Intel Mini-ITX Atom 8-core Hardware Build Recipe Available Here
-
the recommended way to enable trim?
At first I would even have a look on the tech specs. from the SSD, mSATA, SSD-DOM or SATA-DOM
or what ever you have installed in your pfSense box!!! Because there are some devices that not
accepting any TRIM orders and for this it is not really fine to enable the TRIM support.But if your device is accepting and supporting TRIM I would also at first have a look in the OS
that TRIM is enabled or not and then if this was not done during the installation process I would try
enabling it.Will this persist between reboots and upgrades?
Many things can be done by set up a /loader.conf.local that during the updates and upgrades
many things would be not wiped away, the other option is to work it out by using scripts that
should stored in a place that will be not affected by the upgrade or update process, so that they
all can be run with a cron job after those processes.Also, what is everyone using for PowerD settings for this build recipe?
This can be really different each from another! Because this tends mostly on the running services,
installed packages, amount of users, network load and much other things that plays together.So it is not a really "We have all the same Supermicro Board and should use then all the same settings"
or something likes that. I one situation it will be the best to go without, and in other situations it is better
to go with min, max, adaptive or high adaptive mode, but this tends really on every single situation and
offered services, usage, number of users, or what ever is your situation at your place.In one way it is for CPUs or SoCs with so called "CPU turbo clock" but this can also be differ
from other CPUs or SoCs with more then one CPU core for using it for power saving´s.But this settings are often affect the whole system performance and so it can be different
what users are choosing to go with, this often is more related to their system and config.
At many mainboards this must also activated in the BIOS first to use it.PowerD minimum = is using only the minimum CPU frequency
PowerD maximum = is using only the maximum CPU frequency
PowerD adaptive = ?
PowerD highadaptive = is using from the minimum to the maximum CPU frequencyIn FreeBSD that is also called "powerd flags" if want to search by your own over this settings.
As an example:
Alix APU 1D4 Board without PowerD enabled shows up max. ~450 MBit/s throughput (iPerf)
Alix APU 1D4 Board with PowerD enabled shows up max. ~650 Mbit/s - 750 Mbit/s throughput (iPerf) -
Got my case, ssd, memory, and board. (no fans or power supply yet).
Hooked up a regular ATX power supply I have sitting around and am tinkering with the IPMI configuration to try to get SOL working with pfsense so I can make configuring this thing completely without the need to hook anything up directly to it.
No problem! I am just waiting on my RAM to be delivered tomorrow, I went ahead and ordered another 8GB from Amazon for a total of 16GB. The rest of the system is hooked up and boots up fine to the POST screen where it obviously errors out due to no RAM. The IPMI also works and is super cool, I had no idea that existed until researching a pfsense system to build.
I'm the last person to "question" overkill :)
But is 16gb really necessary, or is it overkill? I know one SODIMM isn't taking advantage of dual channel, but does is that really going to make a difference here? And under what conditions would one really need/want 16GB ram for pfsense? -
~2 GB for highing up the mbufs size (if used)
~2 GB for the ClamAV (if used)
~4 GB for Squid (depends on what caching method is used)
~4 GB - 8 GB for pfSense & Snort (if snort will be used)Ok this might be then more likes a full featured UTM appliance
but why not if he is willing to use it in this way? -
@BlueKobold:
Ok this might be then more likes a full featured UTM appliance
but why not if the he is willing to use it in this way?Don't get me wrong. If someone wants to and can, why the hell not :)
I'm asking because I'm genuinely curious why someone would need that much ram.Because, you know, it might convince me to get that much RAM :)
-
@BlueKobold:
Ok this might be then more likes a full featured UTM appliance
but why not if the he is willing to use it in this way?Don't get me wrong. If someone wants to and can, why the hell not :)
I'm asking because I'm genuinely curious why someone would need that much ram.Because, you know, it might convince me to get that much RAM :)
It's because I live in Texas, where everything is bigger!
-
I'm the last person to "question" overkill :)
But is 16gb really necessary, or is it overkill? I know one SODIMM isn't taking advantage of dual channel, but does is that really going to make a difference here? And under what conditions would one really need/want 16GB ram for pfsense?My current pfSense box has only 2Gb Ram, AMD Dual Cores processor, running Snort (WAN and LAN) + IPBlockerNG without any issue, Memory was used about 19%, PowerD was turned on. It was also running Squid3+iCap+ClamAV too before, still had no issues at all.
If you use SSD, want to use ramdisk, the more RAM the better. If you want have best Snort performance (e.g. set search mode to AC-NQ), It requires more RAM.
If the 8G ECC ram is cheaper in US, Why not. Here in Canada, the cheapest Kingston ValueRAM 8Gb ECC (KVR16LSE11/8KF) is $CAD 81 + Tax + Shipping charges = ~100:
http://www.tigerdirect.ca/applications/SearchTools/item-details.asp?EdpNo=8868966&CatId=11484
-
My current pfSense box has only 2Gb Ram, AMD Dual Cores processor, running Snort (WAN and LAN) + IPBlockerNG without any issue, Memory was used about 19%, PowerD was turned on. It was also running Squid3+iCap+ClamAV too before, still had no issues at all.
Ok if it is running also without any problems for sure why not, but
then you are truly not from Texas. ;) -
Ugh.
The supermicro board is very sensitive to ATX power supplies apparently. I was using a spare Forton power supply that technically fits all of the requirements. ATX 2.2, eps12v, etc etc.but it only intermittently powered on the board. IPMI was powered on successfully 100% of the time though but shorting the power pins wasn't powering up the board - it wasn't activating the power supply.
Spent all night trying to troubleshoot it, and then finally got fed up, and went and got my other spare power supply (asus neo550) and it worked 100% of the time.
I'm not planning on powering it permanently with this PS, just waiting for my external mini-din power brick to arrive, but if anyone else is planning to power it with an ATX supply, keep that in mind.
-
Ugh.
The supermicro board is very sensitive to ATX power supplies apparently. I was using a spare Forton power supply that technically fits all of the requirements. ATX 2.2, eps12v, etc etc.but it only intermittently powered on the board. IPMI was powered on successfully 100% of the time though but shorting the power pins wasn't powering up the board - it wasn't activating the power supply.
Spent all night trying to troubleshoot it, and then finally got fed up, and went and got my other spare power supply (asus neo550) and it worked 100% of the time.
I'm not planning on powering it permanently with this PS, just waiting for my external mini-din power brick to arrive, but if anyone else is planning to power it with an ATX supply, keep that in mind.
Hmmm, I thought any ATX power supply should be fine. Thats odd. Did you try the 4pin or 24pin?
-
With an ATX powersupply you can't use the 4-pin without modding it.
ATX supplies don't provide full power without a PS_On signal sent back. The 4-pin is "dead" until the ATX supply is told to turn on. and the 4-pin doesn't have a PS_On pin for the motherboard to tell it to turn on.
-
With an ATX powersupply you can't use the 4-pin without modding it.
ATX supplies don't provide full power without a PS_On signal sent back. The 4-pin is "dead" until the ATX supply is told to turn on. and the 4-pin doesn't have a PS_On pin for the motherboard to tell it to turn on.
Right. I forgot that.
-
With an ATX powersupply you can't use the 4-pin without modding it.
ATX supplies don't provide full power without a PS_On signal sent back. The 4-pin is "dead" until the ATX supply is told to turn on. and the 4-pin doesn't have a PS_On pin for the motherboard to tell it to turn on.
Still waiting on your 4-pin from eBay? Mine literally only took 2 days to get to me in Austin, TX. I freaking love this system!
-
Still waiting on your 4-pin from eBay? Mine literally only took 2 days to get to me in Austin, TX. I freaking love this system!
Should be here tomorrow. Still waiting on the fan bracket and fans though. I'm not sure I'll need them, but noise isn't a concern in the utility room so I'll install them just in case.
I'm pretty excited to get this set up. I currently have a /29 but that's primarily because network isolation was easy and anything more complicated was a bit of a pain with dd-wrt. With pfsense, I think I can drop down to a /30 and just have a couple of VLANs.
-
Power supply installed. Got the build installed and doing some basic tests. I just hooked it up as a DHCP client to my current internal network and did some tests with the dhcp and dns server and some throughput tests over NAT.
900+MBit/s either direction using iperf3.
So yup, definitely gigabit routing - i was expecting this.
CPU temp topped out at 39c. I currently don't have a fan on it at all. Doesn't seem like I'll need one, but I have 3 40mm and a bracket still enroute, but I think this thing would definitely function well fanless even.
I set a 100MB /tmp and 200MB /var ramdisk and I think my memory peaked out at 5% of 8gb :)
-
900+MBit/s either direction using iperf3.
Wow, this sounds really good.
Can you have a look at the LAN Port LED´s please, are they on or off?
Thnx for that. -
Power supply installed. Got the build installed and doing some basic tests. I just hooked it up as a DHCP client to my current internal network and did some tests with the dhcp and dns server and some throughput tests over NAT.
900+MBit/s either direction using iperf3.
So yup, definitely gigabit routing - i was expecting this.
CPU temp topped out at 39c. I currently don't have a fan on it at all. Doesn't seem like I'll need one, but I have 3 40mm and a bracket still enroute, but I think this thing would definitely function well fanless even.
I set a 100MB /tmp and 200MB /var ramdisk and I think my memory peaked out at 5% of 8gb :)
Glad you like it! I am loving mine as well. I have the 3x 40mm fans installed and it's all located here in my office and I still can't hear it.
My iperf results topped out at 930 Mbps which I'm sure could be increased with a little tweaking here and there but I am very satisfied. My Time Warner Cable speeds are now up to 350 Mbps and I cannot wait until Google Fiber is installed in my house for 1 Gbps up/down.
I am going to rocking and rolling at that point!!!
-
Power supply installed. Got the build installed and doing some basic tests. I just hooked it up as a DHCP client to my current internal network and did some tests with the dhcp and dns server and some throughput tests over NAT.
900+MBit/s either direction using iperf3.
So yup, definitely gigabit routing - i was expecting this.
CPU temp topped out at 39c. I currently don't have a fan on it at all. Doesn't seem like I'll need one, but I have 3 40mm and a bracket still enroute, but I think this thing would definitely function well fanless even.
I set a 100MB /tmp and 200MB /var ramdisk and I think my memory peaked out at 5% of 8gb :)
Glad you like it! I am loving mine as well. I have the 3x 40mm fans installed and it's all located here in my office and I still can't hear it.
My iperf results topped out at 930 Mbps which I'm sure could be increased with a little tweaking here and there but I am very satisfied. My Time Warner Cable speeds are now up to 350 Mbps and I cannot wait until Google Fiber is installed in my house for 1 Gbps up/down.
I am going to rocking and rolling at that point!!!
Newbie to iperf3, Do you mind letting me know how to run this iperf3 thing to test my network throughput?
-
Power supply installed. Got the build installed and doing some basic tests. I just hooked it up as a DHCP client to my current internal network and did some tests with the dhcp and dns server and some throughput tests over NAT.
900+MBit/s either direction using iperf3.
So yup, definitely gigabit routing - i was expecting this.
CPU temp topped out at 39c. I currently don't have a fan on it at all. Doesn't seem like I'll need one, but I have 3 40mm and a bracket still enroute, but I think this thing would definitely function well fanless even.
I set a 100MB /tmp and 200MB /var ramdisk and I think my memory peaked out at 5% of 8gb :)
Glad you like it! I am loving mine as well. I have the 3x 40mm fans installed and it's all located here in my office and I still can't hear it.
My iperf results topped out at 930 Mbps which I'm sure could be increased with a little tweaking here and there but I am very satisfied. My Time Warner Cable speeds are now up to 350 Mbps and I cannot wait until Google Fiber is installed in my house for 1 Gbps up/down.
I am going to rocking and rolling at that point!!!
Newbie to iperf3, Do you mind letting me know how to run this iperf3 thing to test my network throughput?
Easiest way is to install the iPerf 2.0.5.2 from the Package Manager. Be advised, I don't believe that version is compatible with iPerf 3.0 so go to https://iperf.fr/iperf-download.php and download version 2.0.5.2 for whatever OS your computer is.
Now it doesn't matter if you run the server or the client on your pfSense box and vice versa with your computer. Just make sure and do 1 on each, obviously.
I ran the server on my computer which is running Windows 10 by opening a command prompt and navigating to the folder that the iperf files are in.
Once you've done that, type "iperf -s" without the quotes and press enter.Next, connect to your pfSense box by SSH, Serial, or maybe you have a monitor and keyboard connected directly to your pfSense box.
Make sure you know the local IP address of the computer you ran the server on and then open shell and type "iperf -c x.x.x.x" without the quotes and fill in your other IP address for x.x.x.xIf you did everything correctly you should see the following. Mind you, I normally get about 930 Mbits/sec but am currently downloading a couple torrents! 8)
Hope this helps!
-
Thank you. It worked.
I can't click the thank you button on your post buz 'I have already posted a thanks to this topic', thats odd.
-
@BlueKobold:
Can you have a look at the LAN Port LED´s please, are they on or off?
Thnx for that.They are on.
Now it doesn't matter if you run the server or the client on your pfSense box and vice versa with your computer. Just make sure and do 1 on each, obviously.
I ran the server on my computer which is running Windows 10 by opening a command prompt and navigating to the folder that the iperf files are in.
Once you've done that, type "iperf -s" without the quotes and press enter.Next, connect to your pfSense box by SSH, Serial, or maybe you have a monitor and keyboard connected directly to your pfSense box.
Make sure you know the local IP address of the computer you ran the server on and then open shell and type "iperf -c x.x.x.x" without the quotes and fill in your other IP address for x.x.x.xUnless I'm misunderstanding something, you're not testing routing throughput. You're testing the speed of the NIC and the speed of your switch. To test routing throughput you really need to have a iperf system on either side of the router (not within the router. The router is "local" to both sides and thus there is no routing/NAT going on in your scenario.