SG-1000 <–> SG-3100 ..... Gap
-
If two ports are enough, I strongly recommend our Minnowboard Turbot Dual-E models:
https://store.netgate.com/MBT-2220-system.aspx
https://store.netgate.com/MBT-4220-system.aspx
-
Thanks, I was looking for the extra port ideally.
Is there a reason why these MBT's are not listed on the "pfSense Hardware Systems"?
-
They were supposed to be official appliances, however due the HDMI bug that would take too long to fix in FreeBSD we were forced to sell hardware only. Read here https://www.netgate.com/blog/introducing-sg-2320-and-sg-2340-appliances.html
I have quad core model, pfSense works perfect on it. It's even recognized as SG-2340 or SG-2320 as pfSense.
-
Thank you for your responses to my questions.
However, I still have no suitable 3 port hardware replacement for the APU in the near future.I have a number of SG-1000's which are delightfully small, but they get hot in enclosed environments and also need a switch for additional Lan ports.
-
… due the HDMI bug ... we were forced to sell hardware only.
Thanks for the clarification!
I asked about the differences some time ago but never got an answer until now. -
@Gil:
However, I still have no suitable 3 port hardware replacement for the APU in the near future.
There's still the APU2 available. 3 Intel NICs and AES-NI implemented. You can even choose a version with 4GB Ram.
Get a Gold subscription to support the project along with the APUs. Isn't it great to have a choice? -
Perfect plan.
Thanks for the tip. -
They were supposed to be official appliances, however due the HDMI bug that would take too long to fix in FreeBSD we were forced to sell hardware only. Read here https://www.netgate.com/blog/introducing-sg-2320-and-sg-2340-appliances.html
I have quad core model, pfSense works perfect on it. It's even recognized as SG-2340 or SG-2320 as pfSense.
Can you elaborate (or give a link) on what the HDMI issue is? The netgate post is vague and describes the issue as a show-stopper. However, you seem to have it running pfsense well.
-
You cannot use the HDMI port to output video with FreeBSD. Other than that the device should work.
But you can't sell it commercially if an anvailable port isn't working or gives troubles. -
You cannot use the HDMI port to output video with FreeBSD. Other than that the device should work.
But you can't sell it commercially if an anvailable port isn't working or gives troubles.Not quite. The HDMI port works fine so long as the monitor is plugged in at boot time.
What you can't do is boot headless and then attach a monitor later to reach the console after the system is up and running. It won't have video output until the hardware is rebooted.
If you don't care about that, or have it plugged into a KVM or HDMI switch then it's a moot point, but it was enough for us to not sell it as a firewall device directly.
-
Thank you for the details re the HDMI connection.
-
For my circumstances I would be happy to accept the HDMI / Free BSD issue. But the MT devices are relatively large and only have 2 x NICs.
I still believe that Netgate has a gap in supported devices, which lies between the SG-1000 and the SG-3100.
The APU2 appears to fill this nicely, with a small form factor, 3 x NICs, and AES-NI support.
It will run the community version of pfSense (at least up to v2.5) and it seems that you can also purchase gold support for it –??Netgate used to sell APU devices with the Netgate brand. Is there a reason why they could not do this with APU2 devices?
Is it a commercial hurdle with PC Engines? -
Relatively large? I'm having trouble understanding where exactly you want to deploy these devices. I would understand if it's space station or a submarine, but Minnowboard is not relatively large, it's very small.
-
ROTFL
@Gil:
Netgate used to sell APU devices with the Netgate brand.
And now they sell devices built to their specs from ADI engineering.
You will almost always want a device with just one more port. Been there, done that.
I'd personally use a managed switch with VLANs and "one more" will end at VLAN ID 4096… -
From a networking view point, I certainly wouldn't argue. I'd no doubt be out of my depth in any case.
However, we don't all have the luxury of installing remote devices in racks with controlled environments and unlimited power sources.
From my perspective; pfSense provides more than an opportunity for an Enterprise level solution, but it also filters down to very hardy, small & inexpensive devices that will do incredible things.I am interested in the comment about ADI building for PC Engines. I have no idea about who is providing the engineering for what.
I don't wish to tread on any toes regarding the politics of hardware development, I just want maximum choices & also to see the project continue through appropriate support. -
No, ADI doesn't build for PC Engines. We use ADI Engineering as manufacturer.
-
However, I still have no suitable 3 port hardware replacement for the APU in the near future.
You will be able to go with the pfSense SG-2440 as you need one or two ports more! In the other way please
accept that the development and engeenering team is working hard on newer devices, but to solve them all
they are doing here and there something that all users, customers and clients will be sorted right. Please
accept this. For sure the newer ARM devices range or further series will be a first try out and yes, for small
companies this can be really different to hit the right point or value the most of us have. I am pretty sure
that they will not leace the other alone, but lokking what is going on exactly now in time I mean, is also
really urgent;- C2000 Serie was out
- AES-NI, QAT and DPDK are on the road
- ARM support was comming and each pfSense image must be more then for other platforms matching the only
one platform due to drivers and other things, so there is no way to offer a small pfSense genric ARM image!!! - ARM64 support is on the road
- C3000 platform is under construction and testing
- Rewriting pfSense 3.0 and totally new from the sratch
Perhaps we will see at one day something between this both units (SG-1000 and SG-3100) others vendors
as SolidRun ClearFog Base and Pro will be offering that "gap" between those units too! So it is not only able
to tend on the pfSense it selfs.So you see it will be happen all at this time and if the pfSense version 3.0 will be done I think they will have more
time to solve other things as you and others are asking here.For my circumstances I would be happy to accept the HDMI / Free BSD issue. But the MT devices are relatively large and only have 2 x NICs.
MT divices are coming with one or two ports and you wish to have one more then three ports, is this right?
I still believe that Netgate has a gap in supported devices, which lies between the SG-1000 and the SG-3100.
If there will be at one day a smalle ARM based unit that will be able to delivers 2, 3, 4 and 6 Ports you will be
impressed, but only because you are asking they don´t do it. And ARM64 support is also on the road!The APU2 appears to fill this nicely, with a small form factor, 3 x NICs, and AES-NI support.
You may be able to get another different case and inserting a miniCPie card that is offering dual GB LAN Ports.
It will run the community version of pfSense (at least up to v2.5) and it seems that you can also purchase gold support for it –??
With each hardware from here or there you will be able to get a Gold membership if you are interested in! It is hardware
indipendent thing as I am right informed and will support the project.Netgate used to sell APU devices with the Netgate brand.
When and where this was done?
APU1C4 DIY KitThis kit was sold in the netgate sjop, but as a APU1Cx kit and nothing to do with netgates
others prodcut range or hardware in their shop. Other do as well here in Germany, they were
selling products from PC Engines, Soekris and MikroTik like their customers were asking for.Is there a reason why they could not do this with APU2 devices?
What should they do with the APU2Cx platform? You and me, if we both are running a real shop or company
will be able to call PC Engines and order perhaps >1000 units from them, to sell them then in our shop,
company or over elsewhere without any issues or hassle. They are rpoducing and selling now their own
hardware nothing more and nothing less.Is it a commercial hurdle with PC Engines?
Why? They sell to everyone such as private or business clients without any problems.
-
Thanks for the reply and all the info.
In answer to your question about the Netgate APU purchases, they were done as complete units - not the kit: (APU1d4)
http://store.netgate.com/mobile/APU4.aspx
I install this equipment in remote sites under harsh climates. The APU routers have performed very well - reaching extreme CPU temperatures that would boil water.
This is also a concern for the thermal properties of an SG-1000; there is not much room for natural air convection. Has anyone enhanced the heatsink on an SG-1000 ?Regarding the Minnow options:
The MBT units don't have 3 ports, which means I need to add additional hardware for a second LAN port - there is very limited room in the security boxes.My comments are not meant as criticisms, I am very impressed with the hardware that has been available and with the pfSense developments. I am simply conveying my perspective as a user (albeit - one who pushes the envelop of endurance a little).
-
When are new x86 models coming out. I'm concerned about being able to run only arm binaries on these new models.