Dual build and CARP



  • Hello.
    Right now I have a Pfsense box running on an ASUS microATX ( >:() AMD-350 processor with 8GB of RAM and 2 PCIe INTEL NICs inside a Fractal Design Arc Mini case.
    I would like to ask - if possible - if any of you find hardware redundancy so important to do a second build just for that.

    I'm using this at home and power consumption is important: however when I'm at home, I could always power off one rig to save power anyway.

    But if I'm like 6 hours from home and my router is down, all my PCs will not be accessible (through VPN, SSH, …), if I need something important I couldn't get it. I wouldn't like to go for a trip just to get my router back on.

    I was thinking of buying a very cheap INTEL sandy bridge configuration. Now, most of the times (including this one  ;D) I tend to make overkill builds, however I find that microATX boards are somewhat limited in the amount of PCIe/PCI cards that can be put in. This will accompany the current AMD E-350 build with CARP in case of failure. I'm also thinking of buying a separate UPS in case of failure (I already had many failures with UPS on my desktop, using the APC BR1500GI so I think I'd better stick with their not-so-advanced models).

    Here's what I though to buy - the case is surely overkill, but silent and may come to be handy in the future:

    • ASUS P8H61 Pro @ 80$
    • Intel lga1155 G530 @ 50$
    • Patriot Memory DDR3 1333MHz 8GB (PSD38G1333KH) @ 50$
    • ANTEC EarthWatts EA-380D Green @ 45$ (I was suggested this for another build, however I'm open to other suggestions)
    • Probably using one old 3.5'' HDD (1TB WD Green ?) - or one 2.5'' HDDs I'm currently using for my current build. Not necessary to do gmirror IMHO if using CARP  :D
    • Case: Fractal Design Define R3 @ 110$ (Overkill, heavy, expensive for its scope: care to suggest a cheaper one ? I'd take this "only" because it may be useful in the future for my desktops ...)
    • UPS: APC BK650EI @ 140$
      Currently total would be around 475$. Would like to reduce it quite a bit for a router  ;D

    I could also use a "Intel DH67CL B3 @ 100$" which has an integrated INTEL NIC, however I doubt the 3 PCI slots will be very useful (I don't think I could have all three PCI fitted with NICs and at 100% network load these won't bottleneck and not simply 3x1gbps, isn't it?) - though the savings wouldn't be many, except that like this I have 4 DIMMs (H67 has some advantages over H61, like doubles RAM amount - I wasn't actually thinking of doing a 16GB or 32GB pfsense rig, was I  ;D ?).
    I chose the ASUS because I'd get 3 year warranty (as with INTEL). With Gigabyte and Asrock boards I'd only get 2.
    The case need to be silent and no fancy LEDs on the fans, please (I should still be able to sleep in that room at night) ;D Currently I have 4 cases from Fractal Design and been very happy with them. Alternative solutions may be the FRACTAL DESIGN Core 3000 (not as quiet, 65$) or the COOLERMASTER Silencio 550 (85$, I read good reviews about it). I'm open to other suggestions too.

    You would ask: "Why a lga1155 solution and not Atom / AMD Brazos solution ?". Well, for almost the same price, I could get the G530 which is far more powerful. I know there are Atom or AMD E-350/450 boards that can cost less, but they're all microATX. I accept suggestions to make a better build ;) I would've taken one like this at the time too instead of the AMD E-350 build (see my signature or above). Also I know pfsense doesn't need top-notch hardware since a 5 year old (or more) rig can run it, but if I can get more performance per dollar for the same power consumption and almost same price, I'd like to get it.

    Usage: filtering, NAT, VPN, … including VLANs (using some HP Procurve 1810g-8/24).

    Thank you very much in advance.


  • Netgate Administrator

    @luckylinux:

    I would like to ask - if possible - if any of you find hardware redundancy so important to do a second build just for that.

    Nope!  ;)
    Not for home use anyway.

    Two things:
    1. I would have thought there were other much more likely points of failure in a home network connection. Where I am it's much more likely that somebody digging up the road puts a spade through my DSL line (or at least my DSL goes down). It might be better to invest in some other backup connection type, perhaps a 3g modem or even a dial-up modem. For a while I had an old cell phone connected via serial cable that dial up to my home server at glorious 9600bps. Not good for much but I could reboot things remotely and it cost almost nothing to maintain.

    2. If you have stuff on your home network that is so important perhaps it would be better to mirror it to some other more available location.

    Steve



  • Thank you for your quick answer stephenw10.
    Unfortunately I'm stuck with a 50/5 Mbit Cable connection. Speed is always good, uptime is good most of the times (sometimes in the night it goes off like 30 minutes every 30 days or so).
    DSL is not really an option since I leave in an apartment which is so old it doesn't even have all cables for standard analog phone (only 2 cables, it seems to me DSL need more). I may try to contact my DSL provider and ask again, but last time I phoned they said I should contact an electrician to set up the line :o

    1. Dial up is not really an option with my current cable provider (if internet is down, likewise the phone line is down as well), may work with the analog line but it would suck to spend 25$/month only for the line. Furthermore I should do the wiring because there is no plug  :o The phone that stood there was like from the '50s or around there.

    2. May be a possibility, but paying a VPS / dedicated server isn't so appealing. Using dropbox or similar isn't great either IMHO. I currently only plan to use an off-site backup plan, but that's only for backup.

    Other suggestions?
    Thanks


  • Netgate Administrator

    If it's something you want to do then don't let me stop you. Setting up a CARP pair will be a nice learning experience. I'd be suprised if it actually gave any greater availability though.
    At this point I would certainly go with an Sandybridge i3 or Celeron system over an Atom. Far more useful looking into the future and as you say similar price and consumption.

    Steve

    P.S. You only need two wires for DSL. In fact you only get two incoming wires for a standard telephone connection, you only have more connections within your home. At an office I worked in we once had all the phones go down whilst the DSL continued to function on only one wire using ground as a return path.  :o Shouldn't have worked but yet it did.



  • @stephenw10:

    If it's something you want to do then don't let me stop you. Setting up a CARP pair will be a nice learning experience. I'd be suprised if it actually gave any greater availability though.
    At this point I would certainly go with an Sandybridge i3 or Celeron system over an Atom. Far more useful looking into the future and as you say similar price and consumption.

    Actuallly I got another ( :D) though: since I wanted to do some virtualization as well I may well virtualize pfsense as well and get

    • Supermicro X9SCA-F @ 240$ or Intel Server Board S1200BTL @ 250$
    • INTEL Xeon E3-1230 @ 225$
    • 4 x 4GB ECC RAM (KVR1333D3E9S/4GEC) @ 4x40$
      Total (CPU+RAM+MB) would be 625$ (PSU, UPS and Case not included).
      This way I may be able to reduce the number of pcs that are in my house. Furthermore idle power consumption should be quite as good.
      Maybe I should wait for Ivy Bridge E3s (if they're planned)? Other suggestions please. I know I could save 100$ on an INTEL Q67 motherboard doing VT-D (or maybe some ASRock / MSI) but they're pretty much all microATX and don't support ECC memory.

    @stephenw10:

    P.S. You only need two wires for DSL. In fact you only get two incoming wires for a standard telephone connection, you only have more connections within your home. At an office I worked in we once had all the phones go down whilst the DSL continued to function on only one wire using ground as a return path.  :o Shouldn't have worked but yet it did.

    I will ask their support again then. Do you think I could run the phone along these two wires too or the phone needs more ? Sorry, I'm not an expert, and normally there are the phone plugs but here … no, just two wires  :D. Furthermore I'm not sure it's worth to call an electrician that I'd have to pay.


  • Netgate Administrator

    @luckylinux:

    Do you think I could run the phone along these two wires too or the phone needs more ? Sorry, I'm not an expert, and normally there are the phone plugs but here … no, just two wires  :D. Furthermore I'm not sure it's worth to call an electrician that I'd have to pay.

    You are more likely to get a phone connection down some old wires than DSL. The speed of DSL is very dependant on the signal quality which in turn is dependent on the length and quality of the wiring between you and the exchange. It can be badly effected even by one bad connection.
    However you definitely only need two wires to get both phone and DSL connections.

    I should point out that I'm in the UK so although this stuff is generally applicable across the pond the socket wiring scheme is different.

    There's plenty of US info out there though, e.g.: http://www.wire-your-phones.com/

    Steve



  • @stephenw10:

    @luckylinux:

    Do you think I could run the phone along these two wires too or the phone needs more ? Sorry, I'm not an expert, and normally there are the phone plugs but here … no, just two wires  :D. Furthermore I'm not sure it's worth to call an electrician that I'd have to pay.

    You are more likely to get a phone connection down some old wires than DSL. The speed of DSL is very dependant on the signal quality which in turn is dependent on the length and quality of the wiring between you and the exchange. It can be badly effected even by one bad connection.
    However you definitely only need two wires to get both phone and DSL connections.

    I should point out that I'm in the UK so although this stuff is generally applicable across the pond the socket wiring scheme is different.

    There's plenty of US info out there though, e.g.: http://www.wire-your-phones.com/

    Steve

    Thank you and sorry for my late reply.
    I think at the moment I do not want to spend extra money for a secondary connection. Maybe in the near future, but I'd like them to confirm me the DSL works good enough.


Log in to reply