Installation on Intel D2500CC (atom with dual NIC board)
-
Hello,
I got pfsense2.0.1-i386 running pretty much straight out of the box.
Updated bios to latest, attached a HDD and a USB-cdrom, chose "3", Boot Pfsense using USB.
A bit of artifacts on the install screen(s) but F10(refresh) helps (screenmap us-ascii_to_cp437.scm seemed a bit better)
Found on-board NICs without any problems, also installed a quad PCI NIC. All working.
kldload coretemp works for temperatures (http://forum.pfsense.org/index.php?topic=39595.0)
So far so good, been running it for 1,5h :)
Regards
Jani![pfsense_core temps.png](/public/imported_attachments/1/pfsense_core temps.png)
![pfsense_core temps.png_thumb](/public/imported_attachments/1/pfsense_core temps.png_thumb) -
Got mine from minipc.de in Germany (delivery costs to the UK weren't too bad). Logic Supply EU store suggest they will have it in stock from 1st March.
Boot from the live CD (some odd video corruption - some characters appear as blocks rather than the character typed when you enter WAN and LAN set-up information etc.), struggling to get an embedded image to boot properly from a USB flash drive (Geometry errors)
I have same character problem. Every fourth character is blanked. Did you maybe figure out how to fix it?
Same problem here http://149.20.54.209/showthread.php?t=30337
-
I have same character problem. Every fourth character is blanked. Did you maybe figure out how to fix it?
Same problem here http://149.20.54.209/showthread.php?t=30337
This kinda worked for me;
A bit of artifacts on the install screen(s) but F10(refresh) helps (screenmap us-ascii_to_cp437.scm seemed a bit better)
//Jani
-
thx, I will try that
-
I bought it here
http://www.cartft.com/catalog/gl/78Together with the M350 mini ITX case and the picoPSU power supply a small combination for a firewall/router.
This was the built I was looking at. But my readings on this forum:
http://forum.pfsense.org/index.php/topic,45746.0.htmlleads me to believe it will run too hot. I understand 40mm cooling fans can be fitted to the case, has anyone fitted these inside the case? any recommendations for a quiet 40mm fan or is there another case people recommend?
On another note is anyone running a usb wifi access point with this board? I would be interested to know which one and whether it fits in the hidden front usb panel.
-
This was the built I was looking at. But my readings on this forum:
http://forum.pfsense.org/index.php/topic,45746.0.htmlleads me to believe it will run too hot.
Maybe if you run a stress test at 100% CPU load over long time as someone did in the feed you mentioned.
But you also can see my comment there. Running pfsense as home firewall fanless is absolutly no issue as long you do not place the case in a small cabinet without air circulation. -
well I was going to use the same case as you, M350 mini itx case and sit it inside our server cabinet. But I am slightly concerned, might use a silverstone sugo sg05 or look for a rackmountable case. Anyone else fitted this in a 2U?
-
and sit it inside our server cabinet. […] or look for a rackmountable case.
When I build up my home use pfsense system my intention was to make it silent and reduce the power consumption as much as possible.
When you are planning to install it in a server cabinet don't think too much about. Take a 1U rackmount with fan. For mini ITX there are even dual rackmount cases existing where you can install two boards in one case.
-
Hi guys and gals :D
I just like to say that I managed to install pfSense 2.0.1-RELEASE (amd64) from USB stick on my Intel D2500CC equipped with a WESTERN DIGITAL SCORPIO BLACK 160GB 7200RPM SATA/300 16MB.
The big challenge is of course as You all know that the output on the screen mostly displays at the last line and looks like garbish.
I installed the 32 bit version first and wrote down every single keystroke that I did. Then I reinstalled with the amd64 version and made the exakt same input. It worked! It seems to run well since installation a few hours ago, installed OpenVPN, Squid, and SquidGuard. No storage or network card attached to USB.
When booting on the USB Stick the display works well untill pressing 3 (Boot from USB)
After that, here are my answers (Don't write them too fast):n ENTER
em0 ENTER
em1 ENTER
ENTER
y ENTER
(wait some time here!)
99 ENTERWhen the installation to disk starts with the blueish screen I can't recall what I wrote and my notes are blurry. Sometimes it works to see some text if You use the arrows, left, right, up and down. Sometimes it's blurred. Maybe if You make a 32 bit install first you can write down your answers and follow them. Now, when it's finally installed I hope I won't need the screen again until the graphic card diriver has been fixed.
BTW Before doing the procedure described aboveI tried to install with the lastest nighly 64 bit build just to find out if the problem has been fixed. It hasn't, it's the same.
Good luck! -
This is an upstream bug in FreeBSD, I'm afraid. The new Intel Atoms with the PowerVR graphics have major graphics compatibility issues with FreeBSD, and with Windows for that matter. They only seem to be really well supported on Linux. I'm using a D2700 board with 2.1-development in a live install. I'm using the i386 build, which one can, as you note, manage to install. I suppose if you memorize all your answers, 64-bit could install but I didn't see it as having enough benefit to be worth the headache.
Realize that with these boards, you have to use 32-bit Windows 7 due to there being no graphics driver support for 64-bit; and that some of these boards have 64-bit support disabled in the BIOS (for obvious reason). This is a 32.5-bit chipset (a not-real term I just made up to poke fun at this chipset). The processor is 64-bit, but unless you use Linux, you can't get working graphics in 64-bit. In 2011 (when this chipset came out), that's absolutely ridiculous. More importantly, the fact FreeBSD's console video doesn't even work (again it's hard to describe if you haven't seen it) and has glitches even in 32-bit mode, indicates severe underlying compatibility issues with the PowerVR chipset.
Oddly, Linux (even 64-bit) console video works fine, but that's with the latest Ubuntu that I believe uses a higher graphics mode. Even more odd, FreeDOS also works fine, without any of the missing characters. I'm no expert, but my understanding is that basic console video between FreeBSD and FreeDOS should be the same darn thing. Still, I wouldn't begin to blame FreeBSD and definitely not pfSense. This is an upstream bug that seems to be related to something severely broken in this chipset. Sorry Intel, but this is a fail.
If it helps you any, once installed on a D2700, 32-bit 2.1 snapshots have been rock solid (2.1 needed for Realtek drivers on the board I'm using), though sadly 2.1 is far from feature complete (VLANs don't work with traffic shaping yet, which I consider a pretty key feature).
-
Just as a heads-up:
2 days ago, there has been a commit to the FreeBSD source which fixes the video corruption.
Oh and thanks to Plisken. Using his instructions you can install pfsense 2.x amd64 on that board.
-
Will that commit to the FreeBSD source make it into 8.3 though, or will it not apply until pfSense switches to 9.x?
-
http://redmine.pfsense.org/issues/2595
-
That still does not answer the question. It says it is going in 2.1. Does that mean the nightly pfSense builds include this fix. I tried a nightly from a few days ago, no luck. I have not been able to get nano with serial support to work either, so I am patiently waiting for a fix. Thanks for any insight.
-
I think I found the answer here:
http://redmine.pfsense.org/projects/pfsense/issues?fixed_version_id=5&set_filter=1&status_id=o&subproject_id=!*
It shows "New". I assume it will show "Feedback" when it is included and ready for testing. I will keep an eye out and test it as soon as it is included in the nightly builds.
-
Well thanks to Plisken I was able to install the pfSense-2.0.1-RELEASE-2g-amd64-nanobsd_vga on to my Intel D2500CCE.
Booting off a 2Gb Kingston CF via a SATA to CF adapter.
I did have a problem with my original picked 8Gb CF Card which was a Sandisk extreme (didn't look at it when I picked it up out of the tray)
It wouldn't boot with this card at all with either the 4g-amd64 or 4g-i386 nanobsd. I would get a read error, just after you see F1 pfsense, F2 pfsense F6 PXD?.
Didn't matter what I did in the bios. Then grabbed the slower Kingston card and dd over 2g-i386 nanobsd.
Booted up straight away. I wrote down the keystrokes I had to do to get it up and running, then dd over 2g-amd64 nanobsd.
Waited till I saw no more text movement, and entered the following (not entering whats in the "")
n enter "VLAN setup"
em0 enter "WAN"
em1 enter "LAN"
em2 enter "Option 1"
em3 enter "Option 2"
enter "any more Options ports, enter to continue"
y enter "confirm port selection and continue"
waited for the sound saying it had booted, then I could log on via a browser, and finish the rest.
I have a dual gigabit port intel server card installed into the PCI slot as OPT1 and OPT2 that is why the extra em2 and em3 key strokes.
If you don't have more than 2 NIC just don't leave out
em2 enter
em3 enter
I now have it up and running, and configuring it for my setup.
Thx -
Can a few using the Intel 2500cc post the power consumption?
I want to use the same board on several pfsense builds. I am using a via Samuel 2 board for my home box and it uses 41watts on boot up and 35-37 watts continuous. Trying to into to the 25 watts area.
-
Which C3 are you running? You should be drawing less than that at idle. The best thing you can do to reduce power consumption is use a high efficiency power supply. Some PSUs claim to be highly efficient but in reality are only much good when working at or close to their maximum output. Since you're drawing <50W you probably have something far too big.
Steve
-
Can a few using the Intel 2500cc post the power consumption?
19W idle, 20W when rebooting, measured at the mains with a KillAWatt. The board is a CCE rather than a CC.
I was quite surprised, since my toy webserver has dual P3s, how fast that Atom boots! It's not fully config'd yet, and therefore not online. It's a full default install straight off the iso image, lives in an Antec 300 case, has 4GB, a WD 320GB Black 2.5" drive as the boot and storage device, and currently an ASUS cd/dvd drive as the install device. I'm driving it with a 102W pico-psu. I suspect the "brick" is not the best quality, since it's warmer than I expected for so small a draw.
-
Thank you MMacD and stephenw10.
Not sure what you are asking? C3? I was doing some contact work for wayport. They had me replace a shallow 1u rackmount via server w/ 80 gig IDE…... Well I own it now since they never sent me a return FEDEX label. This enabled me to build the pfsense box for free. My best guess is the chassis is a pre-2004 180 watt ps w/ fan and two chassis fans.
Yes, I use the killawatt unit. I am finding the 2500cce for around $99 us and can find a complete package (mb, 2gig ram, ps, and the 350 chassis) for under $200 us. But I want a 1u or 2u rackmount chassis.
-
Sorry. C3 is what VIA were calling their processors that had the Samuel 2 core.
http://en.wikipedia.org/wiki/List_of_VIA_C3_microprocessors#.22Samuel_2.22_.28150_nm.29
I guess I was really asking what speed the CPU runs at?I have a miniITX board here that runs an Ezra core C3 900 and it uses <25W. It uses a DC-DC PSU (like the PicoPSU).
Steve
-
Thanks for the link and 800mhz
-
I want a 1u or 2u rackmount chassis.
You might have to pay for that, since they seem to hold their value surprisingly well. There's a no-name 1U uITX on ebay right now for $25 …but they want another $50 to ship it, a common ploy. I've often seen elderly 4Us and 6Us on ebay for little or nothing if you were to pick up, but they'd only be a good deal if you're building a toy system for development rather than paying co-loc fees by the U.
-
Thanks for the info. I do watch eBay, but my goal is to build the boxes myself. I am in sheetmetal. I am going to call them "ugly box". I don't like the prices, would like a box w/ ps for under $75. This seems more reasonable pricing. I need to find a ps supplier.
Crcmetalproducts.com
-
How many are you building? Where are you installing them?
You could do something like Google did with their custom servers: open enclosures and DC power! Cheaper and more efficient but obviously not suitable for co-lo.http://news.cnet.com/8301-1001_3-10209580-92.html?part=rss&subj=news&tag=2547-1_3-0-20
Seriously if you have access to cnc machines and bending tools etc then you could either make it from scratch or add your own front panel to a steel tray. I've done this a few times with 19" rack equipment though never a server and having a single panel machined is for you is expensive.
Steve
-
1st off, I am new to pfsense, about 2 months new. I have a long background in computer/IT, going back to 1982. Never have I heard about FreeBSD or pfsense. The only reason I know of it now is because of router problems over the last few years. Googling for solutions and finally someone did a good write on inadequate memory/cache overload and mismanagement of such. In the same thread, someone piped in about dumping off the shelf routers for pfsense. Blew my mind, so I googled pfsense. Here I am…....78-). A converted happy camper on a new learning curve.
The goal is to build 3. 1 to replace the via box I have at home (want to be more green on my energy bill) and 2 for work (1 for the office and 1 for the owners house). Also installing a freenas box at each location. Need some redundancy and offsite backup. Yes, I have some of this in place already, but want to make a transition to FreeBSD (free,at least for the software, and good support).
The next step/goal would be to offer low cost "ugly box" to the pfsense group (1u/2u chassis 8-10" deep). Designed around the intel 2500cc or cce board. I like the idea of SSD drive but not quite sold on it yet.
-
You will have a lot more takers if you keep it 1U. Many people will be paying per 'U'.
Something that may be of interest, it's been suggested by several users, would be a 1U 19" enclosure that contained an Atom based board and a 5-8 port vlan capable switch. Not sure how you'd arrange that though.
Steve
-
The goal is to build 3. 1 to replace the via box I have at home (want to be more green on my energy bill) and 2 for work (1 for the office and 1 for the owners house). Also installing a freenas box at each location. Need some redundancy and offsite backup. Yes, I have some of this in place already, but want to make a transition to FreeBSD (free,at least for the software, and good support).
As far as putting together a fNAS box, unless you need rackmount setups, you might combine the firewall, router, and nas functionality on the same 2500 board in an Antec 300 or 302 case, unless the bandwidth through your firewall isn't going to leave any spare clocks.
I bought a 300 for my firewall/snort/open-vpn/tele application because the 2500 apparently gets quite hot unless it has adequate air space, and the 300 was the cheapest well-made box with elbow room at a useful price. I no longer even consider putting form above function: too much hardware lost to heat through the years.
And the 300 is actually very well made, especially for a low-price box ($50 at Newegg), and supports 3x5.25 drives, 6x3.5, and even a 2.5 bolted directly to the floor. Room for 5x120mm fans toto (a 120 and a 140 come with).
-
Steve, is that simple as adding more LAN cards? Or adding a completely different board? I did search this and found www.bsdcan.org/2012/schedule/events/330.en.html. Not sure exactly what they are saying. Does pfsense have a package to add an internal switch? I know free switch, but thought this only only for voip phones and PBX.
MMacD, I was looking or I was asking that very question. Can I bundle nas and router/firewall together using FreeBSD (in the FreeBSD forum)? The answer I received was that could be a security issue and not good security/networking practice. I do like the idea of bundling.
I also forgot to mention that the phones are VoIP at the office. My plan is to add an additional nic to handle the VoIP. Someone said why not just do a vlan for the VoIP. Maybe in the future.
-
The answer I received was that could be a security issue and not good security/networking practice.
hmmm…I wonder why that would be. Did they say?
Neither networking nor security is my field (I've been doing human-factors systems architecture since '74), but it seems to me that the whole point of the firewall and snort is to keep the bad guys from tricking their way into the LAN. So if they can reach your disc farm when it's living in the box with the firewall, they can reach it no matter where it is in your LAN since nodes are logical locations rather than physical, and ready access is the whole point of running a LAN rather than a sneakernet. As long as you don't expose the logical location of the farm to the inet, I can't imagine what problem there could be with physical colocation. Perhaps someone will explain.
-
MMacD, I agree w/ you.
Quote from FreeBSD forum….....
Hello,
It's a good security practice to separate the file server from the "router/firewall". However, you can achieve easily all of the above using OpenVPN which is flexible and easy to implement, or IPSEC if you feel ready to dive into a less flexible but probably more secure implementation of VPN.
For the backups I'd use rdiff-backup or duplicity (if for additional security if needed). Not sure how are they gonna run with Cygwin under Windows. I'm pretty sure though you can achieve scheduled backups under windows with rdiff-backup, although a solution like DeltaCopy might seem more suitable for windows as it runs natively.
I get that what needs to be backed up are windows files that will be channeled through VPN.
What does it mean exactly 'more green' Green like that?
-
The purpose of a firewall is security. Every time you add services to your firewall you open a potential avenue of attack reducing security. The more stuff you are running on your box the more likely it will have exploitable bugs.
There are many threads about this on the forum because, like you, many people want to do it. pfSense was originally devised to take the place of router/firewalls in medium to large networks. It has evolved into a product that fits in many more scenarios including soho where you want to minimise the number of boxes and power usage.
If you want to do this it is recommended to use virtualisation. Run pfSense in a VM and freeNAS (or whatever) in a separate VM.
Steve, is that simple as adding more LAN cards? Or adding a completely different board? I did search this and found www.bsdcan.org/2012/schedule/events/330.en.html. Not sure exactly what they are saying. Does pfsense have a package to add an internal switch? I know free switch, but thought this only only for voip phones and PBX.
Adding multiple NICs is expensive. If you have only one PCI slot, as many Atom boards do, you have to use a quad port card and that can be very expensive. A cheaper option is to use VLANs and a VLAN capable switch. You can then have as many interfaces as you have ports on the switch. This is how small soho routers work, a switch and a router on one pcb. That's what the package you linked to is for, not useful for us.
I don't know how you would do this, you'd have to add a switch PCB to the enclosure but I don't know where you'd get one. There would be very small market for this though since it would be cheaper to get a separate rack mount switch and it wouldn't be appropriate in a co-location situation. I only mentioned itSteve
-
Reading up just now on the hardware requirements for fNAS, I'd say the more important issue is address space and bandwidth. I've read, tho never seen verified (have you?), that a D2500CCx does have more than 32-bit address space implemented on the board, and I know there are some 8GB parts available, but fNAS's requirement of 1GB per TB to get anything like good performance would make me want to experiment before deciding to host both Snort and fNAS on the same board.
-
You can use nas4free instead. I believe that has a lower hardware requirement. There are other similar projects.
Steve
-
Thanks for the replies. I am currently running nas4free, booting from a thumb drive, at home. I think I am going to focus on building my pfsense boxes and setting up VPN.
-
Hi kids, bugs got fixed in latest 2.1-snapshot.
Installed 64bit version on d2500cc flawlessly. -
Good news! I'm new to FreeBSD/pfsense and ran into this problem right at the start… Since I don't want to wait for 2.1 release nor using a unstable snaphot version, I'll go with the 'install 32bit first and write down the inputs' method first.
Hope it'll install smoothly on my Samsung 830 SSD (64GB) and it'll detect and work with my miniPCIe WLAN Card (Compex WLE200NX).
BTW, I'm using this case: http://mini-case.com/pi37/pd332.html, totally fanless and hopefully ok when running pfsense 24/7….Cheers,
cibomato -
I'm has similar board JW Minix Mini HD PC http://www.jwele.com/motherboard_detail.php?1140 with 128GB SSD and 2GB ram. Since I need to set up several VLAN interfaces in the console so I had trouble using writing down the inputs method. Therefore I use the i386 version instead. Is there any downside using i386 version apart cannot using more than 4GB RAM?
-
No not really.
There may be some marginal performance increase using 64bit but its small enough you'd have to setup a test to see it. I've seen people argue both ways on this.Steve
-
I just picked up a new board. It was listed on ebay as the Intel2500CCE. When I received the board it shows Intel D2500CC. Is there an actual difference between the two?
From what I could find :
The 'E' suffix in the model name (e.g., D2500CCE vs D2500CC) signifies that this product is an Intel Extended Life Product (ELP). ELP products will be available for extended production times (3 years) and are perfect for project use.
So do you think I have the same thing? I dont see anywhere on the board the "E" just D2500CC.
Not sure if I should send it back and find one that has "e" listed.
Any help would be greatly appreciated.
-Neztik