Will this Hardware take me close to 1000/1000Mbit, pls check before I order.

fableman

I got a problem, I got too fast Internet, I must try to build a new firewall and this is the hardware Iam thinking of.

Before I order I love someone to say something about this hardware Iam planing to use only for pfsense.

Will I be close to 1Gbit NAT firewalling with this setup ?

Motherboard:  ASUS P7H55-M PRO H55 S-1156 M-ATX 
Memory:        CORSAIR 4GB DDR3 XMS3 INTEL I3/I5/I7 1333MHZ 
CPU:              INTEL CORE I3 550 3.20GHZ 4MB S-1156
NIC's 2x:        INTEL PRO/1000 GT DESKTOP ADAPTER
HD:                KINGSTON V DRIVE 30GB SSD SATA/300 MLC
PSU:              SILVERSTONE SFX 450W
BOX:              SILVERSTONE SST-SG01-B-F EVOLUTION M-ATX BLACK

dreamslacker

If you're looking at 1Gbit symmetric connection, that's 2Gbit/s of NAT throughput in total.

The hardware will support that throughput except the PCI bus.

You will need to use PCI express adapters to overcome the shared bandwidth limits of the PCI bus.

jwelter99

I'd go with a Supermicro X8SIL board as it has dual Intel NIC's on board, great quality, and works really well with PFSense.

John

@fableman:

I got a problem, I got too fast Internet, I must try to build a new firewall and this is the hardware Iam thinking of.

Before I order I love someone to say something about this hardware Iam planing to use only for pfsense.

Will I be close to 1Gbit NAT firewalling with this setup ?

Motherboard:   ASUS P7H55-M PRO H55 S-1156 M-ATX   
Memory:         CORSAIR 4GB DDR3 XMS3 INTEL I3/I5/I7 1333MHZ 
CPU:              INTEL CORE I3 550 3.20GHZ 4MB S-1156
NIC's 2x:         INTEL PRO/1000 GT DESKTOP ADAPTER
HD:                KINGSTON V DRIVE 30GB SSD SATA/300 MLC
PSU:              SILVERSTONE SFX 450W
BOX:              SILVERSTONE SST-SG01-B-F EVOLUTION M-ATX BLACK

fableman

@dreamslacker:

If you're looking at 1Gbit symmetric connection, that's 2Gbit/s of NAT throughput in total.

The hardware will support that throughput except the PCI bus.

You will need to use PCI express adapters to overcome the shared bandwidth limits of the PCI bus.

If i replace the mother board and the NIC to:

Motherboard: INTEL DQ57TM Q57 S-1156 M-ATX
NIC's: 2x INTEL GIGABIT CT DESKTOP ADAPTER PCI-E

Will that be better ? atleast to take me closer to 1Gbit download.

jasonlitka

Those NICs are identical to the ones built into the SuperMicro X8SIL(-F).  Unless you have some reason to want to use add-in NICs, save yourself some cash (and space) and get the SuperMicro board.  If you need 4 ports then consider the X8SIE-LN4(F).

Cry Havok

The Intel Server cards have been widely reported as having higher throughput than the desktop cards.

MarkProvanP

Have you read the advice about running pfSense on an SSD? The normal .iso install will destroy the SSD due to the constant, small reads/writes. To have an SSD survive this, you need to run an embedded install, which would run just as well off of a small (but fast) CompactFlash card.

cmb

@MarkProvanP:

Have you read the advice about running pfSense on an SSD? The normal .iso install will destroy the SSD due to the constant, small reads/writes. To have an SSD survive this, you need to run an embedded install, which would run just as well off of a small (but fast) CompactFlash card.

Not true. There are write limits with SSD but your firewall will write vastly less to disk with a normal full install (logs are in RAM) than a typical laptop or other device running SSD with Windows, OS X, or other OSes.

jwelter99

This is bogus info.

I've been running pfsense off Intel 80GB "G1" SSD's since they came out.  Using the Intel tools they are still reported 99% life remaining - so in 2 years those constant small reads/writes have used 1% of my SSD life span.

John

@MarkProvanP:

Have you read the advice about running pfSense on an SSD? The normal .iso install will destroy the SSD due to the constant, small reads/writes. To have an SSD survive this, you need to run an embedded install, which would run just as well off of a small (but fast) CompactFlash card.

fableman

@jasonlitka:

Those NICs are identical to the ones built into the SuperMicro X8SIL(-F).  Unless you have some reason to want to use add-in NICs, save yourself some cash (and space) and get the SuperMicro board.  If you need 4 ports then consider the X8SIE-LN4(F).

I now have a SuperMicro board based on Intel atom 1.6Ghz with dual NIC's and I can't get over 380Mbit with little CPU load. (I manage to max the CPU load at 34%) Soo I think the built in stuff not that great.

Cry Havok

@fableman:

I now have a SuperMicro board based on Intel atom 1.6Ghz with dual NIC's and I can't get over 380Mbit with little CPU load. (I manage to max the CPU load at 34%) Soo I think the built in stuff not that great.

I've certainly heard similar reports from others - that apparently identical built in NICs don't perform as well as physical cards.

dreamslacker

@fableman:

I now have a SuperMicro board based on Intel atom 1.6Ghz with dual NIC's and I can't get over 380Mbit with little CPU load. (I manage to max the CPU load at 34%) Soo I think the built in stuff not that great.

Which Supermicro is this?  I know of at least one of the Supermicro Atom boards that uses Realtek 8111 NICs instead of Intel 82574's.

jwelter99

I've never had this with onboard Intel NIC's.  The chip and drivers are identical to the stand-alone cards and performance has always been equal.

Perhaps with some shoddy RT on board NIC you would gain performance with an add in Intel card.

I won't buy boards that use RT nic's unless it's only for IPMI.  Intel is my #1 choice, followed by Broadcom.

@Cry:

@fableman:

I now have a SuperMicro board based on Intel atom 1.6Ghz with dual NIC's and I can't get over 380Mbit with little CPU load. (I manage to max the CPU load at 34%) Soo I think the built in stuff not that great.

I've certainly heard similar reports from others - that apparently identical built in NICs don't perform as well as physical cards.

Zeon

I would recommend rather than using the X8SIL series Supermicro motherboards you take a look at the new LGA1155 socket ones like the X9SCM coupled with the newer Intel Core-i3 2100. It's a newer architecture and probably slightly faster/more power efficient.

fableman

Still looking for improvments to the build:

This is what I decided at this moment.

Bold have been changed after your inputs.

I changed the NIC's to PCI-eXpress verion to get faster bus speeds over PCI (can it be that some internal NIC use PCI bus and not PCI eXpress?)
That forced me to a new motherboard and then I changed to 1155 instead of the older 1156 version.
Then I hade to change CPU to 1155 aswell.

Motherboard:                          GIGABYTE GA-H67M-UD2H-B3 H67 S-1155 M-ATX 
CPU based on 1155:              INTEL CORE I3 2100 3.10GHZ 3MB S-1155
NIC's to be sure I get pci-X:  INTEL GIGABIT CT DESKTOP ADAPTER PCI-E

Memory:                            CORSAIR 4GB DDR3 XMS3 INTEL I3/I5/I7 1333MHZ 
HD                                    KINGSTON V DRIVE 30GB SSD SATA/300 MLC
PSU:                                SILVERSTONE SFX 450W
BOX                                  SILVERSTONE SST-SG01-B-F EVOLUTION M-ATX BLACK

Any more input ideés I would love.

jasonlitka

@Cry:

@fableman:

I now have a SuperMicro board based on Intel atom 1.6Ghz with dual NIC's and I can't get over 380Mbit with little CPU load. (I manage to max the CPU load at 34%) Soo I think the built in stuff not that great.

I've certainly heard similar reports from others - that apparently identical built in NICs don't perform as well as physical cards.

I've not had that experience, at least not with Intel NICs.  I've got an X8SIL-F right in front of me and have had no issues pushing 100MB/s through the onboard 82574L controllers when running CentOS, OpenSolaris, or Windows Server 2008R2.

Cry Havok

The ones in the case I'm aware of were nominally Intel Gbit server grade cards, which topped out below that of a physical card by a measurable margin. The problem may have been specific to the motherboards or chipsets used, but I don't have enough technical information on the setup any more (this dates from a few years ago now).

jwelter99

Issues with the X9 series and FreeBSD 8.1 makes it an iffy PF sense 2.0 platform.  I agree that once driver issues are resolved it makes sense to consider this.

@Zeon:

I would recommend rather than using the X8SIL series Supermicro motherboards you take a look at the new LGA1155 socket ones like the X9SCM coupled with the newer Intel Core-i3 2100. It's a newer architecture and probably slightly faster/more power efficient.

fableman

@jasonlitka:

@Cry:

@fableman:

I now have a SuperMicro board based on Intel atom 1.6Ghz with dual NIC's and I can't get over 380Mbit with little CPU load. (I manage to max the CPU load at 34%) Soo I think the built in stuff not that great.

I've certainly heard similar reports from others - that apparently identical built in NICs don't perform as well as physical cards.

I've not had that experience, at least not with Intel NICs.  I've got an X8SIL-F right in front of me and have had no issues pushing 100MB/s through the onboard 82574L controllers when running CentOS, OpenSolaris, or Windows Server 2008R2.

100MB as in Megabyte?

100MByte/s = 800Mbit/s  just to be sure cos I was using Mbit as unit and not MB.

fableman

@jwelter99:

Issues with the X9 series and FreeBSD 8.1 makes it an iffy PF sense 2.0 platform.  I agree that once driver issues are resolved it makes sense to consider this.

@Zeon:

I would recommend rather than using the X8SIL series Supermicro motherboards you take a look at the new LGA1155 socket ones like the X9SCM coupled with the newer Intel Core-i3 2100. It's a newer architecture and probably slightly faster/more power efficient.

English not my native language, I guess Iffy = unstable ?

Will I be able to run pfsense 2 on Intel 1155 builds with eXpress NIC's at all?