A few questions from a newbie chimp....

Comfy

Ive not been using pfsense long. Im on my second box....first attempt was an i5 nuc with 250gb ssd using the onboard lan for local lan and a USB dongle for WAN - that netted me a 5meg download speed (i think last time i was told i had a 350 meg connection (i do get mixed up with the whole mbit mbye kbit thing....) - i reconfigured the other way round which then took me up to a 20meg download speed (better but im sure ive got some more bandwidth in there somewhere)

So - this morning ive tried a different box. A SFF dell optiplex 7010 core i7, 16gb of memory and a 250gb ssd with an intel server twin port nic. One thing that i was never able to do on the old box was to enable traffic shaping. I can now do that on this one. Download speed topped out at 43meg (running and nzb download) - so based on my original bandwidth statement i might have more than i thought im not sure.

So, the 7010 does the business but not from an electricity draining point of view idling is 60 odd watts....wife wont be happy with the energy bill (3 kids all with high powered gaming boxes and a home server running as well....) so its pretty steep already...!

Which begs my chimp based question.....will one of those little pfsense boxes outperform or match my 7010 and if so do they draw less power? if they do id like something that could possibly handle more bandwidth (my isp is steadily going to gigabit speeds)...

johnpoz

Well first things first I would validate your getting what your paying for.

If your paying for 350mbps.. Then you should be seeing I would say 90% of that are you have something wrong that is for sure.

60 some watts sitting there idle seems a bit much for a "router" My nas doesn't even use that, and its powering 4 hdd..

As to your isp going to gig.. Doesn't mean your going to. Are you?

If your seeing 43MBps in some download test that would work out to yeah about 350mbps..

You really need to be clear on what your seeing be it Mb (bits) or MB (bytes) per second.. Roughly /8 whatever your seeing in Mbits and that would be your MBytes

for 350mbps connection the sg1100 would be more than enough - and it draws like 4watts idle... If you want to have ability to got to gig, then either a 2100 or 3100.. Both only draw couple of more watts.. About a 10th of what your current box is drawing..

JKnott

@comfy said in A few questions from a newbie chimp....:

will one of those little pfsense boxes outperform or match my 7010 and if so do they draw less power?

I recently bought a Qotom mini PC and get great performance. It does better than HP desktop system it replaced. According to the ads, it draws about 15W.

stephenw10

You need to use precise values, preferably in Mbps (mega bits per second).

"43meg" could be a number of things which makes meaningful comparison hard.

Either of those devices should be easily capable of passing 1Gbps. Though probably not with a USB NIC.

Have you actually measured the Dell at 60W? That's quite high for a SFF device. It is probably massively over powered for your use though.

The SG-1100 or SG-2100, which is probably what you're referring to, will not outperform an i7 with 16GB of ram! But you almost certainly don't need that. You would want at least the SG-3100 though if you plan to get a "Gigabit" service from your ISP. Probably an SG-5100 to be sure of passing that with traffic shaping enabled or packages running.

Steve

Comfy

@stephenw10 Brilliant - thanks for all the replies....with regards to the 60w ive got a smart plug on the SFF and thats what its telling me....it is pretty heavy weight though...i7, 16gb of memory - i suspect thats quite a draw in itself..!

Gigabit from the isp: while im not going for it myself they do tend to up the speed each year (or if i phone up at the end of my contract and try to negotiate for the coming year) so nice if its got the spare capacity....

Something i didnt mention is obviously im learning so im always messing with stuff on there so, have a fair few packages installed. Ive given quite a large slice of disk space over to squid (im assuming that the more i give it - to a certian extent) the better it will be (the internet connection/performance)

Ill go and have a look at the SG1100 now...cheers.

Comfy

@comfy Just to add i did inherit a dumb terminal - an igel one of these....

https://www.igel.com/wp-content/uploads/2020/03/DS_UD6_85-EN-21-6-2.pdf

although when i stick a pfsense usb stick in it gets so far then hangs...i thought i could use that so far ive not had much luck...

Comfy

@comfy Is this over the top??

https://www.ebay.co.uk/itm/Fanless-Mini-PC-Intel-3865U-6LAN-Firewall-VPN-Router-with-AES-NI-8G-64G-pfsense/114644620718?hash=item1ab15a15ae:g:tBkAAOSwPKNgGVf7

JKnott

@comfy said in A few questions from a newbie chimp....:

https://www.ebay.co.uk/itm/Fanless-Mini-PC-Intel-3865U-6LAN-Firewall-VPN-Router-with-AES-NI-8G-64G-pfsense/114644620718?hash=item1ab15a15ae:g:tBkAAOSwPKNgGVf7

You might want to try the one I bought, as it's cheaper. Also, according to that ad, they're down to their last one (I wonder how many "last ones" they have.).

Comfy

@jknott Yep - sorry - i missed that....looking now....that looks pretty good! - can it be upgraded internally? im assuming not cpu but memory and disc capacity...?

stephenw10

Whilst it's possible to run Squid/Squidguard, pfBlocker etc on an SG-1100 it can require careful tuning not to blow though all the RAM imediately. If you want try a bunch of packages I would say go to the SG-2100.
That igel hardware would probably be fine for what you're doing and since you already have it.....

You are probably hitting the graphics driver issue in the J1900 SoC. Does it stop at 'Booting...' ?
https://docs.netgate.com/pfsense/en/latest/install/upgrade-guide-versions.html?highlight=kern%20vty%20sc#upgrading-from-versions-older-than-pfsense-2-4-4

Steve

JKnott

@comfy said in A few questions from a newbie chimp....:

can it be upgraded internally? im assuming not cpu but memory and disc capacity...?

I haven't checked mine, but there are some models sold without memory or SSD. You can put whatever you want in those.

However, here are some performance levels with mine, which has 4 GB of memory and 32 GB SSD:

As you can see, it's hardly doing anything. When I run speedtest, the CPU usage peaks at 5%. So, this model has plenty of reserve.

Comfy

@jknott Yeah- i was just watching a video of someone pulling one apart....there are barebones ones on Amazon for 130 quid so i reckon thats the kiddie for me (ive got a spare 250gb samsung ssd and 8gb of memory kicking around)

Ive also got a spare wifi card i could stick in the wireless slot...ive got 2 access points already running but as i say, i love messing around with stuff so id put it in just to see what i could do with it...

Just have to burn the electricity until payday and then get one then....based on what yours is doing im guessing it can run an amount of additional packages...im running

Darkstat
nmap
snort
squid
pfblocker

And a couple of others.....

JKnott

@comfy said in A few questions from a newbie chimp....:

Ive also got a spare wifi card i could stick in the wireless slot

WiFi NIC support is not great. Even if you find one that works, you won't be able to get better than "n" out of it. I have a Unifi AC-Lite AP here.

Comfy

@jknott Ah - right - ive got a couple of EnGenius access points one wifi5 and the other one wifi6