"Mini" system for 150/65Mbps connection
-
Hi all,
I've been virtualizing my pfSense box for a while now, and would like to switch to some separate, low power hardware. I've been running a VMware session with a USB 100Mbs dongle for the external connection, but that of course won't do for the new 150/65Mbps service. I'm curious if anyone has found anything like one of these "mini" systems (http://www.newegg.com/Store/SubCategory.aspx?SubCategory=309&name=Mini-Booksize-Barebone-Systems) with dual gigabit NIC that would work well with pfSense and be able to handle the bandwidths mentioned.
Thanks!
Ben -
Ahh, realized I could narrow to dual-nic in the search. Any of these worthy? http://www.newegg.com/Product/ProductList.aspx?Submit=Property&N=100008345&IsNodeId=1&PropertyCodeValue=5798%3A41686&bop=And&Order=PRICE&PageSize=20
Or specifically this one? http://www.newegg.com/Product/Product.aspx?Item=N82E16856107108 Seems like a good one if I can get it to boot off CF.
-
I would choose this one:
http://www.newegg.com/Product/Product.aspx?Item=N82E16856107095
as it uses intel NICs.But any of these will work up to about 300Mbps or a little higher (PCI bus speed dependent).
-
I'd say any modern atom should do those speeds, get the JC200S-B-JNF99FL-525, for the Intel NICs…
-
I would choose this one:
http://www.newegg.com/Product/Product.aspx?Item=N82E16856107095
as it uses intel NICs.But any of these will work up to about 300Mbps or a little higher (PCI bus speed dependent).
Yea, saw that, it's just a MUCH bulkier system to be sitting on the desk :) I'll end up going that route if I can't find something smaller.
As for the one I posted, it uses RTL8111EVL ethernet, which is supported in 2.1. Is 2.1 stable enough for use these days?
Thanks!
Ben -
I have been using 2.1 at home and the office for a while now. I even have it running IPv6 beside my production FWs. If you are not going to be using IPv6, make sure you turn it off.
i think it is quite stable enough for most uses.
I still don't like realtek … they are dodgy at best.
-
So is there a specific reason why people don't like the Realtek cards? I see a lot of people who feel the same way but no specific reasons why and I'm curious as I've had a few motherboards with them and no problems, really..
-
We have probably used them more in more situations. They are flaky. Prone to failure. You have to even tweak driver/system settings to get some to even be stable under load. They do not perform nearly as well Intel or others. In general, they are cheap and you get what you pay for. For a production firewall in a business, use intel. For home or lab or small office with a light load, they might work. At least for a little while.
-
I built a box similar to what your describing, here's my post of the completed box.
The mini-box has a very small footprint - 7.5 X 8.5 X 2.5 inches (192 x 210 x 62mm)
This mboard has onboard dual intel NICs and my setup uses 18 watts, also passive cooling won't be enough, you will need a small fan/heatsinks.
I don't know realtek NICs in a "server" situation first hand but nobody here would recommend a realtek nic for a use like this…according to others (bottom post), "(a lot) less throughput and less stability". A quick search for realtek will probly give you more info.
-
Did you see this post a bit earlier this month?
-
So is there a specific reason why people don't like the Realtek cards?
A lot of it comes from previous very bad experience with Realteks 10/100 NICs from a few years ago. They are flaky under FreeBSD.
@rl(4):- The RealTek 8139 PCI NIC redefines the meaning of 'low end.' This is
- probably the worst PCI ethernet controller ever made
Most of Realtek's newer Gigabit NICs are much better and rarely give trouble.
Steve
-
I built a box similar to what your describing, here's my post of the completed box.
The mini-box has a very small footprint - 7.5 X 8.5 X 2.5 inches (192 x 210 x 62mm)
I will keep this in mind, though I would prefer fan less if at all possible.
Did you see this post a bit earlier this month?
Now this is very intriguing. Would the 1.1ghz model be enough? Which did you use? Do you think this would work out running pfsense from USB instead of investing in an SSD?
@rl(4):
- The RealTek 8139 PCI NIC redefines the meaning of 'low end.' This is
- probably the worst PCI ethernet controller ever made
Most of Realtek's newer Gigabit NICs are much better and rarely give trouble.
Steve
This is something I was wondering about. Part of me is tempted to pick up the realtek just to use it for 6 months and see how it goes with 2.1 so I can report back to the community.
Ben
-
Now this is very intriguing. Would the 1.1ghz model be enough? Which did you use? Do you think this would work out running pfsense from USB instead of investing in an SSD?
In terms of size, power consumption and performance reported by AudiAddict, this little box must be hard to beat.
The specs say "Bootable from HDD, USB thumb drive, USB CDROM, USB hard disk, over network". Maybe AudiAddict could confirm booting pfSense from the USB. I don't have one - yet ;) It's about what you want to use it for. -
The Realtek issue is more about the FreeBSD driver than the hardware itself, I think, considering I've had no issues with them in Windows. Same reason we recommend certain wireless chipsets over others - drivers.
-
Now this is very intriguing. Would the 1.1ghz model be enough? Which did you use? Do you think this would work out running pfsense from USB instead of investing in an SSD?
In terms of size, power consumption and performance reported by AudiAddict, this little box must be hard to beat.
The specs say "Bootable from HDD, USB thumb drive, USB CDROM, USB hard disk, over network". Maybe AudiAddict could confirm booting pfSense from the USB. I don't have one - yet ;) It's about what you want to use it for.I have successfully booted and run pfsense from a USB stick. It is a bit slower IMO. Most likely won't last as long as an SSD or HDD, but it will work in a pinch. (HDD was DOA, but had to move forward with the deployment, replaced the USB with the replacement HDD when it came in. Love the backup and restore in pfsense.) There is a boot option you must set. It is the same as pressing 3 when you boot pfsense normally before it works reliably.
Efonne - That is a good point. Since we are all using BSD with our pfsense deployments, it does affect us. But I would like to say that even in Windows, I have had more of them fail and under perform than intel. Even newer ones. They are cheap and you get what you pay for.
Mmmmm … fuel for the fire.
-
I have successfully booted and run pfsense from a USB stick. It is a bit slower IMO. Most likely won't last as long as an SSD or HDD, but it will work in a pinch. (HDD was DOA, but had to move forward with the deployment, replaced the USB with the replacement HDD when it came in. Love the backup and restore in pfsense.) There is a boot option you must set. It is the same as pressing 3 when you boot pfsense normally before it works reliably.
Thanks. The reason I'm debating USB is of course price as this is just for a home set up. I would assume the USB version loads most everything to do with routing into RAM, and I don't use any of the more advanced features at this time, just routing. I'll probably give it a shot and then upgrade in the future if I need to.
Ben
-
Now this is very intriguing. Would the 1.1ghz model be enough? Which did you use? Do you think this would work out running pfsense from USB instead of investing in an SSD?
In terms of size, power consumption and performance reported by AudiAddict, this little box must be hard to beat.
The specs say "Bootable from HDD, USB thumb drive, USB CDROM, USB hard disk, over network". Maybe AudiAddict could confirm booting pfSense from the USB. I don't have one - yet ;) It's about what you want to use it for.I did just realize something. AudiAddict is saying this works great for him, but it's not Intel network cards as everyone described, its Realtek RTL8111..
-
That is true, in the end, it is your system and we don't have to live with it. If you are comfortable with realtec, then go for it. We are only giving you suggestions based on our experience.
If you are going to run on USB, just make sure that you use a quality one and have backups (as you should anyway). If you can, avoid onboard realtec nic (you cannot replace those without replacing the MB).
-
AudiAddict is saying this works great for him, but it's not Intel network cards as everyone described, its Realtek RTL8111..
You also have to consider that those little boxes aren't that cheap but they do seem to perform, chew very little power and make no noise. I think those things were among your criteria but the Fit-PC was only a suggestion. You have to decide what's best for you.
What podilarius says is very true - everything in one of those Fit-PCs is on one little board and if anything breaks you have to replace the whole thing. You can usually recycle a lot of stuff after a failed motherboard, assuming the whole system wasn't welded together by some massive power surge :D
-
I did just realize something. AudiAddict is saying this works great for him, but it's not Intel network cards as everyone described, its Realtek RTL8111..
It works but the reliability of the hardware tends to be a hit an miss affair.
I had a D945GCLF2 running with the onboard 8111C for more than a year continuously on 1.2RC2 till 1.2.3. It worked fairly well (granted I was shaping for a mere 40 gaming PCs on a 4M/768K DSL line) until I had to take down the machine for a scheduled power grid maintenance.
The nic pretty much died right after. Connection flapping and all. Switched in a spare Intel MT dual-port and it ran till the day I wound up the business (about 2 years). Even then, I re-used the card in another pfSense rig for another year and a half. Very good deal for the price I paid (US$27 brand new in box with international shipping).
