Any new hardware planned for 2021?
-
Hi guys,
is there any new hardware planned for 2021? Btw. is anyone of you guys attending CES 2021?Regards
Martin -
Yes to new hardware, but no details to share just yet. Stay tuned.
No to CES this year, perhaps next year. -
Seems reasonable to assume new hardware will be available with rollout of pfSense+. If I were looking to release a new software brand that was intended to become the future of my company, I would certainly try to do so on fancy new hardware to create as big a halo as possible. I suspect and hope we will see new devices within the next few weeks as I intend to do an upgrade once new hardware is released and would love to be able to pull that trigger this month.
-
Please, please, please, a rack mount version of the SG-5100, please and thank you. Or maybe, because it would be an obvious upgrade, name it the NEW SG-5200.
Jeff
-
I hope we see something with some higher clocks. Snort is the most important package to me and I'm not confident in the ability of the current appliances with circa 2015 Xeon D chips running it with a lot of rules at >= 1Gb.
I hope we get something with a Xeon D-1600N series chip or Xeon E.
-
if theres anything coming on the basis of XG-1541 but with a second PCIe Interface/ 8+ 10GBIT Ports i´d buy that without thinking...
-
I hope for something like an Epyc Embedded Platform, like OPNsense did with their current hardware.
pfSense: 2.4.3
System: QOTOM-Q355G4
CPU: Intel Core i5-5250U
RAM: 8GB SK Hynix DDR3L-1600
LAN: Intel I211-AT
SSD: 256GB Lite-On -
@forsaked said in Any new hardware planned for 2021?:
I hope for something like an Epyc Embedded Platform
It has been running for a couple of years, hassle free...
https://www.supermicro.com/en/products/motherboard/M11SDV-4C-LN4F
Cats bury it so they can't see it!
(You know what I mean if you have a cat) -
@daddygo said in Any new hardware planned for 2021?:
https://www.supermicro.com/en/products/motherboard/M11SDV-4C-LN4F
Which case did u use, the SCE300?
I also want SFP+ on this Platform!pfSense: 2.4.3
System: QOTOM-Q355G4
CPU: Intel Core i5-5250U
RAM: 8GB SK Hynix DDR3L-1600
LAN: Intel I211-AT
SSD: 256GB Lite-On -
@forsaked said in Any new hardware planned for 2021?:
Which case did u use, the SCE300?
Yes SCE300 + Noctua (3.pcs.)
- Intel X710-D4 + Supermicro RISER for SFP+ and / or dual rate SFP(s) Intel E1/10GSFPSR
https://www.fs.com/de-en/products/36431.html
this makes it very configurable
- Intel X710-D4 + Supermicro RISER for SFP+ and / or dual rate SFP(s) Intel E1/10GSFPSR
-
@forsaked said in Any new hardware planned for 2021?:
Which case did u use, the SCE300?
but can be built into this chassis with a smaller trick:
CSE-505-203B
-
Something like this would be awesome:
https://www.lannerinc.com/products/network-appliances/x86-rackmount-network-appliances/nca-4112
-
All the Eypc solutions suggested would be awesome! I'm worried though, that Netgate is biased against AMD architectures. I can recall several posts over the last few years railing against AMD over CCX and memory latency :/
-
@mwastart said in Any new hardware planned for 2021?:
I'm worried though, that Netgate is biased against AMD architectures.
Nope... I hope so
AMD is starting to "eat" Intel.
Xeon vs. Epyc
https://www.theregister.com/2021/02/24/digitalocean_premium_droplets_amd/I have been using the AMD Epyc embedded series for a long time, -
no question with pfSense.Synology has just switched to:
https://www.amd.com/en/products/embedded-ryzen-v1000-series
https://www.synology.com/en-global/products/RS1221+Wonderful solution with 2x10Gig Ethernet
So there are opportunitiesBTW:
Of course my desktop pc:
Xeon W-1270 + Intel W480E chipset
Supermicro mini-ITX X12SCV-LVDS-O -
@akuma1x Totally agree on this one - I have 8 5100s and love them, they have been rock solid, but I have to use shelves for them. I have 4 of the 7100 units, they are solid as well, but i hate the switch based interfaces
-
In my opinion they need a “perfect” home appliance. That would be a mix of features across the current appliance range:
1: A modern powerfull 4 core ARM processor - MUCH lower power usage than Intel/AMD - both idle and loaded. Something with the equivalent horsepower of the 5100’s Atom processor today.
2: 4GB RAM
3: Same Size, Looks and ports as the SG-2100
4: However: No switched ports, so it would be 5 discrete NIC’s instead, one of which is SFP/RJ45 dual personality.
I would pull the trigger on one of these immidiately.
-
@keyser said in Any new hardware planned for 2021?:
1: A modern powerfull 4 core ARM processor - MUCH lower power usage than Intel/AMD - both idle and loaded. Something with the equivalent horsepower of the 5100’s Atom processor today.
I like ARM too, but there are some limitations.. At least with ARM 32 bits:
- Snort has problems with it, they had to compile a new packet, that runs slower due to signal 11 errors, if I remember correctly, it was related to memory mapping.
- Suricata is now using RUST language, which is incompatible with ARM, so some features won't work.
- Some packages like Snort/Suricata/Pfblockerng are not working in 21.02_1 due to php interpreter issues, they are working to fix it but not sure how long it will take.
So I would say, if you go with ARM, at least go with ARM 64 bits.
Due to the above, I still prefer to get Intel or AMD if available.4: However: No switched ports, so it would be 5 discrete NIC’s instead, one of which is SFP/RJ45 dual personality.
I like the switch ports :)
-
@mcury said in Any new hardware planned for 2021?:
I like the switch ports :)
Switches and the VLAN option to make them behave as discrete came up in an unrelated thread recently...is there a meaningful difference in performance if configured that way?
(said in general) When comparing to bare hardware realize Netgate has to include support costs in their pricing as well.
-
@steveits said in Any new hardware planned for 2021?:
Switches and the VLAN option to make them behave as discrete came up in an unrelated thread recently...is there a meaningful difference in performance if configured that way?
Correct me if I'm wrong, but this is my current understanding on how it works.
I have 3 of my 4 ports in my SG-3100 here using PVID 100.
So, traffic between these ports in VLAN100 are not bottle necked by a single 1Gbps port.
Also, traffic between these ports are not going through the SOC.If you use a discrete port, you are now taking that port out from the switch, and using it with routing capabilities, which means that the port would have an IP and it would be the gateway of that specific network.
Kindly note that I wasn't aware of the "VLAN option to make them behave as discrete" thread until now, so I could be wrong on how it works.
-
The 2100 and 3100 have a 2.5 Gbps uplink from the switch to the chip...see the 3100 image here. So if I followed, I think what you're describing would still go through the SOC/software but the uplink would hide that a bit (two 1 Gbps ports talking to each other with .5 left over). Willing to admit I'm wrong there. :)
The Netgate method I linked seems similar...it basically says "make all traffic on port 4 a VLAN" so now, while still going through the switch, the traffic is on its own VLAN and thus logically separated from the traffic on the other 3 switch ports. Repeat for each port and all four are treated as separate networks.
I use them as switched though. :)
-
@steveits The switch is a switch - so like with alle other switches:
1: If the switch is not in VLAN 801.2q mode, The ports acts as accessports by default and the traffic is just switched - no need to pass it into the CPU/uplink unless it’s destined for other devices (off current L2).
2: If you configure them as “discrete ports”, and put the switch in 802.1q mode, the ports are each configured as accessports in a given VLAN (usually unique) that is tunneled to the SOC on the uplink. (Note, you can have more than one port in the same VLAN tunnel), and all frames will have to pass through the uplink to be evaluated and routed across VLAN’s.
There is a performance difference between 4 switched ports (backed by a 2.5Gbps uplink port to the SOC), and four real NIC discrete ports. Not only is 2.5Gbps the theoretical throughput of routed traffic to/from the 4 switched ports - as opposed to 4Gbit for 4 individual interfaces but:
More importantly, small pfSense appliances does not have powerfull enough CPU cores to have a single core evalutate pfFilter rules (simple firewall rules) at Gbit wirespeed.
Since a interface queue is not properly multithreaded, the single CPU core performance becomes the bottleneck for throughput on each interface (aka - the switch uplink in this case).FX: The SG-1100 that only has switched ports (All ports are seen on one uplink) has a max pffilter throughput of about 460Mbit.
The SG-2100 which has the same CPU as the SG-1100, but has a discrete NIC, and 4 switched ports through a Uplink, will do about 680Mbit in pfFilter if the traffic is passed from a switch port to the real NIC. This is because it has 2 queues - each can use its own CPU core, whereas the SG-1100 has only one Queue (the uplink), and is therefore mostly limited to one CPU core. -
@audian Hi, do you have any announcements yet?
-
@prtonguy77 Well there was the 6100...
