Newbie home router build - need suggestions

KM

Would the setup look something like this then? (sorry for the crude diagrams)

1Gbps      1Gbps                    |Wired desktop - 1Gbps
WAN in –|pfsense|--|managed switch|Wired desktop - 1Gbps
30/30                                            |Wired server  - 1Gbps
                                                    |AP                - 300Mbps

Does this seem like a reasonable layout?
My concern is that at some point I might want to use a VPN service for remote users to access the file server and run into a bottleneck because all the devices use the same NIC.

Would something like this work better given those considerations?

1Gbps        1Gbps
WAN in -- |pfsense| -- | Wired server - 1Gbps
30/30                  | -- | Managed switch | Wired desktop - 1Gbps
                          1Gbps                      | Wired desktop - 1Gbps
                                                        | AP                - 300Mbps

Thanks

wallabybob

@KM:

Would the setup look something like this then? (sorry for the crude diagrams)

1Gbps       1Gbps                     |Wired desktop - 1Gbps
WAN in –|pfsense|--|managed switch|Wired desktop - 1Gbps
30/30                                            |Wired server   - 1Gbps
                                                    |AP                - 300Mbps

Does this seem like a reasonable layout?

Yes.

@KM:

My concern is that at some point I might want to use a VPN service for remote users to access the file server and run into a bottleneck because all the devices use the same NIC.

Using VLANs the available physical bandwidth is dynamically shared amongst the VLANs. Since the WAN bandwidth is such a small fraction of the bandwidth available on a 1Gbps NIC you could easily have all your interfaces VLANs on the one physical NIC.

@KM:

Would something like this work better given those considerations?

1Gbps         1Gbps
WAN in – |pfsense| -- | Wired server - 1Gbps
30/30                  | -- | Managed switch | Wired desktop - 1Gbps
                          1Gbps                       | Wired desktop - 1Gbps
                                                         | AP                 - 300Mbps

Not unless there is something you haven't mentioned. If you need to exchange significant data between the desktops and servers and there is no need for a firewall between them then your earlier configuration would be preferred because the servers and desktops can communicate directly through the switch. If your server is to be generally available to the internet you probably want (for security reasons) to have the firewall between your desktops and the server..

Depending on the bandwdth requirements locally, you could have 1 Gigabit NIC with 3 VLANs:  WAN, Server and Desktops/AP.

If you are looking for a fanless mini-ITX board the Intel D2500CC might be of particular interest because it has 2 Intel GigE NICs on the motherboard.

KM

Eventually I would like the server to host webpages and other services that would be accessible through the internet so I think a logical separation of the server from the rest of the network would be a good idea. Single port NIC's are fairly affordable so if I went with a motherboard that had a couple of expansion slots I should easily be able to accommodate these requirements. In this case the second configuration would be the way to go then?
I checked out the switch you linked in another post and it seems to be a good solution for this setup. Is there anything I should be looking for, or anything I should avoid in a switch?

Thanks

wallabybob

@KM:

Is there anything I should be looking for, or anything I should avoid in a switch?

I would check the specs to ensure it has enough bandwidth to run all the physical ports at line rate, that it supports "enough" VLANs and I would look for a fanless switch. (I have an old 10/100 switch which has the mildly unpleasant habit of emitting grinding noises to remind me that one or more of the fans is terminally ill.)

KM

Great! I really appreciate the help sorting all this out. I'm looking for a managed switch, correct? I'll surf around the forum here because I'm pretty sure there are some suggestions already floating around.

wallabybob

@KM:

I'm looking for a managed switch, correct?

I'm not sure that all managed switches have VLAN capability. I expect all switches with VLAN capability will be described as "managed switches".

KM

Would this be a good choice for my needs?
http://www.newegg.ca/Product/Product.aspx?Item=N82E16833122381CVF

I don't really need 8 ports (5 would do nicely), but I'm sure I'll find some use for them.

biggsy

I have a couple of those switches and they are pretty good for the price.

The only issue with them is that they have a crappy NTP client that, because it just requests every 64 seconds, will force any strict NTP server to give it the "Kiss of Death".   The NTP server in pfSense doesn't complain though.  I take that back  :(

KM

Is this a big problem? Any other switch suggestions around or below this price point? It can be less than 8 ports.

KM

Will this NIC work? Seems like a good deal.
http://www.ebay.ca/itm/Dell-X3959-Intel-PRO-1000-Dual-Port-Gigabit-Ethernet-PCI-Express-Network-Card-/230781877556?pt=LH_DefaultDomain_0&hash=item35bbabfd34

Thanks for the help!

biggsy

Is this a big problem?

Not a problem at all if you can live with a few seconds drift in the local clock each day.  Only relevant if you are logging and need accurate timestamps from the switch.

KM

Anyone know if the above NIC will work for my application? These NIC's look like a good deal and with the PCI-e interface I shouldn't have any problems with overloading, right?

taryezveb

@KM:

Will this NIC work? Seems like a good deal.
http://www.ebay.ca/itm/Dell-X3959-Intel-PRO-1000-Dual-Port-Gigabit-Ethernet-PCI-Express-Network-Card-/230781877556?pt=LH_DefaultDomain_0&hash=item35bbabfd34

@KM:

Anyone know if the above NIC will work for my application? These NIC's look like a good deal and with the PCI-e interface I shouldn't have any problems with overloading, right?

Yes, that Intel NIC should work just fine.

I bought a similar NIC from ebay and has worked great:
http://www.ebay.com/itm/ws/eBayISAPI.dll?ViewItem&_trksid=p4340.l2557&rt=nc&nma=true&item=350513539530&si=pUKS45vXwy9SShprAaeU5dhVZq8%253D&viewitem=&sspagename=ADME%3AL%3AOC%3AUS%3A1123&orig_cvip=true&rt=nc

KM

Great, thank you for the verification. I have ordered one of these cards. I read somewhere that these cards need at least pci-e x4, meaning that I wouldn't be able to run it off of a standard pci-e x1 slot. Is this correct? If this is the case I don't really consider it a draw back I'm just wondering because it affects my motherboard selection.

Thanks

taryezveb

According to Intel:

Compatible with x4, x8, and x16 full-height and low-profile PCI Express* slots

http://www.intel.com/content/www/us/en/network-adapters/gigabit-network-adapters/pro-1000-pt-dp.html

I use mine in a x16 PCI Express slot.