Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Best Processing Power vs Power Efficiency Compromise - Home Gigabit

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    3 Posts 3 Posters 732 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      racielrod
      last edited by

      Hello,
      I'm new to Pfsense and I have been browsing for a few days trying to understand what would give me the power I need for the feature set I'm looking for while trying to minimize power consumption and noise.

      Features

      • Future: VPN Client (Maximize bandwidth on a 1Gbps link)
      • Future: VPN Server
      • Future: IDS
      • QoS

      Hardware Preferences

      • Small form factor (mini/micro ITX?)
      • Passive cooling is preferred
      • Dual nic is fine (3-4 would be nice to have)
      • Intel nics
      • Ability to handle 1Gpbs w/o maxing-out resources (future proof)
      • Power efficient (not sure about what I should be shooting for here in terms of power consumption while idling vs full load, etc).
      • Processor supports AES-NI

      Ideally I would like to spend ~$300 but I'm open to any suggestions.
      I'm looking to build something I can use for a good number of years.

      Any recommendations based on your own experience would be greatly appreciated.

      Thanks!
      R. Rod

      1 Reply Last reply Reply Quote 0
      • R
        rainer_d
        last edited by

        For 300, pcengines hardware would probably be available (APU2)
        AFAIK, it does not do full GB, but pretty close.

        https://forum.netgate.com/topic/114731/alix-apu-2c4-board-and-1gbit-internet-connection

        I have no experience with it (yet). I'm still debating whether to buy an APU2C4 or an SG3100 (at more than double the cost).

        I'm near Zurich, so PCEngines is really a local business here. The price is another factor, but given the intended lifespan of the system, it's not all down to price.

        1 Reply Last reply Reply Quote 0
        • S
          shiftyjoe
          last edited by

          So to add to @rainer_d comment, I've recently purchased the APU2C4 as my pfsense box and frankly considering the costs I'm rather impressed. I'm have a WAN\LAN setup running Squid, Squid Guard, Suricata, PFBlockerng, and ntopng - my main focus is keeping my kids from getting into too much trouble as they start exploring the internet. Looking at the performance to energy cost, I really feel this box hits a lot of check boxes. Sadly, I'm limited in my bandwidth so I can't speak to how it handles on 1Gbps, but I've hear you can get close but I don't know if would need to limit the packages your running.

          If you do end up do end up looking at the APU2 setup, here is what I came up with so far to improve performance:

          1. Get thermal grease and stand the box vertically - Reduced my CPU temp by 10C
          2. Avoid ClamAV, it will eat the CPUs alive with large downloads
          3. Suricata seems to perform better than Snort, but is twice as hard to setup... but twice the trouble is twice the fun in my book. Between the multi core support and the APU2 supported inline mode, you can get IDS on without to much impact to your system.
          4. Get the 4GB version, it's not much more and gives you lots of RAM to play with.

          Running pfSense with Celeron @966Mhz w/ 1gb ram, 80GB IDE/ATA Harddrive, and two intel desktop pro 10/100.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.