New hardware
-
@jknott said in New hardware:
The Netgate takes a 12V 2A power supply, which means it runs less than 24W. The Qotom takes 15W, so there's not much difference.
The CPU TDP is 15W
The NIC's (Phy's) + other electronics also consumes
My Qotom came w. a 12V/5A PSU
/Bingo
If you find my answer useful - Please give the post a š - "thumbs up"
pfSense+ 23.05.1 (ZFS)QOTOM-Q355G4 Quad Lan.
CPUĀ : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
LANĀ : 4 x Intel 211, DiskĀ : 240G SAMSUNG MZ7L3240HCHQ SSD -
@bingo600 said in New hardware:
Other architectures have Crypto instructions too , but not AES-NI
So, what does pfsense do with those Crypto instructions? Ignore them? I could be wrong, but I would assume software written for an ARM CPU would take advantage of the ARM instructions.
It's been a while since I've written software, but I seem to recall compilers can link in appropriate libraries for the different target hardware.
PfSense running on Qotom mini PC
i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
UniFi AC-Lite access pointI haven't lost my mind. It's around here...somewhere...
-
@jknott said in New hardware:
@bingo600 said in New hardware:
Other architectures have Crypto instructions too , but not AES-NI
So, what does pfsense do with those Crypto instructions? Ignore them? I could be wrong, but I would assume software written for an ARM CPU would take advantage of the ARM instructions.
It's been a while since I've written software, but I seem to recall compilers can link in appropriate libraries for the different target hardware.
There are some threads concerning that. To the best of knowledge it does ignore them at the moment.
I have sent you a private message...
-
@jknott said in New hardware:
@bingo600 said in New hardware:
Other architectures have Crypto instructions too , but not AES-NI
So, what does pfsense do with those Crypto instructions? Ignore them?
If Netgate want their ARM boxes to perform decent w. crypto they probably have enabled the usage of any Crypto instructions available.
I could be wrong, but I would assume software written for an ARM CPU would take advantage of the ARM instructions.
On embedded programming you often have to make sure to use the correct libraries. It's usually done with a couple of compiler switches , that pulls in the correct linker library. Sometimes you even have to set a few bits in the MCU , in order to enable any "Crypto part in the MCU" , often "extensions" are disabled on POR , to minimize power usage.
It's been a while since I've written software, but I seem to recall compilers can link in appropriate libraries for the different target hardware.
Yepp , if being told to do so.
But you were referring to AES-NI
And i replied correctly it was an Intel extension./Bingo
If you find my answer useful - Please give the post a š - "thumbs up"
pfSense+ 23.05.1 (ZFS)QOTOM-Q355G4 Quad Lan.
CPUĀ : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
LANĀ : 4 x Intel 211, DiskĀ : 240G SAMSUNG MZ7L3240HCHQ SSD -
@jknott said in New hardware:
@jwj said in New hardware:
What do you see as the lifespan of this device?
Well, based on my other experience, until something significantly better comes along or it dies (as happened with my previous firewall). I'm not one to run out and buy the latest & greatest, unless it yields significant improvement. For example, if a pfsense update had required AES-NI, then I would have bought something that supports it, as the HP computer I was running didn't.
Another example, my current desktop computer case originally had a 32 bit CPU. I've since replaced the mom board a couple of times. The case is so old it's cream coloured, not black (matches my IBM model M keyboard, but not much else). I also recently finally got an AP that support 5 GHz.
BTW, that keyboard is built like a tank and old enough to not have a Windows key.
I'm very much the same. For example, my 2015 VW Golf is just about broken in. I'll drive it until it has no value and then replace it.
Buy nice things and use them, don't worry about the new things until your done with the ones you have ;)
-
@bingo600 said in New hardware:
My Qotom came w. a 12V/5A PSU
How much does it actually consume? What does the label by the power connector say? The info I saw listed 12V 2A. It's good practice to over spec things like power supplies, provided you don't go overboard. Either way, both devices are in the same ballpark and will require far less power than the HP desktop computer that's being replaced.
-
@jknott said in New hardware:
@bingo600 said in New hardware:
My Qotom came w. a 12V/5A PSU
How much does it actually consume?
I haven't measured it yet , i might
Either way, both devices are in the same ballpark
I would expect the 2100 to use less than the Qotom.
Guesstimate ... Around half.and will require far less power than the HP desktop computer that's being replaced.
I totally agree
-
@bingo600 said in New hardware:
But you were referring to AES-NI
My original intent was to write AES-NI or equivalent, but I didn't bother.
-
@jwj said in New hardware:
I'm very much the same. For example, my 2015 VW Golf is just about broken in. I'll drive it until it has no value and then replace it.
Buy nice things and use them, don't worry about the new things until your done with the ones you have ;)I'm driving a 2005 Ford Taurus and it's still going strong. I generally drive my cars until the wheels fall off.
-
No matter what it will soon be new hardware day. That's a happy occasion. Cheers!
-
@jwj
One other thing I just noticed about the Netgate box. It doesn't appear to have a video port. That's not critical, as I do have a USB serial port, but I have a 4 port HDMI/USB KVM, which I used to connect to my old firewall. I could just switch from my computer to my firewall as needed.
-
@jknott Yeah. The Qotom has a HDMI port and a serial port. I'm assuming you can select the HDMI in bios settings and that will work perfectly.
If I need to get at the console it's because something is very wrong. Last thing I want to do is mess around with a serial console cable and putty.
-
@jwj said in New hardware:
Last thing I want to do is mess around with a serial console cable and putty.
I've used serial ports enough times over the years, that's not an issue for me. I'd just need a gender bender, as that appears to be a male connector on it. I've made up enough of those and probably have a couple around here. I bought that adapter years ago, to configure telecom gear.
PfSense running on Qotom mini PC
i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
UniFi AC-Lite access pointI haven't lost my mind. It's around here...somewhere...
-
So, pros and cons of each?
Shortly, summer, they'll be running the same version of pfSense, pfSense +.
I think the SG line will be "tuned" (system tunable, etc) out of the box, I'm not sure that's a big differentiator.
-
@jknott said in New hardware:
@jwj said in New hardware:
Last thing I want to do is mess around with a serial console cable and putty.
I've used serial ports enough times over the years, that's not an issue for me. I'd just need a gender bender, as that appears to be a male connector on it. I've made up enough of those and probably have a couple around here. I bought that adapter years ago, to configure telecom gear.
I'm using the Qotoms w. serial.
You can set (in bios) "Console" as serial (Ie. VT100) , and then even the Bios settings can be accessed via "Putty".You need a (USB) Serial , and a NULL-Modem cable.
/Bingo
-
@bingo600 said in New hardware:
@jknott said in New hardware:
@jwj said in New hardware:
Last thing I want to do is mess around with a serial console cable and putty.
I'm using the Qotoms w. serial.
So do I here! Its not exactly a Qotom - I bought that Box from a Shop called Kettop - but looks like a Qotom. (I guess its a rebranded Qotom because dmidecode says: Product Name: Q3XXG4-P)
I choose to add myself the RAM because I read that the RAM those boxes come with are not quite reliable.You can set (in bios) "Console" as serial (Ie. VT100) , and then even the Bios settings can be accessed via "Putty".
You need a (USB) Serial , and a NULL-Modem cable.
Exact! (I had a original serial cable and a machine with a real serial port - left over from Fido-Modem-Times
)/Bingo
Regards,
fireodo -
I have just ordered the Qotom.
PfSense running on Qotom mini PC
i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
UniFi AC-Lite access pointI haven't lost my mind. It's around here...somewhere...
-
my folks are checkin this piece of hardware right now!
thanks for reminder.
brNP -
The new computer has arrived. It took 1 week from Hong Kong to here, including 1 day wasted by DHL claiming I declined delivery when they didn't even come to my door.
One thing I've noticed is pfsense shows the AES-NI instructions are available, but inactive. Will they become active, once I have my VPN set up?
PfSense running on Qotom mini PC
i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
UniFi AC-Lite access pointI haven't lost my mind. It's around here...somewhere...
-
@jknott said in New hardware:
One thing I've noticed is pfsense shows the AES-NI instructions are available, but inactive. Will they become active, once I have my VPN set up?
Advanced settings, Misc, part way down select Cryptographic Hardware dropdown and choose AES-NI :)
