Small build… again...
-
Another reservation is obviously absense of hardware AES…
That will be an issue for both OpenVPN performance and perhaps most critically future releases of pfSense.
https://www.netgate.com/blog/pfsense-2-5-and-aes-ni.html
…starting with v2.5 all CPU's must support AES-NI!
-
I know. I looked at N3150/N3160 systems but all reasonably priced ones have realtek NICs. So what is worse - not having AES-NI or not having Intel NICs?
-
I know. I looked at N3150/N3160 systems but all reasonably priced ones have realtek NICs. So what is worse - not having AES-NI or not having Intel NICs?
Spend a few more bucks and avoid both.
-
May be I'm not looking at the right things, but at the moment "a few bucks" actually translates into 2-3 times more. As I said I can get J1800 barebone for $90 and N3150 for $100. But ideal configuration of N3150+i211 from jetway would be $300+
-
https://store.netgate.com/MBT-2220-system.aspx
https://store.netgate.com/MBT-4220-system.aspxIf you want good hardware you have to spend some money, especially if it needs to be small form factor with low power consumption.
-
Those are definitely not good value for money. If I was going to spend that much I would just get something by jetway or shuttle and not bother with atom based devices…
-
Lol. Good luck then.
-
I know. I looked at N3150/N3160 systems but all reasonably priced ones have realtek NICs. So what is worse - not having AES-NI or not having Intel NICs?
Spend a few more bucks and avoid both.
Couldn't agree more with this sentiment!
For what its worth - I've had really good experience with Qotom devices, they're reasonably priced for what they offer and more than sufficient for your throughput requirements. But, still more expensive than the $90 or so you've mentioned in earlier posts.
-
Yes, qotom and minisys devices look interesting and definitely cheaper than netgate ones… This exactly kind of advice I was looking for, thanks :)
-
If you are going to stay with pFsense, largest support base, you have no choice but go with something AESNI-ready and that means dump Bay Trails. Rather than looking for a kludgy Ethernet dongle, I like the one-LAN-port solution with VLAN, (second port rides on a virtual port) assuming you already have a VLAN-capable ethernet switch. Nick's Hardware on youtube has an excellent video how to configure this, otherwise I don't really know how much cpu u need, I don't run VPN.
-
Forget the J1900. A J3355 motherboard has much better performance and still runs under $60. Then get a case with a riser to mount your quad port card horizontally above the motherboard. Done.
A cheaper option depending on your location may be an APU2.
-
That connection definitely will do great on an APU2.
