Installation on Intel D2500CC (atom with dual NIC board)
-
Will that commit to the FreeBSD source make it into 8.3 though, or will it not apply until pfSense switches to 9.x?
-
http://redmine.pfsense.org/issues/2595
-
That still does not answer the question. It says it is going in 2.1. Does that mean the nightly pfSense builds include this fix. I tried a nightly from a few days ago, no luck. I have not been able to get nano with serial support to work either, so I am patiently waiting for a fix. Thanks for any insight.
-
I think I found the answer here:
http://redmine.pfsense.org/projects/pfsense/issues?fixed_version_id=5&set_filter=1&status_id=o&subproject_id=!*
It shows "New". I assume it will show "Feedback" when it is included and ready for testing. I will keep an eye out and test it as soon as it is included in the nightly builds.
-
Well thanks to Plisken I was able to install the pfSense-2.0.1-RELEASE-2g-amd64-nanobsd_vga on to my Intel D2500CCE.
Booting off a 2Gb Kingston CF via a SATA to CF adapter.
I did have a problem with my original picked 8Gb CF Card which was a Sandisk extreme (didn't look at it when I picked it up out of the tray)
It wouldn't boot with this card at all with either the 4g-amd64 or 4g-i386 nanobsd. I would get a read error, just after you see F1 pfsense, F2 pfsense F6 PXD?.
Didn't matter what I did in the bios. Then grabbed the slower Kingston card and dd over 2g-i386 nanobsd.
Booted up straight away. I wrote down the keystrokes I had to do to get it up and running, then dd over 2g-amd64 nanobsd.
Waited till I saw no more text movement, and entered the following (not entering whats in the "")
n enter "VLAN setup"
em0 enter "WAN"
em1 enter "LAN"
em2 enter "Option 1"
em3 enter "Option 2"
enter "any more Options ports, enter to continue"
y enter "confirm port selection and continue"
waited for the sound saying it had booted, then I could log on via a browser, and finish the rest.
I have a dual gigabit port intel server card installed into the PCI slot as OPT1 and OPT2 that is why the extra em2 and em3 key strokes.
If you don't have more than 2 NIC just don't leave out
em2 enter
em3 enter
I now have it up and running, and configuring it for my setup.
Thx -
Can a few using the Intel 2500cc post the power consumption?
I want to use the same board on several pfsense builds. I am using a via Samuel 2 board for my home box and it uses 41watts on boot up and 35-37 watts continuous. Trying to into to the 25 watts area.
-
Which C3 are you running? You should be drawing less than that at idle. The best thing you can do to reduce power consumption is use a high efficiency power supply. Some PSUs claim to be highly efficient but in reality are only much good when working at or close to their maximum output. Since you're drawing <50W you probably have something far too big.
Steve
-
Can a few using the Intel 2500cc post the power consumption?
19W idle, 20W when rebooting, measured at the mains with a KillAWatt. The board is a CCE rather than a CC.
I was quite surprised, since my toy webserver has dual P3s, how fast that Atom boots! It's not fully config'd yet, and therefore not online. It's a full default install straight off the iso image, lives in an Antec 300 case, has 4GB, a WD 320GB Black 2.5" drive as the boot and storage device, and currently an ASUS cd/dvd drive as the install device. I'm driving it with a 102W pico-psu. I suspect the "brick" is not the best quality, since it's warmer than I expected for so small a draw.
-
Thank you MMacD and stephenw10.
Not sure what you are asking? C3? I was doing some contact work for wayport. They had me replace a shallow 1u rackmount via server w/ 80 gig IDE…... Well I own it now since they never sent me a return FEDEX label. This enabled me to build the pfsense box for free. My best guess is the chassis is a pre-2004 180 watt ps w/ fan and two chassis fans.
Yes, I use the killawatt unit. I am finding the 2500cce for around $99 us and can find a complete package (mb, 2gig ram, ps, and the 350 chassis) for under $200 us. But I want a 1u or 2u rackmount chassis.
-
Sorry. C3 is what VIA were calling their processors that had the Samuel 2 core.
http://en.wikipedia.org/wiki/List_of_VIA_C3_microprocessors#.22Samuel_2.22_.28150_nm.29
I guess I was really asking what speed the CPU runs at?I have a miniITX board here that runs an Ezra core C3 900 and it uses <25W. It uses a DC-DC PSU (like the PicoPSU).
Steve
-
Thanks for the link and 800mhz
-
I want a 1u or 2u rackmount chassis.
You might have to pay for that, since they seem to hold their value surprisingly well. There's a no-name 1U uITX on ebay right now for $25 …but they want another $50 to ship it, a common ploy. I've often seen elderly 4Us and 6Us on ebay for little or nothing if you were to pick up, but they'd only be a good deal if you're building a toy system for development rather than paying co-loc fees by the U.
-
Thanks for the info. I do watch eBay, but my goal is to build the boxes myself. I am in sheetmetal. I am going to call them "ugly box". I don't like the prices, would like a box w/ ps for under $75. This seems more reasonable pricing. I need to find a ps supplier.
Crcmetalproducts.com
-
How many are you building? Where are you installing them?
You could do something like Google did with their custom servers: open enclosures and DC power! Cheaper and more efficient but obviously not suitable for co-lo.http://news.cnet.com/8301-1001_3-10209580-92.html?part=rss&subj=news&tag=2547-1_3-0-20
Seriously if you have access to cnc machines and bending tools etc then you could either make it from scratch or add your own front panel to a steel tray. I've done this a few times with 19" rack equipment though never a server and having a single panel machined is for you is expensive.
Steve
-
1st off, I am new to pfsense, about 2 months new. I have a long background in computer/IT, going back to 1982. Never have I heard about FreeBSD or pfsense. The only reason I know of it now is because of router problems over the last few years. Googling for solutions and finally someone did a good write on inadequate memory/cache overload and mismanagement of such. In the same thread, someone piped in about dumping off the shelf routers for pfsense. Blew my mind, so I googled pfsense. Here I am…....78-). A converted happy camper on a new learning curve.
The goal is to build 3. 1 to replace the via box I have at home (want to be more green on my energy bill) and 2 for work (1 for the office and 1 for the owners house). Also installing a freenas box at each location. Need some redundancy and offsite backup. Yes, I have some of this in place already, but want to make a transition to FreeBSD (free,at least for the software, and good support).
The next step/goal would be to offer low cost "ugly box" to the pfsense group (1u/2u chassis 8-10" deep). Designed around the intel 2500cc or cce board. I like the idea of SSD drive but not quite sold on it yet.
-
You will have a lot more takers if you keep it 1U. Many people will be paying per 'U'.
Something that may be of interest, it's been suggested by several users, would be a 1U 19" enclosure that contained an Atom based board and a 5-8 port vlan capable switch. Not sure how you'd arrange that though.
Steve
-
The goal is to build 3. 1 to replace the via box I have at home (want to be more green on my energy bill) and 2 for work (1 for the office and 1 for the owners house). Also installing a freenas box at each location. Need some redundancy and offsite backup. Yes, I have some of this in place already, but want to make a transition to FreeBSD (free,at least for the software, and good support).
As far as putting together a fNAS box, unless you need rackmount setups, you might combine the firewall, router, and nas functionality on the same 2500 board in an Antec 300 or 302 case, unless the bandwidth through your firewall isn't going to leave any spare clocks.
I bought a 300 for my firewall/snort/open-vpn/tele application because the 2500 apparently gets quite hot unless it has adequate air space, and the 300 was the cheapest well-made box with elbow room at a useful price. I no longer even consider putting form above function: too much hardware lost to heat through the years.
And the 300 is actually very well made, especially for a low-price box ($50 at Newegg), and supports 3x5.25 drives, 6x3.5, and even a 2.5 bolted directly to the floor. Room for 5x120mm fans toto (a 120 and a 140 come with).
-
Steve, is that simple as adding more LAN cards? Or adding a completely different board? I did search this and found www.bsdcan.org/2012/schedule/events/330.en.html. Not sure exactly what they are saying. Does pfsense have a package to add an internal switch? I know free switch, but thought this only only for voip phones and PBX.
MMacD, I was looking or I was asking that very question. Can I bundle nas and router/firewall together using FreeBSD (in the FreeBSD forum)? The answer I received was that could be a security issue and not good security/networking practice. I do like the idea of bundling.
I also forgot to mention that the phones are VoIP at the office. My plan is to add an additional nic to handle the VoIP. Someone said why not just do a vlan for the VoIP. Maybe in the future.
-
The answer I received was that could be a security issue and not good security/networking practice.
hmmm…I wonder why that would be. Did they say?
Neither networking nor security is my field (I've been doing human-factors systems architecture since '74), but it seems to me that the whole point of the firewall and snort is to keep the bad guys from tricking their way into the LAN. So if they can reach your disc farm when it's living in the box with the firewall, they can reach it no matter where it is in your LAN since nodes are logical locations rather than physical, and ready access is the whole point of running a LAN rather than a sneakernet. As long as you don't expose the logical location of the farm to the inet, I can't imagine what problem there could be with physical colocation. Perhaps someone will explain.
-
MMacD, I agree w/ you.
Quote from FreeBSD forum….....
Hello,
It's a good security practice to separate the file server from the "router/firewall". However, you can achieve easily all of the above using OpenVPN which is flexible and easy to implement, or IPSEC if you feel ready to dive into a less flexible but probably more secure implementation of VPN.
For the backups I'd use rdiff-backup or duplicity (if for additional security if needed). Not sure how are they gonna run with Cygwin under Windows. I'm pretty sure though you can achieve scheduled backups under windows with rdiff-backup, although a solution like DeltaCopy might seem more suitable for windows as it runs natively.
I get that what needs to be backed up are windows files that will be channeled through VPN.
What does it mean exactly 'more green' Green like that?
