Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Year 2017\. Mini ITX desktop grade boards, two onboard Intel NICs.

    Scheduled Pinned Locked Moved Hardware
    4 Posts 3 Posters 4.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kroko
      last edited by

      Hi,

      I have been searching forums for user experience regarding desktop grade Mini ITX MOBOs that have two intel NICs out of box. Not much found or discussion.

      So I made a little list of what I have currently found (although not finished yet) maybe others might also benefit.

      Current best(ish) found

      Desktop class
      Asrock H270M-ITX/ac
      All (!) guidelines met (see table)
      100 EUR + VAT

      I bought this, the build, some testing and benchmarking is discussed here.

      Server class
      Asus P10S-I
      All (!) guidelines met (see table)
      161 EUR + VAT

      Table

      Link

      Selection guidelines

      • Year 2017, pfSense 2.3.3+

      • Models available at any any online shops (meaning - distributors/online shop competition, warranty, and infinitesimal shipping) in my region (north EU)

      • The end build (with CPU, heatsink, PSU, RAM, SSD) should be comparable with price of SG-2220 (having two NICs), which is ~300 EUR + VAT in EU. On the one hand should cost less, as draws more power (long term expenses), but then again… could cost same / a bit more as has unparalleled extendability over the ready solution. Anyways - target is to get cheaper in order to balance the (although fun and self-educational) time spent while going DIY way.

      • Desktop grade MOBOs from “usual suspects” manufacturers (thus good availability in stocks)

      • Mini ITX and Thin Mini ITX form factor preferred

      • LGA1151 preferred (giving DDR4 in most cases as well as future options for CPU swaps), but don't say no to older gen.

      • Can hold 8GB RAM or more (as pfSense 64bit version should be used & RAM is cheap)

      • Skip “gaming” boards (just because of extra price for features unneeded)

      • Boards that have PCIe 3 slot, so that the MOBO can be extended by extra NIC in the future if needed.

      • Boards that have SATA3 assuming SSD usage (all found desktop ones do, there are some Supermicros though that… wow) as starting point

      • Boards that have M.2 SSD (NVMe) support preferred, so that there is option to put OS on NVMe for super duper fast disk I/O (logs)

      • No need for WiFi module, but as many boards do have them, look at them too. WLAN is achieved via old routers as access points in LAN (OpenWRT/DD-WRT) to offload tasks as well as get newest WiFi standards. But if onboard bundled WiFi dongle does work, nice.

      Catalogues

      Asrock
      Mainline
      Industrial
      Rack

      From desktop segment few found, only two in the targeted price range.
      Quite many industrial boards that meet guidelines - LGA1151, LGA1150, LGA1155 and those misc BGA/rPGA types.

      Gigabyte
      Mainline
      Thinline

      Quite many LGA1151 boards with dual Intel NICs
      Many dual NIC boards for LGA1150, however most of them are 1x Intel.. and then 1x Realtek/Atheros
      All SoCs that have dual NICs are not Intel. Whaaat.

      Asus
      Mainline
      Server
      Workstations
      None desktop found. Server found, and mentioning that, because for the one server Mini ITX found price is comparable to desktop class.

      MSI
      Mainline
      None found

      Intel
      All boards
      Desktop class
      Two boards found.
      5 year old tech, used DQ77KB board (desktop class) in ebay costs the same as brand new LGA1151 board with warranty.

      Supermicro
      Skipping…

      Existing user experience

      Asrock Z270M-ITX/ac
      none

      Asrock H270M-ITX/ac

      https://forum.pfsense.org/index.php?topic=124639.0

      Asrock industrial series MOBOs (like reusing some POS sytem or whatever)
      none

      Gigabyte GA-H170N-WIFI (rev 1.0)

      https://forum.pfsense.org/index.php?topic=118306

      @IIMacGyverII, @JeronimoColon, @Tantamount
      Onboard NICs supported 2.3+
      WiFi dongle - no data
      Some though still say i219V is not supported, which is confusing
      https://forum.pfsense.org/index.php?topic=101689.0

      @xman111
      Onboard NICs supported 2.3+
      WiFi dongle - no data
      https://forum.pfsense.org/index.php?topic=109561.msg623083#msg623083

      Gigabyte GA-Z270N-WIFI (rev 1.0)
      none

      Gigabyte GA-H270N-WIFI (rev 1.0)
      none

      Gigabyte GA-Z170N-WIFI (rev 2.0)(rev 1.0)
      @Tantamount
      Onboard NICs supported
      Bundled WiFi module not working
      https://forum.pfsense.org/index.php?topic=109137.msg608395;topicseen#msg608395

      Asus P10S-I
      @datum
      Onboard NICs supported
      https://forum.pfsense.org/index.php?topic=123801.0

      Intel DQ77KB
      TBD

      Intel D2500CCE
      TBD

      Notes

      Many board models exist with two NICs. But either both are not Intel or first is Intel, but second is Realtek/Atheros (latter combination being quite popular). These boards are discarded.

      CPU starting from ~33 EUR + VAT.

      Lowest CPU worth mentioning (but not having low TDP) for LGA1151 IMHO is Celeron G3900 (51W TDP) (meaning AES-NI enabled CPU - so some basic VPN capabilities). This CPU costs ~33 EUR + VAT.

      Next step is low TDP Pentium, where first-ish is Pentium G4400T (35W TDP), ~64 EUR + VAT.

      Next step is low TDP i3, where first-ish is i3-6100T, ~99 EUR + VAT. It has AVX instructions that Pentium does not has and they are beneficial.

      In particular, SHA1 and SHA256 can be accelerated via AVX2 instructions, reducing the time required for AH processing in IPsec (and its similar processing in OpenVPN and OpenSSL) on processors that support AVX/AVX2.

      References: 1, 2, 3

      If CPU turns out to be bottleneck, next steps are faster i3, i5/7, Xeon E3 (all of them have 35W TDP ones and E3 goes as low as 25W). LGA1151 (not SoC or older LGA1150) gives good opts for future CPU swapping if needed.

      mATX will cost +/- the same
      I do not have space constraints, but a quick look shows mATX will cost +/- the same. The extras that mATX provides such as 4 memory slots IMHO unneeded for (this) pFsense usage (and in modern Mini ITX we can put in up to 32GB anyways) and having more than PCIe 3 slot is also unneeded for this pFsense usage.

      Comparison w/ MOBO having 1x onboard NIC + 1x PCIe NIC
      The reason to start with MOBO with 2 NICs instead of some MOBO with one NIC + PCIe NIC is extendability and pricing. If I were to buy MOBO with one NIC and put in second NIC in PCIe (i.e. desktop class Intel EXPI9301CT) I end up spending same as i.e. Asrock H270M-ITX/ac (~100 EUR total) or really close to some "bit over 100EUR boards", but with PCIe port already populated.

      8GB DDR4 RAM starting from ~50 EUR + VAT (both as 2x4GB kit as well as 1x8GB stick in single channel)
      8GB DDR4 comes for 50-ish EUR + VAT. So does DDR3/DDR3L! Thus no need to stick with DDR3 when buying new MOBO for pfSense.
      One cannot get actually small amount of DDR4. The min woud be one 4GB DIMM for ~25 EUR (or 2GB for SO-DIMM), but better populate those dual channels.
      RAM can be lowered to minimum recommended if older MOBO/SOCKET and thus RAM type is used (thus smaller RAM modules can be obtained) & pfSense does only basic tasks.
      32bit OS is going away in 2.4+.
      RAM is cheap. Come on, you need those big state tables, because you do bittorrent, who doesn't? :)

      WAN speed
      Assumed being able to deliver 100/100 WAN.

      MOBO chipsets
      Chipset comparison (Z270, H270…)

      1 Reply Last reply Reply Quote 0
      • V
        VAMike
        last edited by

        @kroko:

        RAM can be lowered to minimum recommended if older MOBO/SOCKET and thus RAM type is used & pfSense does only basic tasks, but then 32bit pfSense should be used, shouldn't it?

        Be aware that 32 bit x86 is going away in 2.4. https://forum.pfsense.org/index.php?topic=121255.0

        1 Reply Last reply Reply Quote 0
        • K
          kpa
          last edited by

          @VAMike:

          @kroko:

          RAM can be lowered to minimum recommended if older MOBO/SOCKET and thus RAM type is used & pfSense does only basic tasks, but then 32bit pfSense should be used, shouldn't it?

          Be aware that 32 bit x86 is going away in 2.4. https://forum.pfsense.org/index.php?topic=121255.0

          On top of that x64 is always preferred over x86 regardless of the amount of installed memory. Even with 512MBs of memory the 64-bit version of the OS will be much more robust and efficient at memory management.

          1 Reply Last reply Reply Quote 0
          • K
            kroko
            last edited by

            @kroko:

            • Can hold 8GB RAM or more (as pfSense 64bit version would be used & RAM is cheap)

            32bit was in a way a sidenote if anyone is listening to my monologue ^_^ I do not use 32bit OSes for yeaaaars (except for RTOS when doing some programming for Cortex-M) and if somebody says, he should, my comment is something in the lines of "get new hardware then".

            Anyways, thanks for the comments. Updated my public notes.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.