Intel NUC-like recommendations for home usage? (100MB fiber & ~3 VPN users)
-
Hello everyone!
I've been searching the Internet for a while now and I just couldn't find proper device for my needs.
- I'm using 100/100MB fiber connection
- My plan is to have 'solid' ~3 simultaneous OpenVPN connections
- I don't want any ATX/ITX solutions so the smaller device is the better. It has to be very silent or even fanless.
- I don't want to risk pfSense's driver support so both LAN ports has to use Intel's ethernet chip
I think i3 would be the cheapest solution with AES-NI support?
Thanks in advance!
-
I think i3 would be the cheapest solution with AES-IN support?
For sure it will be the cheapest solution, but the SG-2220 is the smallest and mostly power saving
solution for you. And by the way I would never go with an NUC, or it must be coming sorted with
two Intel NICs, but then more the SG-2220 or SG-2440 units from the pfSense store.- no turning parts
- M.2 and miniPCIe slot
- AES-NI
-
Isn't this http://www.hystou.com/products/mini-pc-thin-client/mini-desktop-computer/barebone-fanless-mini-computer-desktop-pc-intel-celeron-1037u-htpc-alloy-case-with-usb30-1084.html way smarter choice because of better price and faster CPU? Physically it is a bit bigger but that is not a problem especially for this price difference.
-
Isn't this http://www.hystou.com/products/mini-pc-thin-client/mini-desktop-computer/barebone-fanless-mini-computer-desktop-pc-intel-celeron-1037u-htpc-alloy-case-with-usb30-1084.html way smarter choice because of better price and faster CPU? Physically it is a bit bigger but that is not a problem especially for this price difference.
It is a really shiny platform but do you know if this is or will be supported by pfSense?
If it runs not on this bare bone you spend money for nothing! But to make a break between all the solutions
or to come closer to the point that you will be able to build one good box, it could be that this ready to go
solution is able to buy for you.
Jetway 4 GB LAN Port
Jetway 5 GB LAN PortOtherwise it would be goo to know what exactly your budget is! This will help many times more then
we play here a guesswork game. -
Of course I don't know will it be supported or not. Though it would be very strange move by pfSense if they stop to support Intel's x86 platform.
Anyways I forgot to mention my budget which is ~250€. I don't live in US so my goal is to avoid additional taxes etc.
Thanks for Jetway, I need to check their's collection because I would be totally fine with just 2 ethernet ports.
-
When looking at the website you provided I see the description says -2-Gigabit RJ45 but I do not see a manufacturer. Generally Intel Gigabit Ethernet interfaces are preferred for maximum pfSense performance, so I would check on that and also the pictures only show 1 RJ45 jack, so make sure your getting what you think.
One of the reasons Frank and I recommend Netgate/pfSense gear is due to the fact that these people support open source directly, so any additional costs will be returned directly through benefit to the software. We are not hardware pimps, we simply make recommendations on proven gear. Jetway does make good gear, just make sure you buy from a reputable seller in case you have problems. I understand taxes and shipping can be costly…
RMA and support are things to consider. where might you find a newer bios for that slim box?
Just saying...... -
Of course I don't know will it be supported or not.
But this would be a real goal to know it, otherwise you will be spend ~$102 for nothing!
For sure you could thing now I was suggesting the SG-2220 unit from the pfSense shop
because this is the pfSense forum and so on, but no, I was suggesting it because for 100/100 MBit/s
and some VPN tasks and perhaps snort it will be sufficient enough. Thats it.Though it would be very strange move by pfSense if they stop to support Intel's x86 platform.
They won´t do that trust me! You can easily buy a self made box likes;
Intel Celeron G3260T @3,2GHz
mini ITX board & case & PSU
2 x 4 GB RAM
SSDThis machine runs like hell for you and you would be able to push and router 1 GBit/s WAN traffic
with this for sure, but you were saying you don´t want to go by a mini ITX box, you want it smaller
and more power saving! And so the SG-2220 unit was really the thing I was thinking first on.You can also try out to get your hands on a PC Engines APU 1D4 board that is also smaller, power saving,
and hard enough to serve you, for sure without problems. For something around ~220 € here in Germany
I don´t know where you are living and if this box would be fine for you. So it will be a good choice to know
from where you are, sorry for that but then often we can help you much more, likes this;- You are an aussi (from Australia) go yawarra.com
- You are from Canada go Corpshadow.biz
and so on.
Anyways I forgot to mention my budget which is ~250€.
It s ok, that matches the Celeron G3260T and APU1D4 solution for sure!
I don't live in US so my goal is to avoid additional taxes etc.
Perhaps in Canada? Its available for $192 there (APU1D4)!Thanks for Jetway, I need to check their's collection because I would be totally fine with just 2 ethernet ports.
Then go woth the 4 GB LAN Port solution. It has;
- 2,4GHz on 4 CPU cores
- 2 miniPCIe Slot & 1 SIM slot
- Up to 8 GB RAM
- mSATA support
- and the best you can easily go with an normal common PSU that will be connected directly to the board
it self, then you will be able to run Squid & SquidGuard & Snort & DansGuardian & SARG and VPn on top
for sure it will be also route up to 1 GBit/s at the WAN Port!
-
I hope I did not come across like a jerk. I think this all boils down to brand. Un-branded products might be fine, but you should ask yourself, If the manufacturer is not willing to put his name on the product, what does that tell you? Probably inferior specification and the manufacturer wants no blame for crap design. We know the Chinese are capable of making quality goods, They just need the proper specifications …They can only produce what is asked of them. Hence brands and design houses.
-
Some small boxes that I would like to try…
http://www.jetwaycomputer.com/JBC311U93.html
http://www.aopen.com/eu/shop/products/digital-engine-de3250
http://www.asrock.com/ipc/overview.asp?Model=uBOX-110
http://ipc.msi.com/eu/product/pages/ipc/MS-9A75.html
-
@BlueKobold:
Perhaps in Canada? Its available for $192 there (APU1D4)!
Whish my english was that good. :P I'm actually from Finland. :)
Today I've noticed that MSI has also released some very solid boxes http://ipc.msi.com/product/pages/ipc/MS-9A69.html which might be perfect for pfSense. Knowing MSI I'm sure these models won't be as cheap as those chinese ones.
Yes you are right that buying random box from Aliexpress is a bit of a risk when it comes to HW support.
-
If your budget does not permit more then give it a try. If its first rig then why not..I just went off on a brand tangent!!!
-
Whish my english was that good. :P I'm actually from Finland. :)
Ok here we go, the PC Engines APU 1D4 is able to get here from the Varia-Store as a
complete bundle pre-installed with pfSense! Board, Case, PSU and 16 GB mSATA for 250 €
but if you buy this things all as a single spare part you only have to pay 187 € and then a
WiFi card could also be in the game for you if this is a must be and on top the shipping cost
of ~13 € (12.49 €) they are shipping world wide to nearly every country in the world!The language can be changed to english in the upper right corner:
PC Engines BundleSingle spare parts of the PC Engines APU:
Board ~169 €
PC Engines Enclosure for APU1D Series ~14 €
16 GB mSATA ~34 €
Null modem cable ~2 €
A PSU must match the coutry regulations of Finland and is able to get for ~6 € - 7 € also in the shop.
Shipping cost ~13 €are in total amount of money = 239 € and you got all you need to install pfSense!
Available spare parts that could match also or could be interesting also for you are the following:
UBNT SR71-E ~40 €
Compex WLE200NX ~25 €
(Two WiFi miniPCIe cards)Wall mount kit for the APU case ~10 €
(able to chose over the drop down menu from the case section)ALIX RTC Batterie Kit ~6 €
(Spare part CMOS battery)
PC ENGINES Flash recovery board for apu ~17 €
(If something went wrong with an BIOS update!)
SATA data / Power Y-cable for APU
(to hug up a SSD or HDD)Today I've noticed that MSI has also released some very solid boxes http://ipc.msi.com/product/pages/ipc/MS-9A69.html which might be perfect for pfSense. Knowing MSI I'm sure these models won't be as cheap as those chinese ones.
But there is no price out now and this was only promoted in the press until now and not launched yet.
Yes you are right that buying random box from Aliexpress is a bit of a risk when it comes to HW support.
If money is the real problem you could also save some more month your money and then you will be able
to buy something more fancy but the APU board is one of the most common boards used for pfSense and
other firewalls without the need of all packets and services, as you was also describing it here.And if at any day some or more GB LAN Ports are needed or a real HDD/SSD sould be installed
you could then go with this two things to upgrade the appliance pfSense since 2.2.x is supporting it.
APU case for SSD and two more GB LAN ports
miniPCIe > 2 GB LAN PortsOr if at some days it must be a 19" solution for a cabinet or rack mount so you can easily go with this case
here also from the Varia-Store, so this APU board is widely used and supported to do or realize anything you
might to go or wish to do. 19" dual case -
Shuttle DS57U3 series
you need to go i3+ to get aes-ni: http://www.newegg.com/Product/Product.aspx?Item=N82E16856101163
i would just diy my own pc in a matx or itx build
-
this is cheaper
http://www.newegg.com/Product/Product.aspx?Item=N82E16856173097
-
Isn't this http://www.hystou.com/products/mini-pc-thin-client/mini-desktop-computer/barebone-fanless-mini-computer-desktop-pc-intel-celeron-1037u-htpc-alloy-case-with-usb30-1084.html way smarter choice because of better price and faster CPU? Physically it is a bit bigger but that is not a problem especially for this price difference.
There's a whole thread on these boxes, https://forum.pfsense.org/index.php?topic=75415.0. Basic consensus, by people that own them is that they appear to work fine, if you get the version with the intel nics. I have one and there are no issues. I use it as a pure router, no wireless or other functions. I purchased mine from here, http://www.aliexpress.com/store/800900. This is the basic info I posted about it, https://forum.pfsense.org/index.php?topic=75415.msg489551#msg489551.
There is no support, so if there are any issues, you must pay to ship back to china. If you want support, I would suggest a name brand board. I would probably go with one new atom boards if I was building one now. As you want three VPNs, I would probably stay away from this board.
-
Does anyone know which ethernet chip this model http://www.pcpsol.com/index.php?m=Products&a=show&id=113 is using? So far it looks to be the best among MSI http://ipc.msi.com/product/pages/ipc/MS-9A69.html
-
OK. After doing some research I found out that EMB-S294B1-M is using Realtek's NICs so that's about it.
At this moment the only i3 boxes which are using Intel NICs are:
MSI MS-9A69 & Shuttle DS57U3
MSI is almost impossible to buy atm and Shuttle is over 400€(after RAM and SSD/USB storage). :( The hunt goes on…
-
Has anyone spoted any new NUC-like models with Intel's LAN chips & HW AES-NI support?
-
Your best bet is still:
https://store.pfsense.org/SG-2220/ or
http://store.netgate.com/ADI/RCC-DFF-2220.aspxWith your purchase you support this project AND you get 1 year Gold-Membership ($99) with all the benefits as well.
-
@BlueKobold:
Isn't this http://www.hystou.com/products/mini-pc-thin-client/mini-desktop-computer/barebone-fanless-mini-computer-desktop-pc-intel-celeron-1037u-htpc-alloy-case-with-usb30-1084.html way smarter choice because of better price and faster CPU? Physically it is a bit bigger but that is not a problem especially for this price difference.
It is a really shiny platform but do you know if this is or will be supported by pfSense?
If it runs not on this bare bone you spend money for nothing! But to make a break between all the solutions
or to come closer to the point that you will be able to build one good box, it could be that this ready to go
solution is able to buy for you.
Jetway 4 GB LAN Port
Jetway 5 GB LAN PortOtherwise it would be goo to know what exactly your budget is! This will help many times more then
we play here a guesswork game.Don't choose the 5xLAN one, it's 1 x LAN onboard + 4 x LAN using daughter board, which is PCI-E x1 only, definitely won't be able to run at full speed at the same time.
-
Your best bet is still:
https://store.pfsense.org/SG-2220/ or
http://store.netgate.com/ADI/RCC-DFF-2220.aspxWith your purchase you support this project AND you get 1 year Gold-Membership ($99) with all the benefits as well.
As I've already stated I do not want Atom box because of poor AES-NI support.
I've just found this box under 200€ (excluding RAM) with dual Intel NICs: http://www.aliexpress.com/item/Partaker-I4-Mini-Computer-Fanless-Mini-PC-Windows-10-Core-i3-4010U-i5-4200U-i7-4510U/32608793402.html
ps. Thans for the Prime Circle tip. Based on a few songs they sound very good. ;)
-
As I've already stated I do not want Atom box because of poor AES-NI support.
That is not a very informed decision of you. You can't compare earlier 3-digit Atom CPUs with current top of the Line Atoms like the Exxxx or even the mentioned C2000 Atom Cores. Those are FAR better than their old bad reputation. As already confirmed, a C2758 Appliance for example DOES support AES-NI AND QuickAssist and can easily rund and encrypt near Gigabit wirespeed. A C2358 or C2558 (the 2 and 4 core variants) are also having support for AES and QA and do happen to satisfy those, that need around 100-200MBit/s fully encrypted. So no need for strange or shady desktop'ish CPUs with high TDPs.
-
Can you be more specific, what do you mean by "poor AES-NI support"?
The ATOM CPU is running a different AES-NI instruction, or something else? My understanding is, the instructions are the same for all Intel CPU if they are marked as "AES-NI" capacbleYour best bet is still:
https://store.pfsense.org/SG-2220/ or
http://store.netgate.com/ADI/RCC-DFF-2220.aspxWith your purchase you support this project AND you get 1 year Gold-Membership ($99) with all the benefits as well.
As I've already stated I do not want Atom box because of poor AES-NI support.
I've just found this box under 200€ (excluding RAM) with dual Intel NICs: http://www.aliexpress.com/item/Partaker-I4-Mini-Computer-Fanless-Mini-PC-Windows-10-Core-i3-4010U-i5-4200U-i7-4510U/32608793402.html
ps. Thans for the Prime Circle tip. Based on a few songs they sound very good. ;)
-
Another solid option for pfSense HW: https://geizhals.eu/shuttle-xpc-slim-ds68u-peb-ds68u001-a1525974.html
http://www.shuttle.eu/fileadmin/resources/download/docs/spec/barebones/DS68U_e.pdf
- Dual Intel NICs
- AES-NI support
- Various storage options (SD card, USB, SSD etc)
Quite solid price even with a single 2 or 4GB DDR3 memory stick.
-
zoltac ci323/ci325
-
One of the new NUC's has thunderbolt.
Does BSD support external pci cages for nics?