Potential Build Advice



  • bmironb: I used a Kill-A-Watt.

    …..On another note I suspect this little mini-box needs a fan.

    I came home from work and found I had no internet access, after rebooting pfSense and checking a few other things I eventually substituted my old router and internet access was restored. I was able to access the pfSense webgui before I replaced it with the old router and the CPU was a little higher than normal at 62C (normally hovers between 60-61C, ambient doesn't get over 79F/26C).

    I suspected the pfSense box got a little hot, I reconnected the pfSense box and took off the cover and put an 80mm blowing directly on the little mboard and it working again, the CPU now hovers ~38C. I checked the NM10 chip (used the finger test) and it's hot even with cover off and a fan blowing on it. The finger test is touch the metal case to ground yourself then touch a chip, if it's uncomfortable to rest my finger on a chip for more a few seconds the chip is to hot. It's not completely safe (static wise) or scientific but it's quick and free!

    I'll have to dream up a way to cool this. I'm thinking of small stick on heatsinks (like for video memory or chipset) for NM10 chip and maybe for the Winbond (it runs warm too), those are the only chips of any size on this mboard. I am also thinking of cutting a hole above the CPU for a thin 80mm fan and run it at 7 volts for quietness.



  • Good point about the heat.  I was already thinking to do the same just for good measure.  The noise won't bother anything in my basement!  Thanks for the update.  Let us know if you do get around to the heat sink installation.  I'd be curious to see some pics of how you pull that off!



  • Mine will sit around 6-7 feet away from me so it has to be quiet!

    Pics and mods will have to wait, I am having a problem with a seemingly simple task of forwarding ports to my videophone, I know how to forward, all my other forwards are working. This videophone is notorious for being finicky though…...actually I don't know what the problem is, I just can't get video to come in from the WAN, maybe some packets are getting mangled or dropped, I don't know....I'm a hardware guy, I struggle with network packets ACK's and SYN's!

    ....so back to the old stand-by DD-WRT for now at least.

    I may try shorewall running on a linux distro that I'm more familiar with like Ubuntu, just as a test to see if it will work. pfSense does about 10 or 100 times more things than I need for a home installation....it's about as dirt simple to install as you can get with a nicely featured and easy gui and a single config file for backup, If I can't get it to work for me, I would miss it!



  • OK my forwarding problem is solved, had to change pfSense to use Static_Port.  ;D

    Now back to the fun stuff!…...figuring out how to mod this to keep it cool!

    Probably be a few days before I can start on that, life is happening!



  • I found heatsinks and a thin 80mm fan.
    I used these stick-on heatsinks and this 80mm X 15mm fan

    The heatsinks come with little squares of 3M 8815 Thermal Tape but it is not installed, so I placed the little heatsinks first and found I could fit 4 on each chip. To install I used a Q-tip soaked with rubbing alcohol to clean both the heatsink and the chip, then applied the little square of thermal tape to each heatsink and placed heatsink on the chip. After I had the heatsinks installed and powered on for about 30 minutes (case off, no fan) the heatsinks were to hot to touch! Obviously the thermal tape works and those chips get really hot.

    I have some photos!

    The first is a stock picture of the Intel MB, I circled and labeled the two chips and the little speaker, remember I placed some cellophane tape over it because it was a little to loud.

    The next is a pic with the SSD and fan moved so you can see where I put the heatsinks.

    The last pic is my running configuration (for now) the Silenx fan is sitting on the cpu heatsink and disk mount bracket. My plan is to cut a hole in the case using a 3" (80mm size) hole saw and get this grill (grill is on order - when I get it installed I'll post a final pic.

    The CPU now runs 36C - ambient 79F(26C) with the Silenx fan and the little box is still silent - that fan seems to blow just the right amount of air.








  • can you please post some photos with the case…and in the end how much will cost with all....



  • I will post a final pic of my case once I get the fan grill installed, but you can see the case I'm using here.

    I'll get the total cost together too.



  • My Silverstone fan grill got delivered today! To install the fan and grill I cut a 3"/76mm hole in the top of the case (over the CPU Heatsink) with a hole saw, drilled holes for the fan mounts and installed the fan. I used the silicone rubber mounts that came with the fan to mount grill and fan to the case and not metal screws. I think the screws would look better because you can't see them as plainly as you can the rubber mounts, but the rubber promises to be quieter(??) and I want it as quiet as I can get it.

    As promised here is the build/cost list (not including shipping and taxes) - costs are in US Dollars.

    Intel D2500CCE Mboard - $96
    M350 enclosure with Power Supply - $69
    Patriot 2X4GB Memory - $25
    OCZ  60GB Agility 3 SSD - $65
    Enzotech stick on heatsink - $20
    Case fan Silenx 15mmX80mm - $11
    Silverstone 80mm Grill - $7

    96 + 69 + 25 + 65 + 20 + 11 + 7 = $293

    With my new fan/grill and all closed up the CPU temps now hover ~40C (79F/26C ambient). Compare with:
    case closed and fanless ~61C
    case open with 80mmX15mm fan sitting/blowing on CPU heatsink ~36C

    Here's what it looks like now.






  • Lookin' good man!  That baby should run well for a good while.  Thanks for the posts and pics updates.  Now I just need to get around to building mine.



  • I’ve been following this thread closely and I wanted to thank you all for the information. You helped me get PFsense up and running in no time. I did have the initial video graphics bug with the D2500CCE but I’ve installed PFsense enough times that I knew what to key in. After that, the web interface was used for everything else.

    My build:

    Intel  D2500CCE
    4GB  (2x2 GB) Crucial RAM
    40G SATA laptop HD 
    2  - 40mmx40mmx20mm Scythe fans

    I had a spare mini-itx case with PSU that I re-used.  I installed a pair of Scythe 40mm fans in a push-pull setup to help with any heat issues.  Overall cost was just under $170 because I had some spare parts lying around.  It runs 24/7 at 20 watts using a Kill-a-Watt. It’s also very quiet.



  • Glad it's working out for you…working great for me as well!

    Credit to wrems as the OP, I only built upon his idea.



  • Hi,
    has anyone already measured the throughput of a D2500CCE and would like to share the results? Especially NAT vs Routing performance would be nice to know. 2.1 beta performance would also be great.
    Many thanks in advance!



  • Hi,
    has anyone already measured the throughput of a D2500CCE and would like to share the results? Especially NAT vs Routing performance would be nice to know. 2.1 beta performance would also be great.
    Many thanks in advance!

    I am also very interested in the throughput you can achieve with this Atom rig especially the routing performance between to physical or vlan interfaces.



  • I ordered and setup a system based on the build in this thread.  I'm using the i386 version with 4GB of RAM(I had it sitting around the house).  I had it setup with one machine behind the pfsense server and the rest of my home LAN as the WAN temporarily.  I was able to get 260-290mbit/sec through the pfsense server using iperf from my "LAN" to "WAN".  Total system watts in 17w.



  • This is my first pfsense system and I plan on building a similar system as discussed in this thread, which I began posting here prior to finding this thread. I'm thinking of installing 32-bit first and recording the steps so I can do 64-bit blind.

    Anyway, I am posting to ask if there is any benefit going with a SATA III drive over SATA II.



  • @pfserik:

    This is my first pfsense system and I plan on building a similar system as discussed in this thread, which I began posting here prior to finding this thread. I'm thinking of installing 32-bit first and recording the steps so I can do 64-bit blind.

    Anyway, I am posting to ask if there is any benefit going with a SATA III drive over SATA II.

    From what I understand, the 32 bit build is much more mature than the 64 bit build.  The only benefit with the 64 bit build is the support of more than 4GB of RAM (depending on your hardware, somewhere between 3.5GB to 4GB visible to the OS.)  And when I say support of more than 4GB of RAM, I mean configurations that'll actually use that, which means huge amounts of users and/or features.  Which a home user isn't as likely to use that much of.  Since you're looking at an Atom anyway, I don't imagine that you're looking to have that many users.

    As for SATA, there's relatively zero benefit to a faster bus speed as far as pfSense is concerned, outside of, maybe, boot time.  Most of what pfSense does stays in RAM anyway unless you're saturating your RAM and swapping a lot out to disk.



  • Thank you to the OP and all others posting here, very much  ;D

    I will use this thread as my guide to build an appliance myself. I have only one question, since I am a complete noob: how will this work with wireless? I mean, there is two NIC-connectors, one will be used to connect to the modem, the other one to connect to the switch. So any wireless 'thing' (I don't know how you call it  ???) is plugged in the switch? And then it 'just works'? What kind of wireless 'thing' would I be needing? Would anybody happen to have a recommendation to a concrete product?

    Again, thank you very much  :-*



  • @Hollander:

    Thank you to the OP and all others posting here, very much  ;D

    I will use this thread as my guide to build an appliance myself. I have only one question, since I am a complete noob: how will this work with wireless? I mean, there is two NIC-connectors, one will be used to connect to the modem, the other one to connect to the switch. So any wireless 'thing' (I don't know how you call it  ???) is plugged in the switch? And then it 'just works'? What kind of wireless 'thing' would I be needing? Would anybody happen to have a recommendation to a concrete product?

    Again, thank you very much  :-*

    You can add a wireless adapter and antenna(s) right on your pfSense box, but I prefer keeping them separate. I currently have the wireless router that pfSense replaced set up as an AP-only (no longer a router, no longer handing out IP addresses) and connected to my switch as you mentioned. I will eventually purchases one or two Unifi access points instead of my wireless router/AP, which will also just plug into my switch, not directly into the pfSense box.



  • Hollander,
    My preference is to separate these devices as pfserik suggests. You might check if your current wireless router supports AP only mode (also called Wireless Access Point or WAP), look in the manufacturer docs. If for some reason you can't configure it this way, you may be able to flash the router firmware with dd-wrt (my favorite), then configure as AP only. I have had nothing but good experiences after flashing to dd-wrt, it has always been much better than the manufacturers firmware. Flashing firmware on any device is inherently dangerous you could "brick" your device, be sure you understand all the steps of flashing before you flash!

    Soon I will be replacing my current AP with an ASUS RT-N66U, it is highly rated on smallnetbuilder.com and it's approaching my price point. I understand the Asus firmware is very good, and does support AP only, so I will likely use it as is, (at least for a little bit!).



  • Did you end up using a pci or mini pcie riser card to add an additional Ethernet card?
    I'm looking at the same build as you with the same intel motherboard and m350 case.

    What about a new case back plate,  or did you cut it out yourself?

    I need 3 Ethernet ports.



  • @JoeMcJoe:

    Did you end up using a pci or mini pcie riser card to add an additional Ethernet card?
    I'm looking at the same build as you with the same intel motherboard and m350 case.

    What about a new case back plate,  or did you cut it out yourself?

    I need 3 Ethernet ports.

    I didn't need 3 ports, just 2 for my setup. I don't see an option on the mini-box site with this combo to use the PCI riser option. There may be other options using different mboard/enclosures combination on the mini-box site.

    Sure you need 3 ports? Maybe if you post your requirements and other details, others might be able to help.

    Sorry I can't be of more help.



  • @RocKKer:

    @JoeMcJoe:

    Did you end up using a pci or mini pcie riser card to add an additional Ethernet card?
    I'm looking at the same build as you with the same intel motherboard and m350 case.

    What about a new case back plate,  or did you cut it out yourself?

    I need 3 Ethernet ports.

    I didn't need 3 ports, just 2 for my setup. I don't see an option on the mini-box site with this combo to use the PCI riser option. There may be other options using different mboard/enclosures combination on the mini-box site.

    Sure you need 3 ports? Maybe if you post your requirements and other details, others might be able to help.

    Sorry I can't be of more help.

    No problem.

    I was looking for a way to use an Intel motherboard instead of a Jetway.
    I did see the Jetway 2+3 (via daughter) card option on the mini-box and mitxpc sites, I wasn't sure if they worked ok with the current pfsense build.
    http://www.mitxpc.com/proddetail.asp?prod=EKJNC9EM3505L&cat=209 , this does let me select the daughterboard that uses Intel chipsets for a little more.

    I use 3 ports right now on my pfsense unit which is an Intel Core2 Duo CPU E6850 @ 3.00GHz, but I don't need that much for my needs, I want to build or buy a fanless quiet small Intel Atom unit.
    I use 1 port for the LAN and 2 ports connected to 2 DSL modems, bonded with MLPPP.



  • If you can make due with dual NICs then use the Intel D2500CCE that is used in this thread.

    If you absolutely need 3, likely the DN2800MT Intel Mboard, shield and riser, Intel 2 port Ethernet would work, but at ~$100 additional cost compared the dual lan build in this thread.

    There is a DN2800MT build thread.

    ….As far as fanless, I know it's not supposed to need them but I had heat issues, once I added heatsinks and fan I had absolutely no problems.



  • For those needing 3-port pfSense boxes, is it possible to do the same thing you need it to do if you just use a cheap unmanaged Gigabit switch and do 2 ports on the pfSense box? This TRENDnet 8-Port often drops to $18 on Amazon. This seems like a much cheaper solution if it works for you.



  • @pfserik:

    For those needing 3-port pfSense boxes, is it possible to do the same thing you need it to do if you just use a cheap unmanaged Gigabit switch and do 2 ports on the pfSense box? This TRENDnet 8-Port often drops to $18 on Amazon. This seems like a much cheaper solution if it works for you.

    Edit I just re-read an earlier post this may have been in reference to, updates at the bottom.

    Not really, no, but for some people it is really what they want and don't quite realize it.

    The general reason for wanting multiple ports in a pfSense router is to have segmented networks, as in separate networks that may pass certain types of traffic between, but not an open broadcast network between them (such as a firewalled off wireless or otherwise public/guest network, or a DMZ, etc.)  This type of situation needs to either have separate ports or VLANs (and a switch that supports them, which that switch doesn't) separating the traffic between the networks.

    On the other hand, and why I say the second part of my initial sentence, is the other initial thought many have for having multiple ports is to mimic what you might see in a consumer router that has a built in switch, such as 1 WAN port and 4 LAN ports.  In pfSense, though, simply bridging ports to make a pseudo switch out of it is very processor intensive and generally not good on throughput, so using a switch, like you ask, is the way you should do that.  If you're good with fabrication, you might even be able to get all that in a single box that looks spiffy.  I'm not.

    (Although, don't necessarily take that as an endorsement for that switch model, I don't know that model well enough to give it my personal stamp of approval. ;) )

    Update  For the multiple DSL MLPPP idea, that might work, I don't know multi-WAN well enough to say.  My above response may be moot for that situation.



  • Is it possible to use a 2 port pfsense box, and then use VLANs with a managed switch to connect to multiple DSL modems, all using MLPPP on the pfsense?
    I know an unmanaged switch won't work.



  • @JoeMcJoe:

    Is it possible to use a 2 port pfsense box, and then use VLANs with a managed switch to connect to multiple DSL modems, all using MLPPP on the pfsense?
    I know an unmanaged switch won't work.

    Being in the hardware forum I'll give you the hardware portion of the answer: yes.  To pfSense, as far as it pertains to software functions, VLANs are no different than physical ports.

    Now, the other half, getting multiple DSL modems to load balance, that's a question for the Routing and Multi WAN section of the forums: http://forum.pfsense.org/index.php/board,21.0.html  You might get better answers from there since more of the guys that know quite possibly hang out there more than here.


Log in to reply