Need advice on a pfsense box

asterix · Nov 6, 2013, 5:03 PM

Go for a 1155 system. i3 with 8GB is perfect.

Fevan · Nov 6, 2013, 5:45 PM

yes on the 1tb, I still feel its total overkill for pfsense, more so with 2 x 1tb in raid and then installing a 1gig program on it.

If your desperate for nas class drives why not get this instead ?

http://www.storagereview.com/wd_red_25_1tb_hdd_review_wd10jfcx

Its smaller and more energy efficient and server/nas class.

But yeah I guess with raid setup you can enjoy it even if one dies you could mirror it, I get what you are trying to do and its still a good idea perhaps more costly though…

The hp servers are good, more so if you can get cash back offers on them and pick them up cheaply...

Still a good set of hardware is good and future proof. I don't think I can go with intel cpus their low end to mid end cpus don't support AES which is important to my pfsense build I have in mind, I need something future proof to work with VPNs

You could if your bb connection is not overall powerful try a test run on an old pc and see how it works out before leaping on am expensive purchase, just to get the feel and speed of it.....

super_8 · Nov 6, 2013, 10:10 PM

@Fevan:

The hp servers are good, more so if you can get cash back offers on them and pick them up cheaply…

Still a good set of hardware is good and future proof. I don't think I can go with intel cpus their low end to mid end cpus don't support AES which is important to my pfsense build I have in mind, I need something future proof to work with VPNs

well for the moment i think i will go with the haswell build any i3 CPUs or the hp server looks like a total overkill for what i need and i also imagine the server makes loud fan noise which could turn out to be anoying.
i just dont wanna mess up and get equipment that will keep crashing because it's not made for 24/7 stable running (server equipment)

The AES support is for:
Sandy bridge: all from i5 up
Ivy bridge: all from i5 up and some i3
Haswell: all except Pentium and Celeron

so if you plan to do a haswell build you can just get an i3.

Applied · Nov 7, 2013, 12:05 AM

@super_8:

And didn't people have problems with SSDs because they started dying after a few months?

Some people have these problems.
The ones who use cheap & crappy consumer SSD.
Very few do have any problems with reliable SSD from reputable manufacturers (think: Intel, Samsung).
Again: Don't choose their bleeding edge consumer series, and don't let yourself fooled by maximum transfer rates
SSD wear is a very overrated problem.

@super_8:

well i prefer WD HDDs and i chose the wd red because it's designed for 24/7 operation and 1tb is the smallest they got.

Mechanical hard drives are way more likely to fail than a reliable SSD, in my experience.
I'd believe there might be a greater variance amongst SSD models / manufacturers.
While some bad SSD might be more prone to fail than mechanical HDD, good SSD tend to have lower failure/return rates (than any mechanical HDD).

super_8 · Nov 7, 2013, 12:11 AM

@Applied:

@super_8:

well i prefer WD HDDs and i chose the wd red because it's designed for 24/7 operation and 1tb is the smallest they got.

Mechanical hard drives are way more likely to fail than a reliable SSD, in my experience.
I'd believe there might be a greater variance amongst SSD models / manufacturers.
While some bad SSD might be more prone to fail than mechanical HDD, good SSD tend to have lower failure/return rates (than any mechanical HDD).

i don't know there are a lot of topics here on how SSD disks have failed, i still think a NAS HDD will last longer since it's designed for that type of use + for the price of a quality SSD i can get 2 HDDs.

Applied · Nov 7, 2013, 12:43 AM

@super_8:

i don't know there are a lot of topics here on how SSD disks have failed, i still think a NAS HDD will last longer since it's designed for that type of use + for the price of a quality SSD i can get 2 HDDs.

I beg to differ. ;)

From my own job experience.
And from any sane stats that I can find on the internet.

@super_8:

well i prefer WD HDDs and i chose the wd red because it's designed for 24/7 operation and 1tb is the smallest they got.

The 3.5" is the smallest 3.5" they got (there's a 750GB 2.5").
By the way, if you're hell-bent on getting mechanical HD from Western Digital ;) and the 1TB is just "the smallest they got", maybe you'd like to consider the WD Re series?
The 250GB Re should be about the same price as the Red - though it is slightly louder at up to 30dba and seems to use a little bit more power, it is advertised as having better reliability - and has the longer warranty to boot:

Target market:
WD Red: "Designed and tested for small scale RAID environments / Personal/Small Office Home Office"
WD Re: "Durable capacity storage for high-availability deployments / Medium-Large scale Enterprises"

MTBF (hours):
WD Red: 1,000,000
WD Re: 1,200,000

Non-recoverable read errors per bits read:
WD Red: <1 in 10^14
WD Re: <10 in 10^16

Warranty:
WD Red: 3 years
WD Re: 5 years

WD Red: http://www.wdc.com/wdproducts/library/SpecSheet/ENG/2879-771442.pdf
WD Re: http://www.wdc.com/wdproducts/library/SpecSheet/ENG/2879-771444.pdf

super_8 · Nov 7, 2013, 12:43 AM

@Applied:

@super_8:

i don't know there are a lot of topics here on how SSD disks have failed, i still think a NAS HDD will last longer since it's designed for that type of use + for the price of a quality SSD i can get 2 HDDs.

I beg to differ. ;)

From my own job experience.
And from any sane stats that I can find on the internet.

@super_8:

well i prefer WD HDDs and i chose the wd red because it's designed for 24/7 operation and 1tb is the smallest they got.

The 3.5" is the smallest 3.5" they got (there's a 750GB 2.5").
By the way, if you're hell-bent on getting mechanical HD from Western Digital, and the 1TB i just "the smallest they got", maybe you'd consider the WD Re series?

Target market:
WD Red: "Designed and tested for small scale RAID environments / Personal/Small Office Home Office"
WD Re: "Durable capacity storage for high-availability deployments / Medium-Large scale Enterprises"

MTBF (hours):
WD Red: 1,000,000
WD Re: 1,200,000

Non-recoverable read errors per bits read:
WD Red: <1 in 10^14
WD Re: <10 in 10^16

Warranty:
WD Red: 3 years
WD Re: 5 years

WD Red: http://www.wdc.com/wdproducts/library/SpecSheet/ENG/2879-771442.pdf
WD Re: http://www.wdc.com/wdproducts/library/SpecSheet/ENG/2879-771444.pdf

The 250GB Re should be about the same price as the Red - though the first is a bit louder at 30dba and seems to use a little bit more power.

Hmm..weird, didn't look at the MTBF for the HDD-s but it seems low, in that you are right the samsung 840 ssd claims to have MTBF of 1.5 million.

I don't have much experience with SSD disks but i have HDDs that were used a lot and are over 10 years old and they still work without a problem, but they are loud when the head is moving :P

Applied · Nov 7, 2013, 12:56 AM

@super_8:

i have HDDs that were used a lot and are over 10 years old

So your 10+ year old HDDs have been alive and kicking for longer than SSDs have even been on the market at all?

Well, these sure don't make for a good comparison. ;D

(PS: Just saying… I don't mean this as an argument for or against anything)

super_8 · Nov 7, 2013, 1:58 AM

@Applied:

@super_8:

i have HDDs that were used a lot and are over 10 years old

So your 10+ year old HDDs have been alive and kicking for longer than SSDs have even been on the market at all?

Well, these sure don't make for a good comparison. ;D

(PS: Just saying… I don't mean this as an argument for or against anything)

I probably should of said that They were used in a pc system, so they weren't running heavy 24/7, if they were they would die years ago :)

super_8 · Nov 7, 2013, 11:20 AM

I was thinking of getting the Corsair http://www.corsair.com/cmx8gx3m2a1333c9.html or kingston value http://www.kingston.com/dataSheets/KVR13N9S8K2_8.pdf.

are those any good or should i get a different brand?

Fevan · Nov 7, 2013, 2:22 PM

Regarding my haswell choice and core i3, I think its too costly and not worth myself going down intel route.

An AMD build I can literally pick up the mobo +cpu for under £100 even and can't argue with a 4ghz (65watt) cpu (dual core) with AES Support and 1xpci express 4x and 16x slot. An 364 hp intel quad Nic for £40-50 can be had also from ebay. I will custom build it so its using a large silent heatsink + fan and a silent 92% energy efficient p/s.

Regarding the SSDs, agree with other poster who mentioned intel or Samsung for reliability factor…. many people on forums still selling there ones after 3-4 years.

We can assume in 3-4 years also technology will be so small and energy efficient to the point our current Pc builds require binning ;)

It is tricky to get the hardware right to strike a balance between energy efficiency and price.

One could look at this new haswell/dual nic/100% silent and 35watt build that came out today:

http://www.atlastsolutions.com/fanless-thin-mini-itx-pc-core-i7-haswell-8gb-128gb-ssd-asus-q87t/

But then who knows if pfsense will support those nics, most likely realtek anyhow so best to avoid.

You have this also:
https://www.amazon.co.uk/Shuttle-DS61-Barebone-Socket-SODIMM/dp/B00BFOFA78

pfsense works and supports these nics, but then the cpu needs to be put in separate some guys use a celeron low power or xeon but this adds to the cost.

Guess the pfsense builds are endless you just need one and once set up hide it away, you see people on here using p3 and p4 high electricity builds just running 24/7, but they not fussed you get reliability and all the features and support that puts even the best router on the market today to shame (apart from pfsense wireless side, routers still beat it for that)

super_8 · Nov 7, 2013, 3:48 PM

whatever works out for you :)
Personaly i rather stay away from AMD CPUs + you can get a i3+mobo for only a bit over £100

Fevan · Nov 7, 2013, 5:30 PM

You can but not with AES support ;)

I do actually have an core i5 3.2ghz/AES and micro ATX already which would be good for a pfsense build but that cpu is 95watts.

Its that balance once again….

jasonlitka · Nov 7, 2013, 7:28 PM

@Fevan:

One could look at this new haswell/dual nic/100% silent and 35watt build that came out today:

http://www.atlastsolutions.com/fanless-thin-mini-itx-pc-core-i7-haswell-8gb-128gb-ssd-asus-q87t/

But then who knows if pfsense will support those nics, most likely realtek anyhow so best to avoid.

One of those is an Intel i217 and the other is a Realtek 8111G. Neither are going to work with pfSense until it moves to FreeBSD 10.

Do yourself a favor and stick with Ivy Bridge. The slightly lower idle power consumption and slightly better performance per clock of Haswell isn't worth the hassle of compatibility problems.

super_8 · Nov 7, 2013, 9:01 PM

@Jason:

@Fevan:

One could look at this new haswell/dual nic/100% silent and 35watt build that came out today:

http://www.atlastsolutions.com/fanless-thin-mini-itx-pc-core-i7-haswell-8gb-128gb-ssd-asus-q87t/

But then who knows if pfsense will support those nics, most likely realtek anyhow so best to avoid.

One of those is an Intel i217 and the other is a Realtek 8111G. Neither are going to work with pfSense until it moves to FreeBSD 10.

Do yourself a favor and stick with Ivy Bridge. The slightly lower idle power consumption and slightly better performance per clock of Haswell isn't worth the hassle of compatibility problems.

or you can just buy seperate nic cards and you don't have to use the onboard one, speaking of which will a pcie x1 nic work in a pcie x16 (graphics card) slot?

Fevan · Nov 7, 2013, 10:50 PM

yes it will work

http://forums.anandtech.com/showthread.php?t=2218693

looking at some benchies the amd cpu I liked is pretty poor performer, so you were right to suggest intel cpus.

May just stick with my core i5 sandy set and transplant to a micro atx case after all :)

Good info on the ivy cpus was not aware of that….

super_8 · Nov 7, 2013, 11:00 PM

well i will go with the pentium, 1150, 8gig corsair 1333 and a ssd, it's more then enough for what i need :)

As for the i5, i don't think it uses a lot when it's not under load.

Fevan · Nov 8, 2013, 6:45 PM

yeah was concerned with the power, but they do not use that much thanks to the speed step and power efficiency :)

Pentium/1150/8gig and ssd sounds great.

midacts · Feb 20, 2014, 1:51 AM

Sorry to resurrect an old thread but did you has well build work for you? I was looking at building something similar but with an i3 4330t because its 35w with aes-ni.

I'm afraid a haswell board is going to have problems working with pfsense 2.1. it looks like it may be a while before v2.2 comes out.

jasonlitka · Feb 20, 2014, 12:41 PM

@midacts:

Sorry to resurrect an old thread but did you has well build work for you? I was looking at building something similar but with an i3 4330t because its 35w with aes-ni.

I'm afraid a haswell board is going to have problems working with pfsense 2.1. it looks like it may be a while before v2.2 comes out.

The newer Intel NIC drivers that were included in 2.1.1 have been pulled because they were flaky as hell. I wouldn't buy a Haswell system at this point unless you intend to use only add-in NICs which use an older chip.