Recommend hardware with gig ports?
-
Yes I've searched and read. I just want to know what the latest recommendation on available hardware is.
Looking to replace a fullblown dell server with something small and less power hungry. I need 3 or 4 gig ports. My sustained traffic doesnt saturate gig on a regular basis but it does occur now and then and I need to be able to keep up with it. Most of the small bits of hardware I've been seeing talked about have 10/100 interfaces which rule them out unfortunately.
Input is appreciated and in the meantime I'll be doing more searching :)
-
I haven't yet deployed this configuration, but I've done a lot of research and come up with the build below. It should be able to pass 1Gbps without too much trouble, is fairly low cost and fairly low power, and built from quality parts. You can save a few bucks and get a bit more flexibility building it in a non-rackmount (or more RU) case, but I need a 1U unit:
SUPERMICRO CSE-502-200B Black 1U Rackmount Server Case
SUPERMICRO MBD-PDSBM-LN2+-O - 2 onboard Intel PCIe NICs
Intel Core 2 Duo E5300 2.6GHz - could probably get away with a Celeron 400 or E1xxx/E2xxx series, but the Core should have no trouble at 1Gbps
Kingston 1GB 240-Pin DDR2 SDRAM ECC
Dynatron P199 - Stock fan won't fit in a 1UIf you need more than 2 NICs, add either a single or dual Intel PCIe server adapter with a Supermicro CSE-RR1U-E8 riser (not available at NewEgg, but fairly inexpensive elsewhere - or just use a larger case).
I am planning on running the build from an industrial CF card in a SATA->CF adapter, but you could add a proper disk if you wanted.
With 3xGigE this setup will cost you ~$500, less if you don't need a rackmount solution.
-
Okay so I have 3 spare machines laying around that I could repurpose for pfsense.
1 of them has a 2.8g pentium D, but the NICs onboard are VIA Rhine II nics. VIA P4M800-M7A motherboard
The other system is a Pentium4 2.66 and has Intel 1000 nics onboard.
Also have an old Dell PE1550. It has a P3-1ghz cpu. Seems slow by todays standards but what its capable of I dont really know.
Which do you think would be better suited? I'm inclined towards the intel nic board (supermicro) but dont know if the extra cpu core will be that important or not.
Any input?
KTIMS : any recommendation on CF card and adapter?
-
I'd definitely go with the machine with better NICs if you're not prepared to upgrade them. Besides, the Pentium-D is very power hungry and I'm not sure the extra core is worth that, but if you want to do gig I'm not sure either is fast enough, you'd have to experiment. Then again, the Rhine II is a 100mbps card, so maybe that's not a priority anyway? You'll save quite a bit of money on your power bill if you go with a modern Core architecture CPU, those NetBurst processors just soak up the juice.
As for flash, I've just found InnoDisk disk-on-modules which seem a better (and cheaper) solution than using a CF->IDE adapter. You can buy them here. Prior to finding this product I was using Transcend industrial CF with a CF->SATA enclosure by SANS Digital.
-
Yeah I am actually testing both these machines with my Kill-a-watt unit. The PentiumD box uses more than twice the power. Both systems have 1 disk powered for the test. That alone decides it. Its been a long time since I've pushed more than 150meg so gig isnt imperative. Good point about the Rhine being 100mbps though. Everything points the way to the Supermicro system.
thanks for the input. I'll check out innodisk.
-
Out of curiosity… what capacity size innodisk did you decide on? Seems to me that a 4gb module is more than sufficient.
I'd definitely go with the machine with better NICs if you're not prepared to upgrade them. Besides, the Pentium-D is very power hungry and I'm not sure the extra core is worth that, but if you want to do gig I'm not sure either is fast enough, you'd have to experiment. Then again, the Rhine II is a 100mbps card, so maybe that's not a priority anyway? You'll save quite a bit of money on your power bill if you go with a modern Core architecture CPU, those NetBurst processors just soak up the juice.
As for flash, I've just found InnoDisk disk-on-modules which seem a better (and cheaper) solution than using a CF->IDE adapter. You can buy them here. Prior to finding this product I was using Transcend industrial CF with a CF->SATA enclosure by SANS Digital.
-
I've used 1GB CF cards in all my builds to date, haven't actually used any of those InnoDisk modules yet, but they're on the list for my next build. For my needs 1GB is more than sufficient, but I don't use Squid or any other modules that use much disk.
-
I wanted to point out that I have the same board that ktims has up there. You need to know something though, that board does not support Q9000, E8000, E7000 or E5000 series processors! I know becuase I found out the hard way. So that Proc you listed will not work. The board won't even post with that Proc.
-
I wanted to point out that I have the same board that ktims has up there. You need to know something though, that board does not support Q9000, E8000, E7000 or E5000 series processors! I know becuase I found out the hard way. So that Proc you listed will not work. The board won't even post with that Proc.
Good catch :-X
Probably want to go with the E2220 instead. Oops!
-
Ordered a 2gb solid state module. Will report back when I've received it and installed it.
-
Any reports on this configuration? ;D
-
That Supermicro setup interests me. I'm interested in something more than an ALIX and an Atom would probably do fine, but lightweight C2D would be better. What kind of power does it take? Have you measured it with a Killawatt?
-
We've been building some walls with the Jetway NC92 board, with the 3 x GB NIC daughterboard, and it has an additional 2 x PCI if you use a suitable case. Cheap, fast, low power, and 4 x GB NIC!!
-
That Supermicro setup interests me. I'm interested in something more than an ALIX and an Atom would probably do fine, but lightweight C2D would be better. What kind of power does it take? Have you measured it with a Killawatt?
I haven't measured it, and the UPS it's on powers a bunch of other equipment as well, so even those rough measurements aren't going to be useful.
It works very well though, basically the exact setup described above but with a Celeron 430. No trouble doing 100mbit, but that's as fast a WAN link as I've got and it's in production so I can't push it further :P
-
Hey, guys.
First time poster/first time pfsense builder here. Please forgive me if I should have started a new post, but I specifically want to inquire about nexusone's and tommyboy180's hardware implementations.
I've been digging through the forums and across the interwebs for workable hardware configs and this supermicro setup you guys are running has me very intrigued. But I'd really like to get you guys' input before I build because this is uncharted territory for me and I've spent more time than I care to admit researching and spec'ing this thing out.
ktims: is your CF/SATA adpater setup for embedded builds, or are you using it for full installs? Assuming you're doing a full install, how do the industrial CF cards hold up to numerous writes? Is this a better way to go than, say, a sata hdd? Because of the solid state/no-moving-parts, or is it more of a power-saving issue?
I would be grateful if any of you that are using this PDSBM-based setup would share your complete specs.
Here's my planned build (most of which I stole from ktims):
MBD-PDSBM-LN2+
Supermicro CSE-502-200B
Celeron E1500 http://www.newegg.com/Product/Product.aspx?Item=N82E16819116075
Kingston 2x1GB DDR2-667 http://www.newegg.com/Product/Product.aspx?Item=N82E16820134046
Dual Port Intel Gigabit Server NIC PCIe http://www.newegg.com/Product/Product.aspx?Item=N82E16833106014
Hitachi 80GB SATA http://www.newegg.com/Product/Product.aspx?Item=N82E16822145238
Supermicro 1U Active Heatsink http://www.provantage.com/supermicro-snk-p0032a4~7SUP9016.htm
CSE-RR1U-E8 Riser
2.5" HDD retention bracket http://www.provantage.com/supermicro-mcp-220-00044-0n~7SUP9019.htmAccording to the CSE-502-200B manual, you can't really fit both an expansion card and a hard drive, so I was going to use the retention bracket and dremel most of it off to make two rails for the laptop hard drive. I'm thinking/hoping that with this setup, the NIC should have enough clearance over the hard drive to accommodate both NIC and HDD in the chassis. Has anyone tried anything similar?
Nexusone and tommyboy180: what type of storage device are you installing pfsense to?
Is anybody using the supermicro board setup with a SATA hdd? Any caveats? From what I've read, some folks are having a hard time installing pfsense to sata hdds on ICH7, which is the controller on the PDSBM (well, ICH7R, anyway), like this person here: http://forum.pfsense.org/index.php/topic,7172.0.html
But by the looks of it, you guys aren't having a problem installing to CF cards emulating SATA devices… ::)
I suppose I could always install an 2.5" IDE drive instead; has anyone tried this with this board?Thank you all for taking the time to read this.
EDIT: ktims: after reading some of your other posts, I see the answer to my question about the preference for CF cards seems to be due to the solid stateness of them.
EDIT: And what release are you guys running with this board?
-
Hello Bok Bok,
I think you will be very pleased with the preformace with your supermicro hardware. This is a very powerfull system that can support 1000's of users.I just wanted to ask you why you have decided to purchase the Intel EXPI9402PT. Do you need 4 NICs, or will the onboard NICs not do 'it' for you? The onboard NICs are very powerfull and reliable. I have never had any problems.
Also double check you RAM agaist the tested RAM for the board on the SuperMicro page. Your RAM will work, I don't doubt that, but if you are looking for Max preformance and Max Stablility then go with a chip that was tested on the board.
I am using the board with a SATA drive, 160GB. The preformance is unbeatable. The only thing I would recommend with if you decide to go with the onboard SATA is to use a very short SATA cable.
My full specs are
Board - http://www.newegg.com/Product/Product.aspx?Item=N82E16813182126
Cooler - http://www.newegg.com/Product/Product.aspx?Item=N82E16835114075
Case - http://www.newegg.com/Product/Product.aspx?Item=N82E16811152106
Ram - http://www.newegg.com/Product/Product.aspx?Item=N82E16820134192 -
If I should settle for 1U rackmounts, i would definetely look at Ebay for IBM 335/336 hardware….
Lot cheaper used than Supermicro, and it can handle heavy loads. On embedded CF, it uses 120W....And is not so noisy.....
-
problem could be the depth of the ibm's? some people only want minimal depth for a small wall mount cab.
was just looking at another mobo with intel gig on and seen this.
http://www.icp-uk.com/index.php?act=viewProd&productId=225
looks a promising little board that would easily fit in the supermicro case -
tommyboy180: Thanks for the reply!
To answer your about the NIC, I need four ports. I have absolute confidence in the onboard Intel NICS (kind of building the system around them ;) - and the form factor), but I just need more ports.
However, as has been discussed many times on this forum, a popular way to go seems to be to just set up vlans, run them all through a single LAN interface, and pair the setup with an 802.1q-friendly switch.
To be honest, I'm a little reluctant to do it that way. While the security aspect is debateable, I keep thinking about what will happen when someone else inherits this setup. Will the VLANs make them like, "huh"? Pretty much any technician (I hope) gets port=interface, but I'm not so sure about port=3-to-12 interfaces.
OTOH, while right this second three LAN interfaces is exactly what I need, at some point down the road (I don't know how far) this location is probably going to outgrow three interfaces, and so then it's either more routers for all the subnets, or it's VLANs.
With regards to RAM, I will definitely take your suggestion, tommyboy180. May I ask who manufactures the 160GB SATA drive you are using? And short like 6" or short like 10"?
If I could pick your brain just a little more:
-
Are you using 1.2.2 or a 1.2.3 snapshot? It looks like the 1.2.3s alleviate a lot of SATA hassles, and a lot of people seem comfortable using 1.2.3 in production.
-
Do you do your installs off IDE or SATA optical drive?
Thanks again for the useful info!
@louis-m: that looks like a great board - I think a number of folks are using it, tho I'm not sure it would fit in this supermicro chassis: http://www.newegg.com/Product/ProductReview.aspx?Item=N82E16811152106 - read Camarofleet's review. Of course, this is just speculation on my part.
Right on point about the wallmount action. "Being able to mount your bad-ass firewall on your relay rack… priceless."
-
-
I'm actually using an IDE DOM from Innodisk in my builds now; these are about 1" tall and plug directly into the IDE header on the motherboard - very convenient. I use their CF in my embedded installs as well. It's been reliable, though performance is quite a bit poorer than a hard disk. I've got 3 or 4 of them out there now, but only for 4 months or so when I discovered these. They're running full installs and I've had no issues to speak of, but I don't do any write-heavy operations on them either (Squid etc.). If you're planning to do lots of writes I'd go with a hard disk, otherwise I'd go with one of these DOMs. I'm currently running 1.2.3-RC1 on the Supermicro build I have in production.
WRT. 802.1Q & VLANs - while they're not really commonly understood among low-rent IT 'consultants' that might do work for a small business, anyone that's likely to understand a setup with 4 subnets and various rules in pfSense should have at least a peripheral understanding. Certainly anyone that should be doing this kind of work should have a good understanding. And as you wisely notice, the 1 interface per subnet paradigm just doesn't scale. It's going to be a matter of do it right right now or try and migrate in the future which is going to be a lot more painful for you. Using VLANs also gains you a lot more flexibility over the network in general if you can justify replacing all your presumably unmanaged existing switches.
A compromise might be to use one of the onboard NICs for your WAN connection and only do VLANs on the LAN side and connect that to the switch. That should be a more intuitive setup for other folks. And of course documentation, but I wouldn't stoop to the 'next guy's' level if it compromises your work.
