I5-4570S processor, too much?



  • Subject somewhat states.

    I've got the following system being used as a file/media server that I'm thinking about repurposing for pfSense:
    CPU : Intel i5-4570S  4/4 65W
    Motherboard : SuperMicro MBD-X10SLV-Q-O has two Intel Gigabit Lan Ports
    16Gb RAM

    My internet is coming through ATT fiber.  My internal network will have three separate 'WANs'.

    I will be running pfSense direct on the hardware and not in a VM.

    I am considering adding an Intel X550-T2 dual 10G network card.

    First is the base hardware too much?

    Second, will Intel network card provide any issues?



  • @LilJohn:

    My internal network will have three separate 'WANs'.

    I assume you mean LANs.  What speed is your fiber connection?

    Anyway, I doubt you will come close to using the 16GB of RAM but assuming your AT&T fiber is 1Gbps your CPU should serve you well.  Can't speak to the Intel X550-T2.



  • Yes, it will be too much.
    But there is no thing as «too much».

    You are simply using hardware you already have.

    CPU and ram are more than enough for your connection and give you some future proof.

    I think that with that NIC you will get almost full gigabit speed.



  • @datum:

    Yes, it will be too much.
    But there is no thing as «too much».

    You are simply using hardware you already have.

    Well, that's a little contradictory but at the same time right on.  I'm certainly on board with using the hardware in hand versus buying something brand new, especially for new users just getting their feet wet with the software.
    I've often wanted to write a bit of a rant post about people building pfSense systems with 16GB of RAM or even 8GB.  That, IMO, is too much.  I'd be surprised to see anyone in a home router situation fully utilize 4GB, much less 8 or 16.
    But as far as CPU goes, sometimes a little will do, and sometimes there just isn't enough to do the job at all.  OP has AT&T fiber.  That can mean up to 1Gbps symmetrical, and that's nothing to be trifled with when it comes to pfSense.



  • @whosmatt:

    @datum:

    Yes, it will be too much.
    But there is no thing as «too much».

    You are simply using hardware you already have.

    Well, that's a little contradictory but at the same time right on.  I'm certainly on board with using the hardware in hand versus buying something brand new, especially for new users just getting their feet wet with the software.
    I've often wanted to write a bit of a rant post about people building pfSense systems with 16GB of RAM or even 8GB.  That, IMO, is too much.  I'd be surprised to see anyone in a home router situation fully utilize 4GB, much less 8 or 16.
    But as far as CPU goes, sometimes a little will do, and sometimes there just isn't enough to do the job at all.  OP has AT&T fiber.  That can mean up to 1Gbps symmetrical, and that's nothing to be trifled with when it comes to pfSense.

    I agree.
    But there are situations where there is a motive to 'abuse' ram usage.
    In my case i had a board with dual channel, and it was hard to find 2gb of ddr4, and even 4gb price per stick was very similar to 4 plus 4.

    Sometimes to double the ram bandwidth one must go overboard.



  • Thanks for all the input so far.

    Yes, this is a case of using the equipment available… but I'm not above buying better/more appropriate equipment.  I was going to buy equipment that is going to replace the proposed equipment.  So if me going out and buying a "better" SuperMicro board/CPU combo, I'm not above it.

    From a CPU standpoint, the other "cheap" ones I have available are still ~60W but i3 Kaby Lake so single thread maybe faster but 2/4.

    From a hardware standpoint, I am just trying to ensure that my bottle neck will not be the pfSense setup.

    Yes, I meant internal LANs.. long day :o

    The fiber optic is business class fiber optic from ATT.  I want to say 1Gb pipe but I'm not looking at my paperwork.  Thus my thought process of using the Intel 10g NIC.

    I guess a followup question would be:  Is it worth going to server class hardware with baby Xeon such as E3-1270 v5  plus ECC memory and a "NIC loaded" motherboard?  On the MB, I found a SuperMicro that had 4 Intel 10g NICs on it for not a horrible price.  The bad with the above is the CPU is 80W.  On the otherhand, I'm not hugely concerned on the wattage consumed.



  • @LilJohn:

    The fiber optic is business class fiber optic from ATT.  I want to say 1Gb pipe but I'm not looking at my paperwork.  Thus my thought process of using the Intel 10g NIC.

    The 10g NIC would only matter as far as the WAN is concerned if they're handing off a link that can negotiate at that speed.  I have AT&T fiber at one of my offices and it's handed off by a standard 1Gbps port on a big 'ol 3U Cisco router.  We're nowhere near 1Gbps symmetrical though.  So just verify the link capability of the ethernet port on their equipment before you spend $ on a 10g card, otherwise it will be for naught.

    @LilJohn:

    I guess a followup question would be:  Is it worth going to server class hardware with baby Xeon such as E3-1270 v5  plus ECC memory and a "NIC loaded" motherboard?  On the MB, I found a SuperMicro that had 4 Intel 10g NICs on it for not a horrible price.  The bad with the above is the CPU is 80W.  On the otherhand, I'm not hugely concerned on the wattage consumed.

    If uptime is a paramount concern, maybe.  I'd be more concerned about stuff like redundant PSUs than ECC or a Xeon, TBH.  Best bet would be 2 systems in failover using CARP.  We do that at the same office I was referencing earlier with a DL360 G5 as the primary and a VM as the secondary.  Only reason we're even using the DL360 is because it's also routing between internal subnets (no L3 switches there) and we need decent throughput.  We're bonding 4 1Gbps NICs for that purpose.


  • Banned

    @datum:

    Yes, it will be too much.
    But there is no thing as «too much».

    You are simply using hardware you already have.

    CPU and ram are more than enough for your connection and give you some future proof.

    I think that with that NIC you will get almost full gigabit speed.

    I've never attempted gigabit internet, but I can't believe that 4 cores capable of 2.9Ghz all day long combined with a 10Gb modern intel server NIC should get "almost gigabit"!? Really? Without VPN of any sort, no snort, suricata, squid? It can't be that intensive to get gigabit internet, can it?



  • @pfBasic:

    I've never attempted gigabit internet, but I can't believe that 4 cores capable of 2.9Ghz all day long combined with a 10Gb modern intel server NIC should get "almost gigabit"!? Really? Without VPN of any sort, no snort, suricata, squid? It can't be that intensive to get gigabit internet, can it?

    See my previous post.. It really depends on the NIC that is handing off the connection from the ISP.  If that NIC only supports 1000Mbps, then yeah, the connection will be almost gigabit, up to what a typical 1Gbps link can really support.  In my experience it's upwards of 950Mbps but not the full 1000.  It's not about the CPU at that point, it's about the negotiation speed of the WAN link.  What would really be nice, I suppose, is if the ISP handed off the fiber and let the customer deal with it. But that's not how it happens with AT&T in my experience.  They provide a media converter which hands off to copper ethernet.  Then, that ethernet goes into an AT&T supplied router (In my case a Cisco 3000 series IIRC) and then the customer gets approved to plug a patch cable into a designated port on the Cisco.



  • @datum:

    I agree.
    But there are situations where there is a motive to 'abuse' ram usage.
    In my case i had a board with dual channel, and it was hard to find 2gb of ddr4, and even 4gb price per stick was very similar to 4 plus 4.

    Sometimes to double the ram bandwidth one must go overboard.

    Yep, point taken.  My hypothetical rant is more about people thinking they need all that RAM to go with a really fast CPU.  The bandwidth is much more important than the total amount.  I get by with 512MB at home and 1GB in the VMs I run at work, and those VMs serve hundreds of nodes on 15 or so subnets.  Hardly a large deployment, but much larger than the typical home or small office.  The speed of the WAN connection doesn't increase the amount of RAM required.  Only total # of connections and (more importantly) packages do.


  • Banned

    @whosmatt:

    @pfBasic:

    I've never attempted gigabit internet, but I can't believe that 4 cores capable of 2.9Ghz all day long combined with a 10Gb modern intel server NIC should get "almost gigabit"!? Really? Without VPN of any sort, no snort, suricata, squid? It can't be that intensive to get gigabit internet, can it?

    See my previous post.. It really depends on the NIC that is handing off the connection from the ISP.  If that NIC only supports 1000Mbps, then yeah, the connection will be almost gigabit, up to what a typical 1Gbps link can really support.  In my experience it's upwards of 950Mbps but not the full 1000.  It's not about the CPU at that point, it's about the negotiation speed of the WAN link.  What would really be nice, I suppose, is if the ISP handed off the fiber and let the customer deal with it. But that's not how it happens with AT&T in my experience.  They provide a media converter which hands off to copper ethernet.  Then, that ethernet goes into an AT&T supplied router (In my case a Cisco 3000 series IIRC) and then the customer gets approved to plug a patch cable into a designated port on the Cisco.

    Oh I see, thank you for clarifying!


Log in to reply