New low consuming pfsense 2.0.1 setup with 2 INTEL NICS



  • Ive searched this forum and other sites on the web for the best solution but till now without luck… :'(

    Requirements

    • Low power consumption - max 40 watt

    • Based on Atom or maybe intel G620

    • Mini ITX

    • DUAL INTEL NIC

    • At least 2 sata ports (pref: 600)

    my pref. board till now

    • Intel® Desktop Board DH61WW - 1x NIC INTEL 82579V onboard but nobody can tell me if it is compatible with pfsense 2.0.1??…

    the second nic can be added through the PCI e interface (INTEL GBIT CT).

    Maybe somebody already succesfull is running pfsense with this board or maybe somebody has a good alternative ? (MINI ITX board, dual INTEL nic and socket 1155 for Intel G620 or maybe an atom).

    thanks in advance ;)



  • I just built the following [1]. Unless I'm missing something, it should meet your requirements. The onboard Realtek NIC works as well, which I use as OPT1 for wifi.

    [1] http://forum.pfsense.org/index.php/topic,44269.0.html



  • Thanks for your reply!

    what I ordered:

    • ASROCK H67M-ITX

    • CORSAIR 2GB DDR3 1333 CL9

    • INTEL PENTIUM G620 2.6G 3MB BOX

    • ANTEC MINI-ITX ISK 310 150-EC

    • Second hand INTEL PT 1000 Dual low profile

    The mainboard is different from the referred one because it isn't available here @ NL. This one has the same chipset and i hope it will work. As soon everything is working I will post an update!



  • Should all work well, good luck and please do post on how it went together for you.



  • I can confirm that the Intel 82579V onboard the DH61WWB3 is recognized and works flawlessly with PFsense 2.0.1.  I'm using that exact board with a G530 for my build right now.



  • @frederiksf:

    Ive searched this forum and other sites on the web for the best solution but till now without luck… :'(

    Requirements

    • Low power consumption - max 40 watt

    • Based on Atom or maybe intel G620

    • Mini ITX

    • DUAL INTEL NIC

    • At least 2 sata ports (pref: 600)

    Since you didn't mention low cost as a requirement ;) you could take a look at the Supermicro X7SPA-HF-D525, which is a miniITX Atom board with dual Intel NICs that is confirmed to work well with pfSense.  However if people really do have the Intel 82579V working on 2.0.1 that opens up many choices on the Socket 1155 side.  The Supermicro has the advantage of being completely passively cooled and having both NICs on the motherboard, meaning you can fit it in a very small enclosure.



  • If you can get the Intel D2500CC, it's basically an Atom mini-itx board with 2 x 82574L Intel GBe NICs onboard.



  • @dreamslacker:

    If you can get the Intel D2500CC, it's basically an Atom mini-itx board with 2 x 82574L Intel GBe NICs onboard.

    Just wanna quote this board,
    This is the perfect solution if you do not require a 1Gbps router but a Green one.
    I think this should be able to give around ~500Mbps for NAT.



  • @frederiksf:

    Requirements

    • Low power consumption - max 40 watt

    • Based on Atom or maybe intel G620

    • Mini ITX

    • DUAL INTEL NIC

    • At least 2 sata ports (pref: 600)

    I too have researched this. Here are your options IF, you want dual intel nics on-board :

    Atom Boards with dual Intel Gigabit NICs

    • Supermicro X7SPA-HF-D525 ($240)
    • Intel D2500CC ($99? when released in Feb)

    Atom Boards with 4 Intel Gigabit NICs

    • Soekris 6501 ($379)

    Sandy Bridge (1155) boards with dual Intel Gigabit NICs

    • Intel S1200KP ($163)

    When I built one of these systems, I went with the Sandy Bridge CPU (G620) and the S1200KP motherboard, because I wanted dual Intel gigabit NICs on-board. I looked at the Supermicro board, but it was over-priced. I think the G620/S1200KP cost me $20 more than the Supermicro Atom board. Now that this Intel D2500CC has entered the picture, this changes everything, assuming the $99 price I saw on one website is accurate.

    Of course, if you don't care about your NICs, there are a lot of dual NIC boards with Realtek 8111's on them. Too many to count/list. Also, if you're willing to put in a PCI-Express card, you can get pretty much any motherboard out there.



  • Hi,

    PFsense would not be the question for me. The mainboard is.

    Are you sure that the intel S1200KP mainboard will work with both NICs supported by PFSense? Using Sandy Bridge sounds more future proof but I would really like to be able to use both NICs.



  • @turboproc:

    Hi,

    PFsense would not be the question for me. The mainboard is.

    Are you sure that the intel S1200KP mainboard will work with both NICs supported by PFSense? Using Sandy Bridge sounds more future proof but I would really like to be able to use both NICs.

    You may take reference to my setup, http://forum.pfsense.org/index.php/topic,45439.0.html
    exactly 82574L+82579V, works out of box with pf 2.0.1.



  • @jms703:

    I too have researched this. Here are your options IF, you want dual intel nics on-board :

    Atom Boards with dual Intel Gigabit NICs

    • Supermicro X7SPA-HF-D525 ($240)
    • Intel D2500CC ($99? when released in Feb)

    Atom Boards with 4 Intel Gigabit NICs

    • Soekris 6501 ($379)

    Sandy Bridge (1155) boards with dual Intel Gigabit NICs

    • Intel S1200KP ($163)

    You were able to get the S1200 with a G620 for $163?  When I look around, I can only see the board itself for that price.  Newegg wants $70 for a 620, bringing the price to ~$230.

    If the $163 was just for the board, what persuaded you to go with the G620, considering that it's the high-wattage choice (65W) compared to the D525 (13W) and the diff in total hw cost is minimal?



  • @MMacD:

    @jms703:

    I too have researched this. Here are your options IF, you want dual intel nics on-board :

    Atom Boards with dual Intel Gigabit NICs

    • Supermicro X7SPA-HF-D525 ($240)
    • Intel D2500CC ($99? when released in Feb)

    Atom Boards with 4 Intel Gigabit NICs

    • Soekris 6501 ($379)

    Sandy Bridge (1155) boards with dual Intel Gigabit NICs

    • Intel S1200KP ($163)

    You were able to get the S1200 with a G620 for $163?  When I look around, I can only see the board itself for that price.  Newegg wants $70 for a 620, bringing the price to ~$230.

    If the $163 was just for the board, what persuaded you to go with the G620, considering that it's the high-wattage choice (65W) compared to the D525 (13W) and the diff in total hw cost is minimal?

    I am not sure for the price but for the power consumption,
    SNB especially these Pentinum/Celeron don't really look as awful as you thought:

    System consumption at Idle:

    System consumption at Full Load:

    TDP is not really a good reference when you are to consider numerically the cost due to power consumption.



  • @nexusN:

    @MMacD:

    @jms703:

    I too have researched this. Here are your options IF, you want dual intel nics on-board :

    Atom Boards with dual Intel Gigabit NICs

    • Supermicro X7SPA-HF-D525 ($240)
    • Intel D2500CC ($99? when released in Feb)

    Atom Boards with 4 Intel Gigabit NICs

    • Soekris 6501 ($379)

    Sandy Bridge (1155) boards with dual Intel Gigabit NICs

    • Intel S1200KP ($163)

    You were able to get the S1200 with a G620 for $163?  When I look around, I can only see the board itself for that price.  Newegg wants $70 for a 620, bringing the price to ~$230.

    If the $163 was just for the board, what persuaded you to go with the G620, considering that it's the high-wattage choice (65W) compared to the D525 (13W) and the diff in total hw cost is minimal?

    I am not sure for the price but for the power consumption,
    SNB especially these Pentinum/Celeron don't really look as awful as you thought:

    [snip]

    TDP is not really a good reference when you are to consider numerically the cost due to power consumption.

    Fair enough, but surely the relative difference should remain constant?  Both figures (13W and 65W) are TDP.  Offhand, I can't see why two chips running the same instruction set and application(s) should have  consumption curves with different slopes.



  • Nope, you wouldn't have the same curve at all. Processor B can do 4 times the amount of work as processor A. So a 100% workload for processor A would generate 13W, but it might only generate 30W of load on processor B since it's only partially loaded. Different voltages, process nodes, cache sizes, bus widths and efficencies all play in to how well a processor can scale at a given workload. The metric performance per watt was created to show how much more work one processor could do with the same amount of power that another one can. In the case of Atom vs SNB when atom gets a workload it needs to turn everything on in order to prcocess it. Sandy Bridge could have up to 4 cores, but if it's a light workload sandy bridge only needs to power up 1 core. There are other parts of the processor like L3 cache which will need to be turned on no matter what the workload is. It's more efficient for light usage to have the smallest cache possible since it can use quite a bit of power. Comparing Kentsfield (Q6600) to sandy bridge, half of the cpu needed to be turned on for any workload, so on light usage cases it will use way more power. Like I said before, even with the same TDP, a sandy bridge processor could do 2x the amount of work as a Q6600. So if the Q6600 is at 100% that's 95W, but the same sandy bridge processor is only 50% loaded and might only be using 40W. A half loaded Q6600 would use say 48W of power since it cannot turn off additional unused parts of the CPU like sandy bridge can.



  • @bman212121:

    Nope, you wouldn't have the same curve at all. Processor B can do 4 times the amount of work as processor A. So a 100% workload for processor A would generate 13W, but it might only generate 30W of load on processor B since it's only partially loaded. [snip]

    Okay, but the case here is specifically the 620, not just any Sandy Bridge processor.  If I load a D525 to the 13W level, and the same load burdens a 620 at the 30W level (Would it?  Do we know?), it seems I'm still paying for a bigger drain to do the same job.  What does excess capacity buy in a dedicated box?

    I'm as much in favor of slots-n-watts as any other nerd  ;D but the firewall function seems pretty circumscribed since it's bandwidth-bound and dsl pipe sizes don't seem to be changing that fast (at least not in the US: there are people still waiting to get dsl at all).  I could see someone choosing a higher-capacity chip for a general-purpose box that's going to have a number of concurrent roles including firewall, but that doesn't seem to be what's going on here.  So I'm curious, being still in the research stage myself.



  • Yes that's exactly the point. For a low load atom would be the better buy. Having all of that extra power there and not using it wouldn't do you any good. The reason why atom can pull it off is because it has 1/3 the L3 cache, and has an in order architecture. It has to execute every command in the order it recieves it, so it's simply not going to perform anywhere near sandy bridge would at the same clock speed. Those differences are what gives atom a better performance per watt on small workloads. Like you said, for the role of a firewall it makes a whole lot of sense. What I've seen from other posts is a D525 is capable of ~500mbps throughput. If you are going to be using several vpn tunnels with encryption, squid, snort, or something else that might require more work than what atom can handle, then SNB would be required.

    I've been trying to find some better numbers but it's hard to find numbers for atom. The thing that works against atom is that even if the CPU is very efficient things like a HDD or chipset work against it. You might be using the same memory modules, same hard drive, and a chipset that uses as much power as a sandy bridge based board. So while atom is consuming less power the overall system might not be as pronounced. For an $80 atom setup setup you're getting the better buy, but for the $200 super micro you could potentially buy a G620, a $50 board, and a pair of Intel Pro 1000 cards for about the same amount of money.

    Running some numbers I came up with a rough estimate of about 1W saved is about $1 per year. So if it's 15W less then I'd save about $15 a year. That's basically what has kept me from worrying about building a new system for PFsense. I might be drawing 80W on my current setup, but it's going to take years to break even and by then I'd probably just replace the setup for something with more power. If you already have something laying around that can run pfsense it's pretty tough to beat based on power savings.



  • @MMacD:

    You were able to get the S1200 with a G620 for $163?  When I look around, I can only see the board itself for that price.  Newegg wants $70 for a 620, bringing the price to ~$230.

    If the $163 was just for the board, what persuaded you to go with the G620, considering that it's the high-wattage choice (65W) compared to the D525 (13W) and the diff in total hw cost is minimal?

    No, that price was just the motherboard.

    I chose the Sandy Bridge chip because it gets SO much more done than an Atom for the same price. TDP should not be used to count real world power usage. It's not even remotely close. Fully loaded, I can't get my G620 to use more than 45 watts.


Log in to reply