Hardware for 200/200 home network
-
Hello!
I’m Adrian and that’s my first post here, so please be gentle :-)
For my routing, Internet sharing and WiFi networking needs I’ve been always using standard, consumer grade (ADSL) WiFi routers from Netgear, TP-Link, etc. My Internet access was always relatively slow (at the moment 6 Mbit/s up, 0.5 Mbit/s down), so I just put OpenWrt on these boxes and everything was fine. But next month I’m finally going to get a FTTH 200 Mbit/s symmetrical link, so I’m thinking about upgrading my networking hardware for something that will easily handle sharing this pipe for devices in my home network plus some additional responsibilities.
I have no experience with pfSense or anything like it, but I’m not afraid of experimenting. However, I would like to ask you all about some advices regarding hardware suitable for my needs, listed below, starting from the ones most important to me.
-
Fanless. That’s non-negotiable.
-
Relatively inexpensive. I understand it’s not going to cost $40, but I don’t want it to be more expensive than my laptop ;-)
-
QoS. VoIP (Skype, FaceTime, etc.) has to have an absolute priority, then streaming services (YouTube, Spotify, etc.), after that normal traffic and P2P file sharing as the least important type of connection.
-
VPN
-
I don’t want to put all of my traffic through a VPN services, but I want to be able to choose which devices from my network access the Internet through the remote VPN and want to turn that on for the rest of my computers when needed.
-
I’ll also need a VPN server, so my mobile gadgets can have a safe access to my network and I don’t have to worry about e.g. login to my bank account from a public WiFi. I will need something that has a native support on the iOS.
-
-
Radius server. I’d like to try some more advanced ways than WPA2 to secure my WiFi.
-
Snort. It’ looks like a very useful feature and judging by the interest it receives on this forum it actually must be, so I would like to see what’s it all about and try for myself. Do you think it makes sense in a home network?
-
Squid. Same as point 6.
-
Anything else that you think may be needed in a home network.
Right now I’m thinking about buying Alix APU with 4GB of RAM and using my current OpenWrt routers as switches and WiFi access points. Or maybe some Haswell Celeron based NUC. What is your opinion about these two? Are they suitable for my use case? I’d be grateful for any help and suggestions.
-
-
From pfSense:
101-500 Mbps
Server class hardware with PCI-e network adapters, or newer desktop hardware with PCI-e network adapters. No less than a modern Intel or AMD CPU clocked at 2.0 GHz.I think you should think about atom C2758 or i3/i5/i7 systems.
Ref: https://www.pfsense.org/hardware/#requirements
-
Hmmm… so it looks like it's going to be more expensive than I previously thought. Does anyone have a similar link and could share his/her specification?
-
A C2758 will do it but depending on your ambient temperature it might not run fanless. It will, however, run very well with a very low speed (inaudible) fan.
-
I was going to buy one of the 2758s but i wanted something that could be used as a HTPC or something later on.. Not that the 2758 couldn't i just wanted a more general purpose machine incase I don't use PFsense one day. I think i am going to go the i3 route.
-
A C2758 will do it but depending on your ambient temperature it might not run fanless. It will, however, run very well with a very low speed (inaudible) fan.
I Jason,
I remember you built a unit with M350 case. Can you share some details? Like fan dimension (type brand), PSU, HDD. I am going to build mine.
Recommended EU stores are welcome.
Thank you. -
There is no separate PSU (eg. PicoPSU) inside the case as the board includes the ability to be powered from 12V. The fan is a 40mm Noctua with the low-noise adapter (I was using a Zalman FanMate but there was no good way to mount it in the case so I ditched it). The "ducting" you see in the case is a manila file folder I cut to size so that the air flow would move across the CPU, not one bank of RAM.
As an aside, I really like this box. I'm planning on buying two more of these as rack mounts, converting this one over, and then making a little home VM lab (with 24 cores & 96GB of RAM). They aren't screaming fast boxes but they're more than adequate for running anything this side of SQL or Exchange.
-
Jason,
are you using an HDD, SSD or running pfSense from usb thumb?
My idea is to built one, with a 80GB SSD, 8GB RAM, running Snort under VPN, 20/1 adsl.
I know it is an overkill but I'd like to built something which support higher upcoming bandwidth.
Regards -
Full install on a high-end SDXC card (Samsung Pro) in a low-profile USB adapter.
If you're not using squid you don't really need a fixed drive, though if you wanted to add one, the M350 case comes with a bracket to hold a 2.5" drive.
-
I am not sure to run squid but I don't want to limit the system, I will buy a SSD unit, they are chip nowadays.
Are you EU based? I live in Italy and it is quite difficult to find the reqiored hardware…found some goog brit shops anyway. -
It's your money. If you think you might need/want a full SSD in the future then I'd say go for it.
No, I'm in the US.
-
you wont get away with cheap for something like that. I just built one with a c2558 quad core 2.4ghz with 4gb kingston ecc ram and pro 2500 intel ssd. was around $500. But as far as my knowledge the atom is the only viable fan less cpu.
-
you wont get away with cheap for something like that. I just built one with a c2558 quad core 2.4ghz with 4gb kingston ecc ram and pro 2500 intel ssd. was around $500. But as far as my knowledge the atom is the only viable fan less cpu.
Did you built the unit using M350 case? Can you post some photo?
I will not buy a cheap unit, I will search for a 80/120GB unit, intel.
-
Unless you are going to use CPU / IO intensive packages, the APU would be sufficient.
From my experience it is good in normal usage (home-usage, what do you expect) for around 450 Mbps single direction, 225Mbps/synchronous.
Some tests i did:
https://forum.pfsense.org/index.php?topic=59555.msg405268#msg405268
Messages up/down of the linked one for other/more tests.Some tests i did with the APU as Wireless Access Point:
https://forum.pfsense.org/index.php?topic=74672.msg411023#msg411023