Build Pfsense router
-
@markspend1:
Hey Guys according to that topic well i think that if you want to know completely detail about how to build
Pfsense router then you must visit that url:hardforum.com/showthread.php?t=1625345
So, you're suggesting that people leave a site specifically for pfSense to go read a thread that hasn't been updated in 18 months on a general hardware forum?
-
I would like to build Pfsense router - It need to be quiet and low profile hardware.
I have a 75Mbit internet connection (BT Fibre).
I have came up with this:
Scan: £110.12 - Intel BOXDQ77KB Intel Q77 Socket 1155 Mini ITX Motherboard
Scan: £74.34 - Passive Mini-ITX Case Euler
Scan: £52.36 - Intel CPU Pentium G630 Socket 1155 Dual Core Processor
Scan: £24.82 - Corsair Memory Desktop 4GB DDR3 1600 MHz CAS 11 Dual Channel Desktop
overclockers: £46.99 - Intel 525 Series 30GB mSATA Solid State Hard Drive
Total: £308.63
It is over my budget, I like to bring it down to £200 if possible.
What hardware/spec do you recommend?
Thanks.
I'm not sure you're going to get much lower for something other than an Atom-based system (though that would be more than enough unless you're talking about CPU-intensive tasks), and even then I'm not sure you'll beat it by much.
Try this (in USD):
- $40 (Mini-Box) - M350 enclosure
- $98 (NewEgg) - Intel DN2800MT
- $13 (Mini-Box) - Riser & I/O Shield for DN2800MT
- $16 (Mini-Box) - 60W AC/DC Power Adapter
- $60 (NewEgg) - Intel 525 30GB mSATA SSD
- $30 (NewEgg) - Corsair 4GB DDR3 SO-DIMM
- $134 (Soekris) - LAN1841 Quad-Port NIC
That would get you (5) ports of 82574L Gig-E for $391 USD (~£255) and it's all fanless (note, may run hot, consider adding the fan bracket for the M350, around $2, plus a pair of low-power 40mm fans, another $6 or so).
If you need fewer NICs or a lower price, you can go with something like this.
Try this (in USD):
- $40 (Mini-Box) - M350 enclosure
- $96 (Mini-Box) - Intel D2500CCE
- $25 (Mini-Box) - Pico-PSU 80W
- $16 (Mini-Box) - 60W AC/DC Power Adapter
- $60 (NewEgg) - Intel 525 30GB mSATA SSD
- $30 (NewEgg) - Corsair 4GB DDR3 SO-DIMM
That gets you (2) Gig-E ports for $267 USD (~£175).
-
Purchase a used Notebook with a Intel Core2 Duo processor …. A quality notebook with a Intel ethernet chip set can be acquired in the $100 to $230 USD range. In order to use the internal wireless capabilities in most cases you will have to reflash/hack the manufactures wireless whitelist in the systems bios. If using a single ethernet port, at minimum will require a 2 layer switch to run vlans.
Note:
I've used both dual and single gigabit ethernet setups and Can Not tell a difference in ping nor throughput.My personal home setup I'm running a 12" HP EliteBook 2530p Laptop with Core2 Duo SL9600 @ 2.13Ghz ( Max CPU TDP: 17 W )
-
Intel Core2 Duo L9600 @ 2.13GHz CPU Passmark 1405 Max TDP: 17 W
-
Intel Atom D2700 @ 2.13GHz CPU Passmark 833 Max TDP: 10 W
-
Intel Atom D525 @ 1.80GHzz CPU Passmark 690 Max TDP: 13 W
69% Better Performance than Atom D2700
104% Better Performance than Atom D525The evidence is Quite Clear on a Performance versus Cost analysis, the Atom platform is a Epic failure!
Using PowerD in Adaptive mode, CPU runs anywhere between 200 MHz to 1200MHz. On average I would say its hitting in the 800 MHz range. By using PowerD my actual CPU TDP shouldn't be any higher than 9 Watts.
I tried using my CyberPower 1500 UPS to measure total laptop power consumption. At boot up it would read 17 W but wasn't sensitive enough and would drop back to 0 once booted. Will have to get a Kill-A-Watt device to measure it one day.
Why a Laptop?
-
Build in LCD Monitor
-
Build in Keyboard
-
Build in Wireless AP
-
Build in UPS
-
LV mobile components
-
Minimal Foot print
-
Virtually Silent
-
Quick to Resell
-
-
I am running this: http://linitx.com/product/13242
Total price £150, no need for anything additional. I have BT fibre 80/20 - and can max out at 77, which is absolute limit anyway. Even at that the CPU only gets to around 30-40%.
Of course with the CF card that limits some options - but for what I want it is perfect.
Only planned change - I have acquired a 20GB 2" hard drive and plan to put that in to replace CF card - which will allow more freedom.
Of course this would not be ideal for heavy VPN use but as firewall and routing it works incredibly well - and is silent, runs cool and hardly takes any power.
Just an option…
-
I am running this: http://linitx.com/product/13242
Total price £150, no need for anything additional. I have BT fibre 80/20 - and can max out at 77, which is absolute limit anyway. Even at that the CPU only gets to around 30-40%.
Of course with the CF card that limits some options - but for what I want it is perfect.
Only planned change - I have acquired a 20GB 2" hard drive and plan to put that in to replace CF card - which will allow more freedom.
Of course this would not be ideal for heavy VPN use but as firewall and routing it works incredibly well - and is silent, runs cool and hardly takes any power.
Just an option…
My testing showed that the Alix is fine for up to about 80Mbit in one direction or around 50Mbit symmetric as long as all you're doing is Firewall+NAT. Any other services and the throughput plunged.
-
What makes Pfsense more flexible and powerful than all of the available open source firewalls?
Its the ability to easily add third party packages to increase security and functionality. To run most packages you need lots of memory and CPU power, if you are lacking either of the two, you may not be able to utilize all the powerful options available to the Pfsense platform.
Why would you want to limit the possible additional security and functionality that third parties have to offer Pfsense? :D
-
What makes Pfsense more flexible and powerful than all of the available open source firewalls?
Its the ability to easily add third party packages to increase security and functionality. To run most packages you need lots of memory and CPU power, if you are lacking either of the two, you may not be able to utilize all the powerful options available to the Pfsense platform.
Why would you want to limit the possible additional security and functionality that third parties have to offer Pfsense? :D
Power consumption, cost, simply don't need them. The list goes on.
-
What makes Pfsense more flexible and powerful than all of the available open source firewalls?
Its the ability to easily add third party packages to increase security and functionality. To run most packages you need lots of memory and CPU power, if you are lacking either of the two, you may not be able to utilize all the powerful options available to the Pfsense platform.
Why would you want to limit the possible additional security and functionality that third parties have to offer Pfsense? :D
Power consumption, cost, simply don't need them. The list goes on.
If that's the case, why don't you go to Best Buy …
Intellinet - Wireless Router - IEEE 802.11n $24.99
http://www.bestbuy.com/site/Intellinet+-+Wireless+Router+-+IEEE+802.11n/3999869.p?id=1218446801789&skuId=3999869 -
You've got a bit of an attitude problem. We don't need sarcasm here do please try to make your comments constructive.
In the event that that wasn't sarcasm and that you were being serious, pfSense provides far more functionality, performance, and security out of the box than any $30 "router" you'll pick up at Best Buy.
Also, not everyone here wants to have their edge network handled by a 5 year old laptop with a single NIC and vLANs. If you're a business on a tight budget then low-end but new hardware is likely a requirement for any deployment. If you're a home user then your laptop method might be ok but the requirement of only using a single NIC and vLANs adds complexity and is a security risk if not configured correctly (and I've seen a LOT of switches not properly secured.
-
You should read your own comment from Yesterday again at 12:18:54 pm…. My opinion was appropriate, but your response was belligerent!
Anyhow .... your opinion and my opinion my differ but as for businesses they look for value ... if your incapable of providing a Complete Value orientated solution, there's always a competent solution lurking in the shadows!
-
Alternate idea Clear-Pixel: http://forum.pfsense.org/index.php/topic,60336.0.html
-
Let me clear a few things up.
Pfsense is a very flexible firewall because you have the option to run a basic install which works fine for the Atom platform or even a Alix.
You also have many add on packages which can easily bring a Atom platform to its knees.
The majority of people running Pfsense are very technically inclined individuals which at some point will want to use options which are available to extend there firewall beyond a normal consumer firewall.
For an individual that just wants a cool Pfsense firewall for bragging rights, yea maybe a Atom platform is right for them. But if they want to extend there firewall they will find they have limited themselves by using the Atom platform.
For a very simple crude example using CPU Passmarks:
Total cost of platform / CPU passmarks = Cost of ProductivityThe Atom platform is the lowest productive yielding product Intel has in there product line!
It's very much like calculating the cost and efficiency of labor. Your computer is your slave, it all comes down to what you payed for your slave, and how productive it is.
If you look at the energy and materials required to produce a matx motherboard they are all very close no matter what platform. If you believe what the marketers say, than you have become fallen prey to the Marketers.
@ phreshjive looks to be one of the best prices I've seen. They should sale for based on how much work they can perform.
-
The list in the OP is good, just switch out the CPU for the G1610, as it is 22nm Ivy based and will use less power.
-
The list in the OP is good, just switch out the CPU for the G1610, as it is 22nm Ivy based and will use less power.
Yes …. very nice setup
The reason I brought up my laptop ... OP was looking to lower his cost, well its very difficult to beat the price of a quality used laptop for all the advantages it has to offer.
-
The majority of people running Pfsense are very technically inclined individuals which at some point will want to use options which are available to extend there firewall beyond a normal consumer firewall.
For an individual that just wants a cool Pfsense firewall for bragging rights, yea maybe a Atom platform is right for them. But if they want to extend there firewall they will find they have limited themselves by using the Atom platform.
For myself, I just wanted the ability to run my VPN directly on the router without a loss of bandwidth attributable to the CPU in the router in addition to enterprise-grade wireless. There isn't a single consumer-grade router that could perform the VPN aspect. Even the coveted Asus Dark Knight couldn't. A sad state of affairs indeed.