Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Hardware suggestions

    Scheduled Pinned Locked Moved Hardware
    22 Posts 9 Posters 6.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      Guest
      last edited by

      Those china boxes are sold on amazon too. The j1900 is old, they sell Core i3 4th gen and Celeron based (all with AES-NI) boxes with Intel NIC's as well. TDP around 15w.

      i.e.: https://www.amazon.co.uk/Qotom-Q330G4-Industrial-Fanless-Mini-Storage/dp/B06Y5ZGQJ4/ref=sr_1_1?s=computers&ie=UTF8&qid=1494942008&sr=1-1&keywords=Q330G4

      1 Reply Last reply Reply Quote 0
      • P
        pfBasic Banned
        last edited by

        What makes you say VLAN isn't a security feature?

        Also,  NICs consume power too. PRO/1000 consumes a lot. ixxx  series are much more efficient.

        1 Reply Last reply Reply Quote 0
        • ?
          Guest
          last edited by

          PRO/1000 also gets reasonably hot. If you stick 4 or more of them in a small box you'll need airflow because otherwise the combined head of the motherboard chips, CPU and NICs will ramp up pretty quick.

          1 Reply Last reply Reply Quote 0
          • ?
            Guest
            last edited by

            -2 NICs (of course ;) )

            The SG-1000 or SG-2220 unit from the pfSense store would be nice matching too!

            -my speed requirements are pretty low, my WAN is only 100/40 and of course there will be wifi but again that'll be below 1GBIT/s

            Can please clarify what is exactly "below 1 GBit/s"

            –"cheap"

            Is 200 Euro - 300 Euro ok?

            • APU2C4 bundle
            • mSATA 30/60/120 GB
            • UBNT SR71-E or Compex WLE200NX
            • Antennas & Pigtails
            • Console cable & USB > Serial adapter
            1 Reply Last reply Reply Quote 0
            • ?
              Guest
              last edited by

              @pfBasic:

              What makes you say VLAN isn't a security feature?

              Because it's a management feature. It's basically just 'more network domains'. Instead of only having one physical network and one logical network you have many logical networks. While more networks could be used as part of a more secure network setup, they are not 'more' secure by themselves. VLAN technology isn't only implemented using 802.1q, there are other tagging and segmentation technologies out there.

              1 Reply Last reply Reply Quote 0
              • bingo600B
                bingo600
                last edited by

                @johnkeates:

                @pfBasic:

                What makes you say VLAN isn't a security feature?

                Because it's a management feature. It's basically just 'more network domains'. Instead of only having one physical network and one logical network you have many logical networks. While more networks could be used as part of a more secure network setup, they are not 'more' secure by themselves.

                I agree with the above.
                But:
                Vlans make  (L2 separation) easier & cheaper to implement , and therefore i would say it would be "more probable" to be implemented. And a proper L2 separation would make your network less error prone , both from a broadcast domain perspective , and an "infection" perspective. Especially the latter would count as better security in my book.
                Besides it would prob. make the fw rules easier to implement. , less complexity is more secure.

                @johnkeates:

                VLAN technology isn't only implemented using 802.1q, there are other tagging and segmentation technologies out there.

                If you want vendor interoperapability .1q would be the only one to use.

                I have only ever used ie. Cisco ISL , until .1q was a standard. And nowadays you can't even chose ISL in the newer switches.

                Now: If pfsense (BSD) would be made fully VRF aware .. Yummy …..  ;)

                If you find my answer useful - Please give the post a 👍 - "thumbs up"

                pfSense+ 23.05.1 (ZFS)

                QOTOM-Q355G4 Quad Lan.
                CPU  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
                LAN  : 4 x Intel 211, Disk  : 240G SAMSUNG MZ7L3240HCHQ SSD

                1 Reply Last reply Reply Quote 0
                • F
                  fnkngrv
                  last edited by

                  @johnkeates:

                  Those china boxes are sold on amazon too. The j1900 is old, they sell Core i3 4th gen and Celeron based (all with AES-NI) boxes with Intel NIC's as well. TDP around 15w.

                  i.e.: https://www.amazon.co.uk/Qotom-Q330G4-Industrial-Fanless-Mini-Storage/dp/B06Y5ZGQJ4/ref=sr_1_1?s=computers&ie=UTF8&qid=1494942008&sr=1-1&keywords=Q330G4

                  My 330G4 arrived today and pfsense says that NIC 1 is igb0, NIC 2 is igb2, NIC 3 is igb3, doesn't see NIC four and as you can tell it is "missing" igb1.  Not happy and not sure what to do.

                  1 Reply Last reply Reply Quote 0
                  • G
                    gjaltemba
                    last edited by

                    I am sorry to hear that a nic is not working on your new Qotom. Is it a case that no driver for the nic?

                    Curious to know if it is listed at all in

                    pciconf -lvc

                    1 Reply Last reply Reply Quote 0
                    • F
                      fnkngrv
                      last edited by

                      @gjaltemba:

                      I am sorry to hear that a nic is not working on your new Qotom. Is it a case that no driver for the nic?

                      Curious to know if it is listed at all in

                      pciconf -lvc

                      Well the funny thing is that I have a couple other people telling me they have the same box without issue, but then also said they are not using all four interfaces on the card.  I can plug an active cat5 into all four interfaces and will show the status lights.  When I am in pfsense in the CLI and I choose to assign interfaces all four show yet they identify wrong and during the assignment as well if I choose auto then it doesn't see the fourth interface.  For grins in the next day or so I am going to try installing Ubuntu on it and Windows 10 for verification for usability for each interface.  It could be a pfsense bug or something.  I need all four ports so it is important for me to figure it out quickly before my return time expires.

                      1 Reply Last reply Reply Quote 0
                      • F
                        fnkngrv
                        last edited by

                        I installed Windows 10 and also Ubuntu on my QOTOM-Q330G4 today.  I confirmed that they must have performed a defective manufacturing job on the motherboard.  So in a nutshell I was able to confirm that they somehow managed to swap Int 2 and 4 on the board so that explains the behavior that I am seeing:

                        Int 1 –-> ibg0
                        Int 2 ---> ibg2
                        Int 3 ---> ibg3
                        Int 4 ---> ibg1

                        I would contact the seller on Amazon and see about submitting return, but this is the 2nd Qotom box that I have bought in the past month.  With them having to ship from/to China it becomes a PITA and then I would have to wait another week or two before I could get my new setup running which would not be good seeing as how I am already a few weeks behind.  I am almost out of return time with my Ubiquiti AC Pro from MicroCenter and really need to get my openVPN squared away for work.  It sucks, but I guess that I am just going to deal with it being messed up.

                        1 Reply Last reply Reply Quote 0
                        • bingo600B
                          bingo600
                          last edited by

                          That's not a fault  …. It's a QOTOM "feature"  ;)

                          
                          Mac   Phys port   BSD name
                          -----------------------------
                          xx6F    1          igb0
                          
                          xx70    4          igb1
                          
                          xx71    2          igb2
                          
                          xx72    3          igb3
                          
                          

                          That's the layout on my i5 , and a lot of other people reports the same "swap".
                          Now that you know it, you can just cable accordingly.

                          If it were linux you could swap the ifname vs mac-addr , i don't know if you can on FreeBSD.
                          But i don't see it as a problem , just a minor inconvenience.

                          /Bingo

                          If you find my answer useful - Please give the post a 👍 - "thumbs up"

                          pfSense+ 23.05.1 (ZFS)

                          QOTOM-Q355G4 Quad Lan.
                          CPU  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
                          LAN  : 4 x Intel 211, Disk  : 240G SAMSUNG MZ7L3240HCHQ SSD

                          1 Reply Last reply Reply Quote 1
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.