Pfsense motherboard/CPU advise

phil80

Hi,

I plan to start my first pfsense experience.

My needs / setup:

• 1 Gigabit WAN interface to ISP modem
• Cisco SG350 L3 switch: will do all the inter-VLAN routing and DHCP server
• pfsense box: used as firewall and to NAT traffic from VLANs to internet
• OpenVPN: 1-2 users, no need to more than 300-600 Mbps, I can do with less bandwidth here
• 4 VLANs setup on the switch for all the routing

I am thinking to get this hardware:

• AsRock H370M-ITX coupled with an intel quadcore i3-8100T or 9100T CPU clocked at 3.1 GHz and a 35W TDP
  It has a dual Intel GB LAN (1 x Giga PHY Intel I219V + 1 x GigaLAN Intel I211AT)
  https://www.asrock.com/mb/Intel/H370M-ITXac/index.asp#Specification

• Alternative: ASUS ROG STRIX H370-I GAMING
  It has a dual Gb LAN, one Intel I219V + one Realtek RTL8111H. I could replace the Realtek with an Intel PCI-E LAN adapter
  https://www.asus.com/Motherboards/ROG-STRIX-H370-I-GAMING/specifications/

ASUS is more expensive + I need to add the PCI-E adapter for 2nd Intel NIC.

1- Will these boards be fully supported / crash free for pfsense 2.4 and future 2.5 OS ?
2- Will they fill my needs ?
3- If I move routing to the pfsense box: will it out perform the hardware switch ?
4- do the NICs support 802.1Q VLAN tagging ?

Many thanks for helping me

kiokoman

yes, personally i will stay away from realtek, probably i will chose the asrock
yes
there should't be much difference
yes ->
Intel Ethernet Connection I219
Datasheet
 Jumbo Frames (up to 9 kB)
 802.1Q & 802.1p
 Receive Side Scaling (RSS)
 Two Queues (Tx & Rx

phil80

many thanks, I will buy the Asrock

tman222

Hi @elodie80 - is there any particular reason you are considering the i3-8100T vs. just the regular i3-8100? I imagine that most of the time I the CPU will probably not run anywhere near the quoted TDP (i.e. the CPU will run at a lower frequency), and the extra 500MHz per core might be nice to have if you will be using OpenVPN.

Hope this helps.

phil80

@tman222
I was planning to go completely fanless
But yes, fan will be off probably most of the time anyway...
The 8100 and 9100 are out of stock every where, i will have to wait a few weeks it seems

messerchmidt

ryen 3200g + gigabyte b450 matx + dual intel nic + 16gb ram + cheap case + 120gb ssd

phil80

Feedback:
I went with the Asrock, it works perfectly under Pfsense and has great fan control to run totally silent in a very quiet room.
CPU i3-9100, overkill but 9100T are hard to find on stock
Used the intel I219V port for LAN and I211AT for WAN

Hope it helps other users