New mini-itx router, choose configuration
-
Hi!
I'm new on this forum, and also new to pfSense, but willing to learn.
I want to build a mini-ITX router/firewall, for home use. I will be playing with snort, ntop, etc, RAM&CPU hungry modules, and want to give it as much resources as it needs.
But I also want it completely fanless/silent.Please can you help me choose between the two configurations below:
–-----------------------------------
1. JETWAY:
Motherboard: Jetway Intel D525 Fanless Mini-ITX w/Power, NF96FL-525
Daughterboard: Jetway 3x Intel Gigabit LAN Module AD3INLANG,NF96FL-510 (chipset Intel 82541PI)
RAM: 4 GB
HDD: 1x HDD, SATA, 2.5inch
CASE: mini-box M350
–-----------------------------------
2. Intel ATOM D525MW
MOBO: INTEL iNM10 Express iAtom D525MW Dual Core 1.8Ghz BLKD525MW (1xLAN Realtek 8111E onboard)
PCI CARD: Intel PWLA8492MT PRO-1000 MT Dual Port Gigabit Server Adapter, PCI
RAM: Corsair CMSO4GX3M2A1333C9 4GB, 1333MHz, ValueSelect
HDD: 1x HDD SATA2.5 inch
CASE: Chieftec Flyer Series FI-01B, 200W, mini-ITX
–-----------------------------------The Jetway :
PROS:
- better quality, 4 intel NICs (1 on MOBO and 3 on Daughtercard)
- no PSU needed;
CONS
- but I leave in Europe and I have to order them from big distance.
- more expensive (+ about $40)
The Intel iNM10
PROS:- DDR3 instead of DDR2,
- the big advantage: i can buy it from a local IT Store, have it at home the next day.
CONS:
- still couldn't find a fanless PSU,
- some problems with driver for Realtek 8111E (are they solved meanwhile ?? in version 2.0 ?).
Which one would you choose?
Thanx!!
-
Personally I use Atom + intel dual NIC PCI-X (disabled on-board Realtek NIC's)
I'm looking for the Via nano x2 solution (padlock, better throughput in general) , but it's too expensive.(or not available to order in my country)
-
Now I see I was mistaken with second configuration: Intel PRO-1000 MT Dual Port Gigabit is PCI-X, not PCI, :-[ and does not fit into PCI slot of Atom D525MW.
[quote]Personally I use Atom + intel dual NIC PCI-X - What Atom motherboard do you have, with PCI-X slot ?
-
After some research, I found that PCI-X format of the Intel PRO-1000 MT actually fits into the PCI slot of the mini-ITX board :o :o :o
But it will operate at 66MHz instead of the 133 that is native for PCI-XSo : do you have any idea if this might work? :-\
Intel ATOM D525MW + Intel PRO-1000 MT Dual Port Gigabit (limited at the speed of PCI) ?
-
It will probably work and it's unlikely the PCI connection will throttle your connection since the Atom CPU will be the weak point in the system.
32bit PCI at 33MHz is approximately 1Gbps but actual throughput will be less with overheads etc. Atom D525 will not be getting close to that in firewall throughput. Even if we allow for traffic going both ways across the interface (WAN and LAN on the card) 500Mbps is at the very top of the throughput I would expect.Steve
-
I'm curious what you are going to spend for those boards. I looked at almost every mini-itx Atom/Zacate cpu/motherboard combo and I always found them to be just a few dollars cheaper than a mini-itx desktop solution. The upside is that you have a whole lot more CPU and the new Sandy Bridge CPUs are almost as power efficient as the Atom/Zacate solutions. I couldn't find a reason to buy an Atom or Zacate anymore.
For instance, I just built a system with these components:
Intel G620 (Low end dual core sandy bridge)
Intel S1200KP (C202 server chipset, dual Intel NICs)
4GB DDR3and it performs well and runs at 36 watts when idle.
Hope that helps.
-
I agree get a Sandy Bridge Pentium or Celeron, just not the 440 since it doesn't have speedstep.
-
After some research, I found that PCI-X format of the Intel PRO-1000 MT actually fits into the PCI slot of the mini-ITX board :o :o :o
But it will operate at 66MHz instead of the 133 that is native for PCI-XSo : do you have any idea if this might work? :-\
Intel ATOM D525MW + Intel PRO-1000 MT Dual Port Gigabit (limited at the speed of PCI) ?Has anyone verified this works?
I just ordered and received a PRO-1000 MT card. I went to install it in my Jetway NC-92 mini-itx and realized the card was keyed reverse to that of the slot. I'm guessing that the card is 3.3v only and that the slot is 5v only (see http://en.wikipedia.org/wiki/File:PCI_Keying.png). The picture of the D525MW didn't look like a universal PCI slot, so I'm not sure that it will work either. However, the product specification stated it is pci 2.3 which I believe supports both.
If it does work, it may require a pci riser with a cable that can be twisted around so that the card can actually be installed.
-
Hmm, interesting. I'd kind of assumed they sorted out this kind of incompatibility problem years ago!
I agree the PCI slots on those boards look to be keyed for 5V. However the Intel PRO/1000 MT Server Adapter looks to be keyed for universal use so there shouldn't be problem. :-\You can't just install it backwards and twist the riser cable around.
Steve
Edit: The Pro/1000 Desktop Adapter is also universally keyed but is PCI instead of PCI-X. Are you sure you got the correct card?
-
jms703 wrote:
_"For instance, I just built a system with these components:
Intel G620 (Low end dual core sandy bridge)
Intel S1200KP (C202 server chipset, dual Intel NICs)
4GB DDR3and it performs well and runs at 36 watts when idle."_
How were you able to overcome the network port driver issue in that motherboard? I know there is a driver workaround out there, but I don't think it has ever been incorporated into the main software download. ???
-
I built this recently:
Jetway NF99FL-525 (Dual core Atom D525 1.8Ghz, dual onboard Intel Gigabit NICs)
http://www.jetway.com.tw/jw/ipcboard_view.asp?productid=832&proname=NF99FL-525M350 Mini-ITX enclosure
http://www.mini-box.com/M350-universal-mini-itx-enclosurepicoPSU-80
http://www.mini-box.com/picoPSU-802GB DDR3 SODIMM RAM
2GB SATA DOM (SLC) ($30 on ebay)
http://www.kingspec.com/solid-state-disk-products/dom-sata1channel-slcj.htmRuns pfSense very nicely. Completely solid state. Uses 19W at idle.
-
Hmm, interesting. I'd kind of assumed they sorted out this kind of incompatibility problem years ago!
I agree the PCI slots on those boards look to be keyed for 5V. However the Intel PRO/1000 MT Server Adapter looks to be keyed for universal use so there shouldn't be problem. :-\You can't just install it backwards and twist the riser cable around.
Steve
Edit: The Pro/1000 Desktop Adapter is also universally keyed but is PCI instead of PCI-X. Are you sure you got the correct card?
He has gotten the wrong card, so to speak. The Pro/1000 MT exists in single port, dual port and quad port variants.
The single and dual port cards are universally keyed.However, the quad-port is only keyed for 3.3v. There was a thread on this sometime back here:
http://forum.pfsense.org/index.php?topic=32953.0
-
Ah! That would explain it. Good catch.
The original poster talks about a dual port card, I think that threw me.Steve
-
I'm curious what you are going to spend for those boards. I looked at almost every mini-itx Atom/Zacate cpu/motherboard combo and I always found them to be just a few dollars cheaper than a mini-itx desktop solution. The upside is that you have a whole lot more CPU and the new Sandy Bridge CPUs are almost as power efficient as the Atom/Zacate solutions. I couldn't find a reason to buy an Atom or Zacate anymore.
For instance, I just built a system with these components:
Intel G620 (Low end dual core sandy bridge)
Intel S1200KP (C202 server chipset, dual Intel NICs)
4GB DDR3and it performs well and runs at 36 watts when idle.
Hope that helps.
I agree get a Sandy Bridge Pentium or Celeron, just not the 440 since it doesn't have speedstep.
+3, I just built the following[1]. Works great and does much more than atom would.
-
+3, I just built the following[1]. Works great and does much more than atom would.
Yeah though the Atom solutions can be completely solid state.
-
Yeah though the Atom solutions can be completely solid state.
Not sure what exactly you mean by solid state. I see no reason why a non atom solution could not be solid state as well.
-
Not sure what exactly you mean by solid state. I see no reason why a non atom solution could not be solid state as well.
Mainly that it's fanless and noiseless, without requiring elaborate cooling/heatsinks.
-
Mainly that it's fanless and noiseless, without requiring elaborate cooling/heatsinks.
Ok, the same thing I was thinking. A non atom solution can also be solid state, but does take a little more effort. Since pretty much any atom solution usually only comes with a heatsink. Regardless there are trade offs to either setup. I prefer to error on the side of having more than I need and can also be used for something else if need be.
-
Thought I'd add this.
I'm running a Jetway Atom mobo 2GB RAM with the 3 Intel add on NICS. It's in an office setting with one T1, and one VPN connection to a remote office. There are 18 users. Users have been saying to me that the internet is slow. To test I fired up an old p4, added two Intel NICS-users immediately said the "internet" was faster. I didn't do any formal testing, but the "internet" did seem faster. VPN was definately faster.
I'm now spec'ing out a system to replace the Jetway Atom. Most probably a Sandy Bridge.
-
I'm running a Jetway Atom mobo 2GB RAM with the 3 Intel add on NICS. It's in an office setting with one T1, and one VPN connection to a remote office. There are 18 users. Users have been saying to me that the internet is slow. To test I fired up an old p4, added two Intel NICS-users immediately said the "internet" was faster. I didn't do any formal testing, but the "internet" did seem faster. VPN was definately faster.
I don't think anyone is suggesting to use an Atom without first looking at the requirements and determining throughput / VPN usage etc.
Did you examine what CPU usage was going on on your Atom box when the internet was described as slow?
-
I'm running a Jetway Atom mobo 2GB RAM with the 3 Intel add on NICS. It's in an office setting with one T1, and one VPN connection to a remote office. There are 18 users. Users have been saying to me that the internet is slow. To test I fired up an old p4, added two Intel NICS-users immediately said the "internet" was faster. I didn't do any formal testing, but the "internet" did seem faster. VPN was definately faster.
I don't think anyone is suggesting to use an Atom without first looking at the requirements and determining throughput / VPN usage etc.
Did you examine what CPU usage was going on on your Atom box when the internet was described as slow?
I'm back on the Atom as we speak. The P4 was just to test. It's an old box and didn't want to risk failure over the weekend.
I'm not down on the Atoms. Our other office has a Jetway VIA and it handles the other end of that VPN and a fios line nicely. No lag, nothing. Maybe I have a flakey nic on the Atom not sure. I suppose the I could have reinstalled PF on the Atom but for about $300 I'll be happy with something beefier.Current system overview.
CPU 7%
Memory 4%
-
I'm back on the Atom as we speak. The P4 was just to test. It's an old box and didn't want to risk failure over the weekend.
I'm not down on the Atoms. Our other office has a Jetway VIA and it handles the other end of that VPN and a fios line nicely. No lag, nothing. Maybe I have a flakey nic on the Atom not sure. I suppose the I could have reinstalled PF on the Atom but for about $300 I'll be happy with something beefier.Current system overview.
CPU 7%
Memory 4%VIA processors have Padlock which offloads VPN encryption. Probably the reason why it's performing so well despite the processor being on-par or weaker than the Atom in terms of raw processing power.
Furthermore, the daugtherboard rides on PCI bus which is shared amongst the 3 NICs. If you're doing any inter-LAN or inter-VLAN routing, then the PCI bus becomes a limitation. Also, do check the PCI latency timer settings in the BIOS. Try reducing it to 32 clocks from 128 (typical defaults) to prevent a single NIC from hogging the bus.
-
Thanks for the tip. I'll try it. Thought I'm still replacing the Atom with a Sandy Bridge.
-
How were you able to overcome the network port driver issue in that motherboard? I know there is a driver workaround out there, but I don't think it has ever been incorporated into the main software download. ???
There is no "network port driver issue". The NICs work fine.
