New 1U pfSense build - Which motherboard?



  • I'm looking to replace an aging Atom D525 board that doesn't have AES-NI (knowing this will be a requirement soon for future releases) and have been looking for board candidates. Whichever board I go with will be going into a 1U enclosure in an enclosed wall rack, using passive cooling (with a couple fans tossed into the 1U case to help the airflow). The internet connection is a 150/150 connection, with the possibility of going to 300/300 down the road.

    The board I'm mostly looking at is the SuperMicro A2SDi-4C-HLN4F (Atom C3558), which has QuickAssist, a modern C3000 chip, AES-NI, and the new X553 gigabit NICs (I'm ready to order one of these today if people agree).

    Another option includes the less expensive Pentium N3700; the SuperMicro X11SBA-LN4F. But I'm not sure if the network interface (i210 I believe) will be the best quality option for me in the long run for things like queue handling, and am somewhat concerned about getting the right revision thanks to this thread.

    The other option of course is to go with something like the ever-so-popular SuperMicro A1SRi-2558F, but this hardware is aging and I don't want to deal with even the remote chance of facing the C2000 bug.

    My main questions are:
    Is there one of these boards that stands out?
    Any opinions about the X553 gigabit NICs (supported in the next pfSense release) vs others? Are these good network interfaces? I don't know much about them but they seem decent and better than the i210.
    •If for whatever reason I've somehow selected 2 terrible boards (I don't think that's the case), please tell me what board you think would be a better fit keeping in mind the 1U requirement.

    Any thoughts would be greatly appreciated. Thanks in advance!



  • @link470 said in New 1U pfSense build - Which motherboard?:

    The board I'm mostly looking at is the SuperMicro A2SDi-4C-HLN4F (Atom C3558), which has QuickAssist, a modern C3000 chip, AES-NI, and the new X553 gigabit NICs (I'm ready to order one of these today if people agree).

    I think the C3xxx series is overpriced on the street for what you get.

    Another option includes the less expensive Pentium N3700; the SuperMicro X11SBA-LN4F. But I'm not sure if the network interface (i210 I believe) will be the best quality option for me in the long run for things like queue handling, and am somewhat concerned about getting the right revision thanks to this thread.

    The other option of course is to go with something like the ever-so-popular SuperMicro A1SRi-2558F, but this hardware is aging and I don't want to deal with even the remote chance of facing the C2000 bug.

    The N3700 has the same architecture as the C2xxx and may be subject to the same LPC bug.

    If you want IPMI and supermicro I'd suggest something like the X11SCZ-F and a cheap celeron or pentium (G5400's can be found on sale for $50). If the IPMI isn't critical you can find a suitable motherboard for much less. Another option is something like the asrock J3355B-ITX, which runs about $50 for the motherboard and CPU. After adding a dual or quad port NIC it's still a solid value. Another option at that data rate is the APU2, which is around $150 including case & RAM (depending on where in the world you are) or a bit more for a 3rd party rackmount case. That option is the value leader, but will have much less spare capacity.



  • I just tested a supermicro C3758-based barebone with 4 gigabit ports(X553 too) on a 2.4.4-snapshot last week. Got 946Mbps down / 939Mbps up with suricata(with SnortVRT rules). Very satisfied.



  • @abcnew good to know! Which board model?



  • In the supermicro superserver's c3000 series barebones. It uses A2SDi-8C-HLN4F as its motherboard. But it has 8 cores other than c3558 which has only 4 cores.

    Someone gets 1gbps on netgate xg-7100 which has 4-core c3558 and Marvell switch chip(link to reddit). He also used suricata.


Log in to reply