Small & Quiet 1Gbps Router
-
Notes:
-
The integrated NICs are Intel 82579LM and Intel 82574L
-
If 2GB is "plenty" I can shave off a few bucks by going G.SKILL 2GB 204-Pin DDR3 SO-DIMM DDR3 1333 (PC3 10600) Laptop Memory Model F3-10600CL9S-2GBSQ @ 24.99
Anyone see any blaring issues with this build (e.g. known to be incompatible hardware)?
2GB is plenty if you don't run anything that will really eat up memory like SNORT or SQUID.
-
-
Hey Nuskooler! I am looking for something very similar. Would you mind sharing the links of the hardware you are referring to? I am been debating on a dedicated box, or setting up a VM box and running PF on that with another host…..
-
Hey Nuskooler! I am looking for something very similar. Would you mind sharing the links of the hardware you are referring to? I am been debating on a dedicated box, or setting up a VM box and running PF on that with another host…..
I've updated the "Option 2" post above to have component links. Will update again in a bit to reflect 2GB of RAM and i5 if I decide to go that route, which I likely will do.
-
Here is a small update for anyone interested in this build:
I was excited to build the thing, and pretty much forgot about taking in-build progress shots, but I can certainly take the lid off and take a picture if there is anyone wanting to see the final hardware in the case.
Took about a hour to put together. Everything was very straight forward. Really the only issue I had was the SATA cable Intel shipped with the MB was a straight cable (no "L" ends) which would not work in the case. Luckly I have a lot of cables around here to take care of it. The Intel fan is ultra quiet. In fact, the first time I did a power on test I thought it had powered back off because it's so quiet! Runs very cool, so that should not be of any issue.
Used the USB pfSense distro, and live mode. When I booted up everything detected perfectly. I selected my interfaces and changed my IP from the default 192.x.x.x. After that, my Internet came back up before I was even finished. Hit the 99 option and installed, configured the rest from the web GUI.
It was almost too easy!
-
Sweet! Pics would be cool to see when you get a chance. :)
-
Here are a few images (lighting was horrid):
Back panel:
Top view:
-
That's a tight setup. Love the new ports in the back. I'd probably rebuild my PfSense hardware but it'll be awhile as I already invested some money on it.
Love the low profile case!
-
That intel thin-itx cooler is rated to 65W TDP and is generally pretty quiet if anyone considers an i5/i7, technically you should get an S version but non-overclocked standards might be ok. I have that lian-li case in silver from a newegg discount awhile back.
There are also thin-itx haswell boards from asus and gigabyte with dual nics (Q87) sadly on both models one nic is realjunk while the other is intel and the newest i21x version that needs 2.2 :(
Maybe someone will make a good version in the future, haswell i3 w/ aes-ni are cheaper than ivy i5. For now I'm grabbing those sandy bridge laptop socket ITX boards and cheap mobile i5 ;)
Also, if you really want to go silent, theres always this…
-
This looks pretty nice. I am also needing to build a 1gbps-capable pf router in the next 30 days or so. But I need something that I can rackmount in 1U. Also, very curious if you've speed tested this thing yet, is it performing as you expected (able to route 1gbit traffic etc)? cheers
-
This looks pretty nice. I am also needing to build a 1gbps-capable pf router in the next 30 days or so. But I need something that I can rackmount in 1U. Also, very curious if you've speed tested this thing yet, is it performing as you expected (able to route 1gbit traffic etc)? cheers
Supermicro has lots of 1U rack mount cases for mitx boards ~$100 with powersupply. I think you just need the full height I/O plate for use with these thin-itx boards
-
I think the Lanner FW-7573 looks like a really nice next-gen platform (8-core Atom C2000) for a pfSense firewall. Problem is finding a place to buy it (in the US). I just sent an email to Netgate about possible availability.
-
You can buy directly from Lanner if Netgate won't get it for you, but that won't work under 2.1. You'll need to wait for 2.2 or run pfSense inside a virtual machine.
EDIT: Or maybe 2.1.1, the newer Intel drivers are back in and they don't seem crash-happy this time.
-
Do you know how many watts this build uses on average? I'm kind of sketched out to buy an i3 haswell due to the power consumption since this box will be running 24/7. But my fall back is a celeron CPU.
-
This looks pretty nice. I am also needing to build a 1gbps-capable pf router in the next 30 days or so. But I need something that I can rackmount in 1U. Also, very curious if you've speed tested this thing yet, is it performing as you expected (able to route 1gbit traffic etc)? cheers
Supermicro has lots of 1U rack mount cases for mitx boards ~$100 with powersupply. I think you just need the full height I/O plate for use with these thin-itx boards
Actually 1U is slightly shorter than standard height motherboard shields, depending on tolerances you can flex or fake it and it will work but other times its a no-go.
1U is ~45mm outside dimension vs 45mm (face/hole) and 48mm (flashing) inside dimensions for a standard shield.
Running without a shield, trimming the shield with tin snips or using the thin-itx one and having a gap is usually no big deal though. (DQ77KB in a box comes with both)
Just watch out, some cases use a custom size plate and in the worst case scenario it can be steel knockouts of the frame itself that are only keyed for board layouts made by the same vendor :(
-
This looks pretty nice. I am also needing to build a 1gbps-capable pf router in the next 30 days or so. But I need something that I can rackmount in 1U. Also, very curious if you've speed tested this thing yet, is it performing as you expected (able to route 1gbit traffic etc)? cheers
We don't have gigabit hooked up yet – that will come in the near future. Currently we have a 100/100 fiber. The previous router, a Snapgear SG560 could pull off around 60-70 Mbps if nothing else was going on, and if I were lucky. I can now fully saturate the connection and barely hit the CPU. Also, with QoS I can hit it very heavy and still allow web traffic as to not piss off my wife :)
Just did a quick iperf test -- Never really used that tool, so I'm probably missing something but: Using the default window from a Windows box to the router gives 680-750 Mbps, using a 256k window yield 815-880 Mbps. Note also that this is going through a fairly cheap gigabit switch that I need to replace sometime soon. When doing this the CPU on the router spikes around 10% or so. I have FW, QoS and Snort running right now.
EDIT: Added a few more details.
-
This looks pretty nice. I am also needing to build a 1gbps-capable pf router in the next 30 days or so. But I need something that I can rackmount in 1U. Also, very curious if you've speed tested this thing yet, is it performing as you expected (able to route 1gbit traffic etc)? cheers
Supermicro has lots of 1U rack mount cases for mitx boards ~$100 with powersupply. I think you just need the full height I/O plate for use with these thin-itx boards
Actually 1U is slightly shorter than standard height motherboard shields, depending on tolerances you can flex or fake it and it will work but other times its a no-go.
1U is ~45mm outside dimension vs 45mm (face/hole) and 48mm (flashing) inside dimensions for a standard shield.
Running without a shield, trimming the shield with tin snips or using the thin-itx one and having a gap is usually no big deal though. (DQ77KB in a box comes with both)
Just watch out, some cases use a custom size plate and in the worst case scenario it can be steel knockouts of the frame itself that are only keyed for board layouts made by the same vendor :(
Yeah. Stamped ones you have to get out the dremel tool :) Cases are expensive. I may stick my cluster into an Ikea helmer like these renderfarms: http://www.ikeahackers.net/2013/05/helmer-air-renderfarm.html
-
Cool setup.
Were both the Intel NICs usable under pfSense? I see one is dedicated to Intel AMT.
-
Were both the Intel NICs usable under pfSense? I see one is dedicated to Intel AMT.
Yes, both were detected and usable at first boot. Didn't have to mess with them at all.
-
I think the Lanner FW-7573 looks like a really nice next-gen platform (8-core Atom C2000) for a pfSense firewall. Problem is finding a place to buy it (in the US). I just sent an email to Netgate about possible availability.
I think we're going with the Supermicro variant for now.
-
You can buy directly from Lanner if Netgate won't get it for you, but that won't work under 2.1. You'll need to wait for 2.2 or run pfSense inside a virtual machine.
EDIT: Or maybe 2.1.1, the newer Intel drivers are back in and they don't seem crash-happy this time.
2.1.1 should work.
