Alix 2D2 vs mini-itx for home use
I am yrying to decide between an Alix 2d2 or mini-itx based pfSense box for home. My cable connection speed is 25Mbps down and 3.3Mbps up, and I have 2 site-to-site VPN connections nailed up to a local data center. The Alix boxes run ~$200 with pfSense installed (netgate.com) and the mini-itx boxes cost about $300 (and many don't have second NICs which costs even more money).
I am concerned I am buying "yesterday's technology" with the Alix system, but I really want a low-powered firewall at home that can handle about 8Mbps up and down (for future growth).
GruensFroeschli last edited by
An ALIX can handle around 85 Mbps throughput (85 in, 85 out) So you're on the safe side for normal traffic.
How much traffic do you want to push on the VPN? What kind of VPN?
With OpenVPN it seems to be possible to push about 10Mbps.
See this thread where the tests were done:
You can get closer to 20 with OpenVPN when using AES-128-CBC and using "engine cryptodev;" in the custom options box. You can get just over 20Mbit with IPsec and the Rijndael (AES) algo. This is because the ALIX units have a built-in crypto accelerator chip that helps with this cipher.
I say go with the Alix since it's for home use. You shouldn't have any need for major packages like squid or snort.
It's a firewall not a server. So I wouldn't worry about having the latest and greatest. I see people on here worried about SMP support
on hardware that is more than powerful enough for a single processor to handle whatever they throw at it.
I'm running pFsense on a Soekris Net5501 with a vpn1401 crypto accelerator card. The Net5501 is comparable to the Alix.
I have a 30/5 cable connection with an ipsec tunnel to a Cisco ASA5520 that's on a 100Mbit fibre connection.
It handles it all without a hiccup.
The Alix also has miniPCI slots, where you could shove a hardware crypto card to boost your vpn throughput even more.
Soekris engineering have a PCI and a mini-PCI card: