Potential Build Advice



  • I've built a couple of pfSense routers in the past.  All have been with old decrepit hardware and now I want to build a nice one.

    This is what I have so far:

    How does this combination look for a pfSense build?  Any recommendations or other hardware considerations?  I'm still in the planning stages and welcome any and all comments about this process so I get it right the first time.

    BTW, are there any links to good prices on Intel nics?  Is there a specific model I should be opting for in either a dual or single?  I’d prefer a dual but a single will work.  Is it wise to purchase used Intel nics off ebay?

    TIA for your help and input!



  • Ok, so I've already changed my mind, I think.  I would still go with that case M350 but I would substitute the board with this one:

    It's hard to beat the dual Intel nic built into the mobo.  Combine this with the M350 case/pico psu, 2GB ram, HDD and I think I have a really pretty decent router.  All for about $165 shipped.  That's sans ram and hdd.



  • How did the install go? I might purchase this board but some have said they ran into problems with the video drivers.



  • I haven't pulled the trigger yet.  I too have read those other users troubles with the drivers and have been reluctant.  I'll probably still pull the trigger on this in the near future.  I'm not in a big hurry, at the same time, I want to get it right and not have problems to contend with.  It seems like the perfect mobo.


  • Netgate Administrator

    Which drivers are you worried about?
    There were some reports of newer Intel NICs being unsupported but I seem to remember that they worked fine if you used 64bit. Alternatively the 2.1 snapshots are becoming more and more stable and will almost certainly support anything on that board.

    Steve



  • @stephenw10:

    Which drivers are you worried about?

    If I recall correctly problems on that board were reported with the video driver in 64 bit mode.



  • This setup seems to work well and was easy!

    I got:
    D2500CCE
    M350-enclosure-with-picoPSU-80-and-60W-adapter
    2X4GB - picked it up at Fry's B&M

    Re-purposed a 1TB Sata fullsize I had sitting around.

    I installed W7 in order to prove the hardware (I ran HCI memtest and LinX - (linpack) each for ~12 hours) while W7 was installed, I updated the BIOS and disabled unnecessary BIOS devices. I'm sure there are Linux version of stress testing packages but I am more familiar with W7 stress testing, so for me it was quicker/easier to set up. I also pulled the CPU heatsink and replaced the thermal paste with Arctic Silver 5, during the tests (case top off) the passively cooled CPU cores never got above 52C! (79F ambient room). (Currently with case top off, it just sits at ~50C! ambient 77F - With case on it runs ~58C).

    After it passed all the hardware stress tests I initially tried 64bit pfSense but I didn't get past the video issues - it looked like video wouldn't scroll during install - one line overlayed the next while not completely erasing the previous line, not sure if the install could have gotten past that or not. I wasn't that patient so I aborted and installed 32bit pfSense-memstick-2.0.1 (i386 from a USB flashdrive). There were a few video issues at install, ie: white squares where characters should have been, and blank lines on some of the graphics, hit the F10 to refresh and got thru it easily enough.

    This is for my home network so my configuration is not very complex at all - I came from a DD-WRT, so there was a bit of a learning curve to get pfSense configured. I played with it a short time on a private network and got familiar with the basics. I replaced the DD-WRT router with pfSense and it's been up working for all of 1 day!

    I plan to upgrade the the HDD to an SSD soon and swap to 64bit when FreeBSD supports the video better.

    EDIT - Changed the temp info, originally the case top was off, when I put it on the CPU temps rose to ~58C (ambient was 79F), which is still I believe, well within Intel spec's.
    EDIT #2 - Kill A Watt says 23 watts.



  • Thanks for all the info RocKKer!  BTW, did you ever hook up your new rig to a Killawatt?  I'm wondering what the draw would be.



  • Sure, I will Kill A Watt it later tonight!


  • Netgate Administrator

    23W, nice.  :)
    Is that with the 1TB sata disk?

    Steve



  • @stephenw10:

    23W, nice.  :)
    Is that with the 1TB sata disk?

    Steve

    Thanks for the update.  I was wondering this too.  I am thinking that an SSD would be a great addition to my original rig.  That would cut the wattage draw too.



  • Yes SATA (SATA 300), it's a WD "green". (wd10eads).



  • Update: I've got SSD installed. OCZ Agiltiy 3 60GB - power usage is down to 18!


  • Netgate Administrator

    A useful reduction and good solid information. Thanks for the update.  :)

    Steve



  • I noticed a couple minor quirks about this Mboard:

    • After a power failure it will not power back on unless you push the power button. I changed the bios to "on" after power resumes but no change. The enclosure has a jumper that enables autostart, so the button is always "on", but still no change.
    • The little speaker on the Mboard is a bit loud so I put some tape over it, quieted it down rather nicely.

    EDIT - Checked Intel, there is a bios update (5/11) which fixes the power issue I was having.



  • What do you mean down to 18 ? 18% 18w…for example my pfsense based on pc is consuming 16% from 600va wich is 96va or 96w
    Those information are from nut package with mustek ups.
    I also have a power contor on it, on a month is consuming aprox 60-70 kv like 15-20 euro/month.
    I forgott also an switch and an wifi ap are taken into account with pc pfsense.


  • Netgate Administrator

    He means 18W down from 23W by swapping in a SSD.

    96W seems like a lot! What are you running for that?
    Also so I assume you mean 60-70kWh.  ;)

    Steve



  • Yeah down to 18W, sorry for not being clear.  :)



  • Sorry for a late reply,
    Yes is a little bit to much…it's only one pc with pfsense installed, an intel cpu celeron with 256 mb of ram, it was described in another posts by me...and this power consumed is with an ap on lan and a switch :D all together...
    Yours with 18w power cosumation is very good.
    How you are measureing power comsumation ?



  • bmironb: I used a Kill-A-Watt.

    …..On another note I suspect this little mini-box needs a fan.

    I came home from work and found I had no internet access, after rebooting pfSense and checking a few other things I eventually substituted my old router and internet access was restored. I was able to access the pfSense webgui before I replaced it with the old router and the CPU was a little higher than normal at 62C (normally hovers between 60-61C, ambient doesn't get over 79F/26C).

    I suspected the pfSense box got a little hot, I reconnected the pfSense box and took off the cover and put an 80mm blowing directly on the little mboard and it working again, the CPU now hovers ~38C. I checked the NM10 chip (used the finger test) and it's hot even with cover off and a fan blowing on it. The finger test is touch the metal case to ground yourself then touch a chip, if it's uncomfortable to rest my finger on a chip for more a few seconds the chip is to hot. It's not completely safe (static wise) or scientific but it's quick and free!

    I'll have to dream up a way to cool this. I'm thinking of small stick on heatsinks (like for video memory or chipset) for NM10 chip and maybe for the Winbond (it runs warm too), those are the only chips of any size on this mboard. I am also thinking of cutting a hole above the CPU for a thin 80mm fan and run it at 7 volts for quietness.



  • Good point about the heat.  I was already thinking to do the same just for good measure.  The noise won't bother anything in my basement!  Thanks for the update.  Let us know if you do get around to the heat sink installation.  I'd be curious to see some pics of how you pull that off!



  • Mine will sit around 6-7 feet away from me so it has to be quiet!

    Pics and mods will have to wait, I am having a problem with a seemingly simple task of forwarding ports to my videophone, I know how to forward, all my other forwards are working. This videophone is notorious for being finicky though…...actually I don't know what the problem is, I just can't get video to come in from the WAN, maybe some packets are getting mangled or dropped, I don't know....I'm a hardware guy, I struggle with network packets ACK's and SYN's!

    ....so back to the old stand-by DD-WRT for now at least.

    I may try shorewall running on a linux distro that I'm more familiar with like Ubuntu, just as a test to see if it will work. pfSense does about 10 or 100 times more things than I need for a home installation....it's about as dirt simple to install as you can get with a nicely featured and easy gui and a single config file for backup, If I can't get it to work for me, I would miss it!



  • OK my forwarding problem is solved, had to change pfSense to use Static_Port.  ;D

    Now back to the fun stuff!…...figuring out how to mod this to keep it cool!

    Probably be a few days before I can start on that, life is happening!



  • I found heatsinks and a thin 80mm fan.
    I used these stick-on heatsinks and this 80mm X 15mm fan

    The heatsinks come with little squares of 3M 8815 Thermal Tape but it is not installed, so I placed the little heatsinks first and found I could fit 4 on each chip. To install I used a Q-tip soaked with rubbing alcohol to clean both the heatsink and the chip, then applied the little square of thermal tape to each heatsink and placed heatsink on the chip. After I had the heatsinks installed and powered on for about 30 minutes (case off, no fan) the heatsinks were to hot to touch! Obviously the thermal tape works and those chips get really hot.

    I have some photos!

    The first is a stock picture of the Intel MB, I circled and labeled the two chips and the little speaker, remember I placed some cellophane tape over it because it was a little to loud.

    The next is a pic with the SSD and fan moved so you can see where I put the heatsinks.

    The last pic is my running configuration (for now) the Silenx fan is sitting on the cpu heatsink and disk mount bracket. My plan is to cut a hole in the case using a 3" (80mm size) hole saw and get this grill (grill is on order - when I get it installed I'll post a final pic.

    The CPU now runs 36C - ambient 79F(26C) with the Silenx fan and the little box is still silent - that fan seems to blow just the right amount of air.








  • can you please post some photos with the case…and in the end how much will cost with all....



  • I will post a final pic of my case once I get the fan grill installed, but you can see the case I'm using here.

    I'll get the total cost together too.



  • My Silverstone fan grill got delivered today! To install the fan and grill I cut a 3"/76mm hole in the top of the case (over the CPU Heatsink) with a hole saw, drilled holes for the fan mounts and installed the fan. I used the silicone rubber mounts that came with the fan to mount grill and fan to the case and not metal screws. I think the screws would look better because you can't see them as plainly as you can the rubber mounts, but the rubber promises to be quieter(??) and I want it as quiet as I can get it.

    As promised here is the build/cost list (not including shipping and taxes) - costs are in US Dollars.

    Intel D2500CCE Mboard - $96
    M350 enclosure with Power Supply - $69
    Patriot 2X4GB Memory - $25
    OCZ  60GB Agility 3 SSD - $65
    Enzotech stick on heatsink - $20
    Case fan Silenx 15mmX80mm - $11
    Silverstone 80mm Grill - $7

    96 + 69 + 25 + 65 + 20 + 11 + 7 = $293

    With my new fan/grill and all closed up the CPU temps now hover ~40C (79F/26C ambient). Compare with:
    case closed and fanless ~61C
    case open with 80mmX15mm fan sitting/blowing on CPU heatsink ~36C

    Here's what it looks like now.






  • Lookin' good man!  That baby should run well for a good while.  Thanks for the posts and pics updates.  Now I just need to get around to building mine.



  • I’ve been following this thread closely and I wanted to thank you all for the information. You helped me get PFsense up and running in no time. I did have the initial video graphics bug with the D2500CCE but I’ve installed PFsense enough times that I knew what to key in. After that, the web interface was used for everything else.

    My build:

    Intel  D2500CCE
    4GB  (2x2 GB) Crucial RAM
    40G SATA laptop HD 
    2  - 40mmx40mmx20mm Scythe fans

    I had a spare mini-itx case with PSU that I re-used.  I installed a pair of Scythe 40mm fans in a push-pull setup to help with any heat issues.  Overall cost was just under $170 because I had some spare parts lying around.  It runs 24/7 at 20 watts using a Kill-a-Watt. It’s also very quiet.



  • Glad it's working out for you…working great for me as well!

    Credit to wrems as the OP, I only built upon his idea.



  • Hi,
    has anyone already measured the throughput of a D2500CCE and would like to share the results? Especially NAT vs Routing performance would be nice to know. 2.1 beta performance would also be great.
    Many thanks in advance!



  • Hi,
    has anyone already measured the throughput of a D2500CCE and would like to share the results? Especially NAT vs Routing performance would be nice to know. 2.1 beta performance would also be great.
    Many thanks in advance!

    I am also very interested in the throughput you can achieve with this Atom rig especially the routing performance between to physical or vlan interfaces.



  • I ordered and setup a system based on the build in this thread.  I'm using the i386 version with 4GB of RAM(I had it sitting around the house).  I had it setup with one machine behind the pfsense server and the rest of my home LAN as the WAN temporarily.  I was able to get 260-290mbit/sec through the pfsense server using iperf from my "LAN" to "WAN".  Total system watts in 17w.



  • This is my first pfsense system and I plan on building a similar system as discussed in this thread, which I began posting here prior to finding this thread. I'm thinking of installing 32-bit first and recording the steps so I can do 64-bit blind.

    Anyway, I am posting to ask if there is any benefit going with a SATA III drive over SATA II.



  • @pfserik:

    This is my first pfsense system and I plan on building a similar system as discussed in this thread, which I began posting here prior to finding this thread. I'm thinking of installing 32-bit first and recording the steps so I can do 64-bit blind.

    Anyway, I am posting to ask if there is any benefit going with a SATA III drive over SATA II.

    From what I understand, the 32 bit build is much more mature than the 64 bit build.  The only benefit with the 64 bit build is the support of more than 4GB of RAM (depending on your hardware, somewhere between 3.5GB to 4GB visible to the OS.)  And when I say support of more than 4GB of RAM, I mean configurations that'll actually use that, which means huge amounts of users and/or features.  Which a home user isn't as likely to use that much of.  Since you're looking at an Atom anyway, I don't imagine that you're looking to have that many users.

    As for SATA, there's relatively zero benefit to a faster bus speed as far as pfSense is concerned, outside of, maybe, boot time.  Most of what pfSense does stays in RAM anyway unless you're saturating your RAM and swapping a lot out to disk.



  • Thank you to the OP and all others posting here, very much  ;D

    I will use this thread as my guide to build an appliance myself. I have only one question, since I am a complete noob: how will this work with wireless? I mean, there is two NIC-connectors, one will be used to connect to the modem, the other one to connect to the switch. So any wireless 'thing' (I don't know how you call it  ???) is plugged in the switch? And then it 'just works'? What kind of wireless 'thing' would I be needing? Would anybody happen to have a recommendation to a concrete product?

    Again, thank you very much  :-*



  • @Hollander:

    Thank you to the OP and all others posting here, very much  ;D

    I will use this thread as my guide to build an appliance myself. I have only one question, since I am a complete noob: how will this work with wireless? I mean, there is two NIC-connectors, one will be used to connect to the modem, the other one to connect to the switch. So any wireless 'thing' (I don't know how you call it  ???) is plugged in the switch? And then it 'just works'? What kind of wireless 'thing' would I be needing? Would anybody happen to have a recommendation to a concrete product?

    Again, thank you very much  :-*

    You can add a wireless adapter and antenna(s) right on your pfSense box, but I prefer keeping them separate. I currently have the wireless router that pfSense replaced set up as an AP-only (no longer a router, no longer handing out IP addresses) and connected to my switch as you mentioned. I will eventually purchases one or two Unifi access points instead of my wireless router/AP, which will also just plug into my switch, not directly into the pfSense box.



  • Hollander,
    My preference is to separate these devices as pfserik suggests. You might check if your current wireless router supports AP only mode (also called Wireless Access Point or WAP), look in the manufacturer docs. If for some reason you can't configure it this way, you may be able to flash the router firmware with dd-wrt (my favorite), then configure as AP only. I have had nothing but good experiences after flashing to dd-wrt, it has always been much better than the manufacturers firmware. Flashing firmware on any device is inherently dangerous you could "brick" your device, be sure you understand all the steps of flashing before you flash!

    Soon I will be replacing my current AP with an ASUS RT-N66U, it is highly rated on smallnetbuilder.com and it's approaching my price point. I understand the Asus firmware is very good, and does support AP only, so I will likely use it as is, (at least for a little bit!).



  • Did you end up using a pci or mini pcie riser card to add an additional Ethernet card?
    I'm looking at the same build as you with the same intel motherboard and m350 case.

    What about a new case back plate,  or did you cut it out yourself?

    I need 3 Ethernet ports.



  • @JoeMcJoe:

    Did you end up using a pci or mini pcie riser card to add an additional Ethernet card?
    I'm looking at the same build as you with the same intel motherboard and m350 case.

    What about a new case back plate,  or did you cut it out yourself?

    I need 3 Ethernet ports.

    I didn't need 3 ports, just 2 for my setup. I don't see an option on the mini-box site with this combo to use the PCI riser option. There may be other options using different mboard/enclosures combination on the mini-box site.

    Sure you need 3 ports? Maybe if you post your requirements and other details, others might be able to help.

    Sorry I can't be of more help.


Locked