ESPRESSOBin
-
looks interesting! how does it perform? is it ready for production?
@jwt:
@johnkeates:
You could check with FreeBSD, once that's in working order we can do pfSense ;D
In this case, we were ahead of FreeBSD.
Edit: Removed quoted giant image.
-
@jwt:
"V1 UNSUPPORTED"
I'm told this should be fixed now. Thanks for reporting.
Thanks for fixing this. :)
I have one request for pfSense on EspressoBIN:
I'd very much like support for an external Gbit Ethernet via USB3.0 - like the Ugreen one mentioned earlier.
The reason I mentioned Ugreen's is that …-
It works with Armbian (as proof-of-concept; the driver sources can thus be used for reference)
-
It's not extremely expensive
-
There are variants that include a USB3.0 hub, thus might allow increasing the speed by adding a few extra ports.
Though I've been looking very much at the hardware schematic and hoped that the CPU was connected to the Topaz switch via the 2.5Gbit SerDes interface, this might not be the case.
People are reporting maximum throughput of 1Gbit/sec (some less, depending on what O/S they're running), but noone reports anything exceeding 1.4Gbit (I suspect that this number is a misunderstanding anyway).
If the CPU and Topaz are indeed interconnected via the SerDes, then there must be some hardware register that allows to switch the SerDes to 2.5Gbit/sec instead of using 1Gbit/sec.
Some people say that the Topaz switch is causing the slowdown (I don't know exactly what they mean, because I'm pretty sure it would speed up data sent from LAN-to-LAN).My plans were initially to use the Gbit Ethernet connected via USB3 for WAN and then the 3 ports on the switch for LAN.
However, that might not be a good idea if the total throughput on the switch is limited to 1Gbit (then there's no idea in connecting the extra ports to the switch, except for 'redundancy' - but cables usually don't break if you leave them alone).Instead, I think it would make more sense to connect several Gbit Ethernet ports via USB3 (the first one could be a USB3-hub + GbE, the next two (or 3) could be the cheaper adapters without USB3-hub.
If that would work, then those ports would be connected to my switch as LAN and the ports on the Topaz would be connected to WAN.
That'd separate WAN from LAN physically plus give the fastest downlink speed, allowing me to take advantage of a Gbit internet connection if/when an upgrade becomes available.
Regardless, the LAN speed is what's important (in my case and most other cases).I currently know of no recommendable Mini-PCIe GbE cards. I've seen a few, though, but I have no confirmation that they will work with the EspressoBIN. I've seen two models; one single-port and one dual-port card. One is a very tiny card (too tiny for mounting on the EspressoBIN), the other is the size that can be tightened with screws to the EspressoBIN board.
I'll be happy to try out pfSense on the EspressoBIN. I have two 2GB versions arriving one of the next couple of days. :)
-I'll also get one of those Ugreen GbE adapters with built-in USB3 hub; if I can get that to work with Armbian, I'll order a few of the simpler ones too. (I'm told that Armbian gets confused if using more than 3 devices on the USB ports, but I believe that USB3 would be close to saturated with a total of 3 GbE interfaces anyway). -
-
The problem with USB is that it's not an interface suitable for advanced network traffic. While it might be enough for basic home or prosumer usage, it's even worse than Realtek PCIe interfaces.
-
@johnkeates:
The problem with USB is that it's not an interface suitable for advanced network traffic. While it might be enough for basic home or prosumer usage, it's even worse than Realtek PCIe interfaces.
Exactly. Everyone who's buying a $50 piece of network gear would basically be pissed if they could plug a USB gigabit adapter in and find that it works, because it's not "advanced" enough for the truly discerning.
-
This was posted on Reddit a couple days ago: https://gist.github.com/gonzopancho/760ab9ecee9dfbc1b6033e48647a4b48
-
I found the most recent official driver source code for Linux.
@johnkeates:
The problem with USB is that it's not an interface suitable for advanced network traffic. While it might be enough for basic home or prosumer usage, it's even worse than Realtek PCIe interfaces.
There are a few things to consider.
1: Performance. Since the EspressoBIN appears to allow only 1Gbit transfers, this means that if transferring data in both directions between a computer on LAN and the WAN, we'll get a maximum throughput of 500 Mbit in each direction.
If adding an USB3.0 GbE interface that can handle at least 500Mbit/sec in each direction, then we'd already get a faster transfer rate in each direction.2: Security. If somehow the router is rebooted and crashes before U-Boot can change the LAN-WAN bridging, then attackers can freely inject spambots and other nice stuff into the LAN. This will definitely not be possible if a driver is required in order to get data through the WAN port.
… I for one would not be angry if I could add a USB3.0 device and get an extra GbE port.
Though, I really would prefer having a GbE WAN plus a 2.5Gbit Topaz switch instead of having a 1Gbit switch an USB3.0 port (but mainstream probably likes USB3 better than I). I can probably still add up to 4 GbE ports on Mini-PCIe, but the chance of pfSense supporting exactly those cards I pick is pretty slim. -
I found the most recent official driver source code for Linux.
@johnkeates:
The problem with USB is that it's not an interface suitable for advanced network traffic. While it might be enough for basic home or prosumer usage, it's even worse than Realtek PCIe interfaces.
There are a few things to consider.
1: Performance. Since the EspressoBIN appears to allow only 1Gbit transfers, this means that if transferring data in both directions between a computer on LAN and the WAN, we'll get a maximum throughput of 500 Mbit in each direction.
If adding an USB3.0 GbE interface that can handle at least 500Mbit/sec in each direction, then we'd already get a faster transfer rate in each direction.2: Security. If somehow the router is rebooted and crashes before U-Boot can change the LAN-WAN bridging, then attackers can freely inject spambots and other nice stuff into the LAN. This will definitely not be possible if a driver is required in order to get data through the WAN port.
… I for one would not be angry if I could add a USB3.0 device and get an extra GbE port.
Though, I really would prefer having a GbE WAN plus a 2.5Gbit Topaz switch instead of having a 1Gbit switch an USB3.0 port (but mainstream probably likes USB3 better than I). I can probably still add up to 4 GbE ports on Mini-PCIe, but the chance of pfSense supporting exactly those cards I pick is pretty slim.I don't think anyone would be angry if USB network adapters had the same features and performance as PCIe adapters. Most of the issues stem from the limitations of USB as a bus (i.e. USB traffic costs CPU to get to RAM, PCIe has DMA), and from the manufacturers trying to segment the market, removing certain hardware features (well, mostly turning them off) or limiting stuff in their driver code (i.e. no hardware VLANs or a very small number of queues or queue entries, small buffers in the firmware etc.).
-
@johnkeates:
I don't think anyone would be angry if USB network adapters had the same features and performance as PCIe adapters. Most of the issues stem from the limitations of USB as a bus (i.e. USB traffic costs CPU to get to RAM, PCIe has DMA), and from the manufacturers trying to segment the market, removing certain hardware features (well, mostly turning them off) or limiting stuff in their driver code (i.e. no hardware VLANs or a very small number of queues or queue entries, small buffers in the firmware etc.).
Now I understand what @VAMike is saying. ;)
Sure I hate USB - anything USB.
It should never have been "invented".
-But since I now have a board that has this USB3 port, I'd like to exploit it.If, on the other hand, you think that Mini-PCIe is the way to go with pfSense, I will certainly not stand in your way!
(I just hoped to use Mini-PCIe for an extra 4-port SATA interface).
… However, thinking about it, it's pretty silly having several GbE ports via USB3 and then a total of 11 Gbit SATA available.
The USB3.0 plus the built-in GbE ports wouldn't be able to utilize those speeds anyway.
The built-in SATA can give me 600000000 Bytes per second, where Mini-PCIe can maximum (ideally) give me 500000000 Bytes per second.
So if using one of the GbE ports plus 4 GbE ports on the Mini-PCIe, I think the throughput would be as balanced as it could get.
-Then USB3 could be used for a few (slower) spare harddisks.Anyway, for my pfSense box, I intend to only run pfSense and a single harddisk (for O/S); no NAS and as little "junk" as possible; stability and performance is much more wanted than a lot of features.
So a bunch of GbE interfaces via Mini-PCIe would still be very appealing to me (even if a Mini-PCIe-to-PCIe breakout cable is necessary). -
Hi
Where can I get the instructions to get PFSense running on Espressobin?
Thank you
-
Anyway, for my pfSense box, I intend to only run pfSense and a single harddisk (for O/S); no NAS and as little "junk" as possible; stability and performance is much more wanted than a lot of features.
So a bunch of GbE interfaces via Mini-PCIe would still be very appealing to me (even if a Mini-PCIe-to-PCIe breakout cable is necessary).I don't know that we've tested either SATA or PCIe. I wouldn't count on either.
-
Is there any repository with images from where it can be downloaded?
-
I could not find it anywhere here yet. Patience i guess
-
Still no news or any ETA as far as I'm aware.
-
Here's a bit of an update: https://www.reddit.com/r/PFSENSE/comments/9iiq26/pfsense_244release_is_now_available/e6katiw/
Slow but steady progress :D
-
I just picked up an espresso.bin v7 board and and am having a hard time finding resources to get FreeBSD running. Since Netgate already had done that leg work, would it be possible to get some pointers and perhaps even an image and any needed uboot magic?
Im not expecting a pfSense image but just some tips to get started with FreeBSD!
-
@curtisgrice
Well, even with the pfSense image you wouldn't get it running because the additional hardware crypto-chip installed in the Netgate SG-1100 units is missing.I cannot help you with the FreeBSD stuff.
-