Build Advice
-
Hi Everyone,
I know this topic has been asked several times… And for that I apologize. I've been over countless forum posts, reddit posts and Google results but I'm still unsure of what the best hardware is for the build I wish to do. So I'm coming to the source to ask!
Currently I have FTTH @ 100 Mbps down, but in the future (new job!) would like to upgrade to the 300 Mbps down package (Bell Aliant in Nova Scotia Canada).
Network Stats:
-
1x Main PC
-
1x NAS (File and Download Server)
-
3x Android Devices - Phone, Tablet and Nvidia Shield (Shield is used for Internet and LAN Streaming)
So 5 devices in total, with the NAS, PC and Nvidia Shield being the 3 biggest users of the Network.
Desired Features/Packages:
-
Firewall/VLAN/NAT
- VLAN #1: Non-encrypted, direct WAN connection
- VLAN #2: Encrypted VPN Tunnel (See 2 below)
-
AES 128-256 VPN @ 100 - 300 Mbps (to take into account my future planned package upgrade)
-
Snort
-
Country Block/pfBlocker
-
Darkstat/Bandwidthd (or whatever a newer stats package is)
-
Ability to route each device over a specific VLAN on the router side (Not sure what package this would be).
The biggest feature for the hardware is the AES VPN (Private Internet Access).
Hardware I've considered so far (All prices are in Canadian):
-
CPU: Intel Pentium G4560 (Dual Core - 4 Threads) @ 3.5GHz
= $84.25 -
CPU Cooler: Cooler Master GeminII M4
= $44.99 -
RAM: G.Skill Sniper Series - DDR3-2133 - 2 x 4GB (CAS 9)
= $74.99
* The above are not set in stone and are subject to change on input from this forum.
Budget: $400 - $500.
There is where I'm jaded and can't decided…
-
Which Motherboard and Storage to choose?
-
Do I go with a Motherboard with a M2 slot and get a tiny M2 SSD?
-
Do I get a slightly cheaper board with SATA III 6Gbs and get a tiny SSD?
-
Do I get a slightly cheaper board with SATA III 6Gbs and get a tiny HDD?
-
Do I get the cheapest board, get a mSATA PCIE adapter and get a tiny mSATA SSD?
-
Do I get the cheapest board and get an internal USB3 header and use a USB drive?
-
-
Which Intel NIC to get (Looking for a 2 port NIC (WAN/LAN) as I'm going to use my current Asus router as access point and switch)?
I would like the most reliably option I can get (in term of HDD) as the box would be on 24/7 (excluding maintenance) preferably with some type of redundant backup so I can quickly bring the router back up.
Again I apologize for the redundant question and thank you in advance.
- Tempster
-
-
https://forum.pfsense.org/index.php?topic=131878.0
The quotum mini pc with either i3 or i5 processor, 4gb ram and 32gb HD would work for you. I'm running the i5 setup with 1gbps wan and get full throughout with the same packages as you and close to 400-500mbps with a clustered PIA OpenVPN gateway. It comes cheaper too than the above.
-
Hi jgiannakas!
Thanks for the reply, just for clarification you are talking about this (or similar)?
http://www.ebay.com/itm/QOTOM-Q355G4-New-Intel-core-I5-5250U-Fanless-4-LAN-Micro-Computer-2G-8G-X86-/262889082605
I was picking parts as I normally like to build my own rigs, but at half the price screw building it.
Thanks!
-
would go 8gb ram, 120gb ssd+
an kaby lake celeron or cheap ryzen is sufficient
make sure the board has dual intel lan, or get an ebay card for same
-
Hi jgiannakas!
Thanks for the reply, just for clarification you are talking about this (or similar)?
http://www.ebay.com/itm/QOTOM-Q355G4-New-Intel-core-I5-5250U-Fanless-4-LAN-Micro-Computer-2G-8G-X86-/262889082605
I was picking parts as I normally like to build my own rigs, but at half the price screw building it.
Thanks!
Yeap I got it direct from aliexpress. Delivered in under 5 days and I think it's got more config options than eBay:
https://m.aliexpress.com/s/item/32800603727.html?trace=wwwdetail2mobilesitedetail&productId=32800603727&productSubject=Dual-Core-Mini-PC-Barebone-4-Ethernet-Lan-Nano-Itx-Core-i5-5250U-Pfsense-Firewall-Mini&spm=2114.13010208.99999999.262.6JvNwX
Don't bother with the wireless card. It's not operational under pfsense. Also 32gb HD is plenty and I'm using about 30% of all ram with snort, pfblocker etc but not squid as it's actually slowing the network down when hooked up to my 1gbps connection at home (very little hit rate)
-
Hi,
I've decided I would rather build my own box (I enjoy building my own machines). So back to my original question on CPU suggestions.
Desired Features/Packages:
-
Firewall/VLAN/NAT
- VLAN #1: Non-encrypted, direct WAN connection
- VLAN #2: Encrypted VPN Tunnel (See 2 below) -
AES 128-256 VPN @ 100 - 300 Mbps (to take into account my future planned package upgrade)
-
IDP/IPS
-
Country Block/pfBlocker
-
Darkstat/Bandwidthd (or whatever a newer stats package is)
-
Ability to route each device over a specific VLAN on the router side (Not sure what package this would be).
Will the Intel Pentium G4560 be able to handle all of the above? or should I opt for a quad core i5?
- Note I understand the need for a high Ghz CPU as OpenVPN is single threaded, so that is not is not what I'm inquiring about.
Thanks
-
-
Pentium is plenty.
-
Are use a Dell R210, with dual 1GB WAN connections , my LAN set up is all 10GB Fibre
The R210 handles it nicely, You can pick up R210s online extremely cheap
Make sure you have the latest Dell BIOS, and you'll barely hear the fans :-)