for that test so it will be horribly inefficient at 82W. At that sort of power dissipation you're probably not going to be able to go passive (for sensible cost) but you can use a slow, quiet fan.
Steve
Edit:
Further to the above the i3 530 scores 2729 at Passmark compare that to a dual X5160 system at 3952.
Around 70% the processing power of your current system (a little less your cpus are 3.2GHz) but 260W vs 73W TDP.Also the newer sandy bridge cores are lower power consumption and higher processing power.
Edit: Having read up on this further I realise that the 51XX Xeon is Core2 based where as the 50XX is older uses more power and would have significantly lower cpu score. All the more reason to get an i3. ;)
-
I guess you can go with i3 or i5 with CPU underclocked and undervolted. This will save you a lot of power and heat. I guess under full loading of your spec your CPU heatsink will keep cool and thus the fan still runs slow, making least noise.
If you need a smaller sized solution, the best you can go is AMD's new APU platform. Choose your motherboard with ITX form factor.
-
Thank you for the replies. Have not been able to source a decent solution/alternative. The Dell Precision 490 is both cheap and easy - but also large, loud and power hungry.
I've been messing around with a few different options and haven't been able to find anything decent. What I have right now is stupid overkill and I'm running old/legacy hardware (Intel PRO 1000 dual/quad MT nics, xeon 5060 cpu, WD raptor 36gb 10krpm HDD, ddr2 ecc RAM).
I'm not looking for cutting-edge blazing fast low latency or uber-high throughputs as the current hardware does just fine. I'd imagine any dual/quad intel PT can crush an intel MT card. Its more about shoving it into the quiet and passive much smaller form factor at a reasonable cost. I tried a few Atom boards as well as a few i3 and i5 boards. They seem to be very expensive to get what I want. An Intel Pro 1000 MT dual NIC is <$20 shipped on eBay and I can't max that out on any piece of hardware I run.
Right now noise, form factor and power consumption (in that order) are the only problems.
Any suggestions would be much appreciated. I'm in the process of purchasing quieter fans to retro-fit the machines with so besides noise the next two are power consumption and form factor.
Thx.
-
Have you read this thread: http://forum.pfsense.org/index.php/topic,38514.0.html ?
I'm using an AMD Brazos plattform with an dual port PCIe Intel NIC. It stays below 30 Watt all the time, has one 120mm fan running inaudible @650rpm and is housed in a Mini-ITX enclosure.
-
Have you read this thread: http://forum.pfsense.org/index.php/topic,38514.0.html ?
I'm using an AMD Brazos plattform with an dual port PCIe Intel NIC. It stays below 30 Watt all the time, has one 120mm fan running inaudible @650rpm and is housed in a Mini-ITX enclosure.
Thanks for your post. I may simply move to a much more modern platform over time. I'm learning that my existing machines draw a bunch of power and aren't quiet - but they are rock solid reliable, cheap and easy to fix and way overkill for my needs (not to mention that Intel Pro 1000 MT cards are cheap).
I'll need to do 10-15 of these and I can't see spending $800-$1,200 per machine at this point when what I have is already hardware overkill.
-
Can you adapt your existing hardware at all?
What if you just remove one of the cpus? From your figures it seems as though one Xeon should be sufficient for your needs, that should reduce power consumption. Having done that can you fit a fan speed controller?
Much cheaper than replacing it all. ;)Steve
-
yeah I'm looking into that. I did a major stress test today and could only get up to 14% CPU but I'm up to 42% memory usage - time to look at taking out a CPU and adding an extra 2GB of RAM (total of 4GB).
The loudest thing is the memory cooling fans and there are a few ebay retrofits out there I may look at - or I may try and wrap the inside of the box with some sound deadening material. I've had good luck with that in the past as well.
I think for starters I'll keep both CPUs in and shut off hyperthreading to see how that works.
Does ACL and Hardware Prefetch have any impact whether they are on or off?
-
Slight update…
Turned off hyperthreading (HT) and the CPU usage more than doubled - which is strange but it is what it is.
I think the easy answer is that I need to spend some money - these x5060 CPUs were awesome at one time... but not anymore. I have a dual Xeon W5580 (3.2ghz quad core with HT) box that I set up identical and when I test that (with 9GB ddr3 RAM) I can't even move the needle. I can pretty much push the limits on any Intel Pro 1000 MT, GT or PT NIC and push full gigabit through them and the CPU and memory needle stays at or under 1%.
Looks like I need to either live with my power consuming machines or shell out the cash to upgrade to more modern hardware that's generally faster than what I have.
-
You should look into the Soekris Net5501. Over the years I too was searching for the perfect low powered device to run
pFsense on.http://soekris.com/products/net5501.html
I've used it not only at home but in a production environment (commodities trading firm 50 users business cable).
It's used as a backup to the Cisco ASA that runs on a 100mbit line.I see lots of people on here with setups that are overkill for their needs. From what you describe this should work nicely.
-
You should look into the Soekris Net5501. Over the years I too was searching for the perfect low powered device to run
pFsense on.http://soekris.com/products/net5501.html
I've used it not only at home but in a production environment (commodities trading firm 50 users business cable).
It's used as a backup to the Cisco ASA that runs on a 100mbit line.I see lots of people on here with setups that are overkill for their needs. From what you describe this should work nicely.
I too have some of these setups in the equities space - and those are usually in the form of a 1U dell server or in the standard P490 workstation. I have a few schools and retail shops that are complaining about the noise. Unfortunatly the hardware is my cost to bear hence my need for something cheap/affordable. I'll look into this box - thanks. It looks like a very reasonable alternative to what I've been using. The PCI slot is perfect for a Cisco PCI wireless AP and the cost seems reasonable.
-
@pf2.0nyc:
Per box maybe 3-5 VPNs, bandwidth is variable - usually restricted to the remote user's ISP and usually well under 10mbps each way (20 combined).
No way that Soekris box will support that unless you get encyption hardware.
Steve
-
@pf2.0nyc:
I'm thinking about going to something in the i3 range or possibly going to an E8400 CPU - but not sure if that will lower the power consumption by anything substantial.
It will!
Have a look here: http://www.tomshardware.com/reviews/d510mo-intel-atom,2616-11.html
82W peak system power on the i3. They are using a 750W PSU for that test so it will be horribly inefficient at 82W. At that sort of power dissipation you're probably not going to be able to go passive (for sensible cost) but you can use a slow, quiet fan.
Steve
Edit:
Further to the above the i3 530 scores 2729 at Passmark compare that to a dual X5160 system at 3952.
Around 70% the processing power of your current system (a little less your cpus are 3.2GHz) but 260W vs 73W TDP.Also the newer sandy bridge cores are lower power consumption and higher processing power.
Edit: Having read up on this further I realise that the 51XX Xeon is Core2 based where as the 50XX is older uses more power and would have significantly lower cpu score. All the more reason to get an i3. ;)
My i3 idles at 40W. Haven't really gotten it configured too much yet, so I'm not sure what it will get up to. I am having a rogue process that's loading one of the cores, and that takes it up to 53W. That's witha 380W 80+ Bronze power supply(smallest I could easily get).
The only fans are one case fan, the cpu fan, and the psu fan. It's pretty quiet.
-
I just replace my Alix 2D3 with a Dell GX520 Small Form Factor and its been awesome. It's silent, small enough to fit in my home/office rac, and efficient. Overkill? Nope. It runs 2Gigs of ram with a P4 3Ghz HPT and a 40GB hdd. It does the job perfect in my 100/50Mbps Line.. best of all they are dirt cheap.
-
P4 Prescotts are not known for being low power and your ALIX only uses about 5W compared to about 86W for your P4. Also, Dell's BIOS only underclocks to 2.8Ghz from 3.0 during speedstep, not a noteworthy power savings while idle.
Considering your pipe is above what an ALIX can handle I would say it was quite necessary for you to upgrade.
-
http://forum.pfsense.org/index.php/topic,40399.0.html
this information might be relevent to you?