Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Alix 2D2 vs mini-itx for home use

    Hardware
    6
    6
    5165
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rkelleyrtp last edited by

      Greetings all,

      I am yrying to decide between an Alix 2d2 or mini-itx based pfSense box for home.  My cable connection speed is 25Mbps down and 3.3Mbps up, and I have 2 site-to-site VPN connections nailed up to a local data center.  The Alix boxes run ~$200 with pfSense installed (netgate.com) and the mini-itx boxes cost about $300 (and many don't have second NICs which costs even more money).

      I am concerned I am buying "yesterday's technology" with the Alix system, but I really want a low-powered firewall at home that can handle about 8Mbps up and down (for future growth).

      Any opinions?

      1 Reply Last reply Reply Quote 0
      • GruensFroeschli
        GruensFroeschli last edited by

        An ALIX can handle around 85 Mbps throughput (85 in, 85 out) So you're on the safe side for normal traffic.
        How much traffic do you want to push on the VPN? What kind of VPN?
        With OpenVPN it seems to be possible to push about 10Mbps.

        See this thread where the tests were done:
        http://forum.pfsense.org/index.php/topic,12766.0.html

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • jimp
          jimp Rebel Alliance Developer Netgate last edited by

          You can get closer to 20 with OpenVPN when using AES-128-CBC and using "engine cryptodev;" in the custom options box. You can get just over 20Mbit with IPsec and the Rijndael (AES) algo. This is because the ALIX units have a built-in crypto accelerator chip that helps with this cipher.

          http://doc.pfsense.org/index.php/Are_cryptographic_accelerators_supported

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • S
            ScottNJ last edited by

            I say go with the Alix since it's for home use. You shouldn't have any need for major packages like squid or snort.
            It's a firewall not a server. So I wouldn't worry about having the latest and greatest. I see people on here worried about SMP support
            on hardware that is more than powerful enough for a single processor to handle whatever they throw at it.

            I'm running pFsense on a Soekris Net5501 with a vpn1401 crypto accelerator card. The Net5501 is comparable to the Alix.
            I have a 30/5 cable connection with an ipsec tunnel to a Cisco ASA5520 that's on a 100Mbit fibre connection.
            It handles it all without a hiccup.

            1 Reply Last reply Reply Quote 0
            • C
              clarknova last edited by

              The Alix also has miniPCI slots, where you could shove a hardware crypto card to boost your vpn throughput even more.

              db

              1 Reply Last reply Reply Quote 0
              • S
                scooterdouglas last edited by

                Soekris engineering have a PCI and a mini-PCI card:

                Soekris Engineering vpn1401 and vpn1411

                ;)

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post