I3 Build for Low Power Consumption
-
Hi all.
Firstly, I'm new to the boards, but have been lurking for quite some time. I was hoping some of you may be able to help me with some questions I have around a low power build I am intending on putting together.
A little about the background - I have been running a Linksys WRT54G with DD-WRT for a long time now… I have an ADSL modem in bridged mode and use the WRT54G with PPPoE for the WAN connection. While this has served me well for a number of years, there are a couple of points that are making me lean towards a dedicated router.
I am using a pretty rubbish ADSL connection (a side effect of living in the sticks) which sits at about 5mbps. We are getting Fibre pretty soon, at speeds of up to 100mbps. I'm thinking the WRT54G may struggle with this. I've also just subscribed to an OpenVPN compatible VPN service. The WRT54G can't connect me faster than 260KB/sec - mostly due to the limited CPU.
Firstly, with these requirements, is an ALIX board out of the question? If so - I am quite prepared to go the custom build route and have been looking at:
i3 3240T (With New AES instructions - not sure if this helps the VPN as it uses AES256 ciphers?)
Intel DQ77KB - dual Intel NICs
1u chassis to go in my rack
4GB low voltage RAM
32GB mSATA SSDI'd love to hear all suggestions. I guess I would like to keep the budget to around £350 but would happily consider alternatives.
Thanks!
Tom.
PS - I've used pfSense in VMware ESX for years (work and pleasure) and it has never disappointed.
Edit: Ah, I've just spotted the Intel D2500CC board. This looks like it could also be a viable contender...
-
Hi, welcome! :)
An Alix based system will manage ~85Mbps of firewall/NAT only. It can deliver ~35Mbps VPN if you have the accelrator card (20Mbps without). See:
http://store.netgate.com/Netgate-m1n1wall-2D3-2D13-Black-P216C83.aspxThat i3 system will be sufficient for anything you might throw at it. You could run every package available and still have lots of cpu cycles to spare. It will do >1Gbps of firewall/NAT.
The D2500CC is in between those. ~600Mbps firewall/NAT and ~75Mbps VPN. Some guess work there. It has two built in NICs which is nice and is very low power being an Atom.
The Intel DQ77KB also has two NICs and it has DC input which will give a very efficient system. Since it will be idling most of the time you'll probably find it uses almost as little power as the Atom but is far more capable when required. If you can get it for a reasonable cost I'd go for that.
I haven't personally run either of those boards! ;)
I'm running re-purposed Watchguard boxes which can be picked up very cheaply.Steve
-
Thanks for the info Steve. Looking at your rough figures, I think I'm going to go the Atom route for now as it will be about half the upfront cost.
I'm going to be aiming for as low power consumption as possible as I already have some boxes on the go 24/7. I'm looking forward to the project, I try to do something like this every now and then, like a hobby I guess. I'll be posting some photos and details on my blog over the next couple of weeks as I get on with my build.
A couple of slightly off topic questions though. My experience with pfSense has been strictly VMware based. As such, I have never tried any wireless features. Can I throw in a mPCI wireless card and expect pfSense to take over my Access Point duties? That would mean one less box on 24/7 for me. ;)
Also - couldn't find a decent 1u case so decided to go for the venerable M350. Plenty of people here seem to be using it and I have read some good things about it.
Cheers.
Tom.
Edit: Not to worry - found the Wireless thread… Seems the best way is to go standalone AP. :D
-
It works well with older Atheros cards. I've also used some USB sticks supported by the run(4) driver.
Unfortunately most older Atheros cards are miniPCI and I think all those boards are miniPCIe.
Try it and see. USB wifi NICs cost peanuts these days.Steve
-
Thanks again Steve.
I pulled the trigger on the hardware. Went with the D2500CC with a CF to SATA adapter and relevant bits. Went with the M350 case too. As I mentioned, I will be posting my progress on my blog and will update back here in case anyone else wants to see how it goes. Now I just have to wait for the deliveries during the Christmas break. :-[
Regards,
Tom.
-
Just saw this thread. My recommendation would had been an i3 no matter what.. Steve knows that :-) Atom processor just doesn't cut it for me. Plus you have a good hardware that you can switch to a full blown PC if required at a later time. $$ difference between Atom and i3 is not that much. For a very low end straight simple firewall system Atom is fine but it's has long lost the speed battle with i3 as you need the power once you start putting in resource intensive packages like Snort. And I highly recommend you add Snort to the firewall. Squid and others are just matter of personal preference and needs but Snort is something the firewall really needs to shield you from attackers.