2.0.3 on an Intel NUC



  • Hi,

    I have installed with success version 2.0.3 on an Intel NUC (base version with CELERON CPU).
    A Chinese first price mSATA 32GO DELL copy inside, with a 2GO RAM module.

    In short :
    Generate the USB stick with Linux + dd, boot from F10 menu and select USB, choose "install PfSence", partitioning, formatting, reboot. No tricks or mod needed.

    Internal ethernet port fully recognized, WAN + DHCP got the setup & WEB interface up at the second.

    My big issue is the USB<->ETH adaptor ordered : received it with a SMSC75xx chipset (Chinesse doesn't maintain a product line more than 15 dayz …), not recognised on FreeBSD or Debian Squeeze :(. So I can't do a full real test of the NUC, but nothing to see with NUC hardware  :-[.

    I'll try to get my hand on an old USB<->ETH adaptor supported, to fully install & restore my PfSense setup and put it in production.

    If you need something, logs etc., just ask. (I'm a n00b in *BSD world, but I can learn :) ).

    Phil



  • That's cool. I figured the NUC would be a good tiny firewall appliance. I don't think I'd rely on USB to Ethernet adapters though. Instead I'd utilize VLANs over the single Ethernet port (of course requiring a supported switch). Failing that, there is a version of the NUC with thunderbolt port(s) on it which can provide a second ethernet port and would be more reliable and faster than USB.



  • I was looking at the price.  Its $281.99

    But seriously, how many US dollars?  That has got to be Chinese Yuan or something…



  • Nope, that's the real price, about $300. Of course that's lacking a SSD (only an mSATA slot for drive) and RAM. The Celeron one is only $165. The one with the Thunderbolt port is $270 and includes an i3-3217U CPU: http://www.newegg.com/Product/Product.aspx?Item=N82E16856102001.



  • I assume you bought it to play with and experiment?  Not necessarily any particular need?



  • I was watching an unboxing video.  He opened the box and it plays a little intel tune… 
    I barfed on my keyboard.  Still watching.

    I HATE that it has a fan, but at least the fan looks easy to replace WHEN (not if) it just quits one day.

    This would make an ideal place for me to put my Chat server VM and Asterisk Server VM.

    I'd need really only about 8GB HDD or less even.  They only occupy 5.8GB right now total and less than 1GB ram.
    I think for pfsense, I'd rather have something with a bunch of network interfaces though.
    (There is actually a OpenVPN AS VM still running as part of that 5.8GB, but sense I have pfsense, I don't need my OpenVPN AS anymore)



  • I have bought 2 NUC basic model (Celeron) :

    • one for a XBMC player : Openelec, with 2GB stick, 2GB RAM, a cheap IR and multimedia NFS shares on my local Debian server,  it's a KILLER media center, with PVR function now.
    • one for the exchange of my old PfSense running with an Openbrick, 2 time change the inside capacitors; too much eat with a bad hardware design.

    The second one need an USB<->ETH supported, I think a proven 24/24 365/365 should exist and will do it for a simple ADSL line of ~6MB.
    I have add inside a 32GB mSATA to run a Squid+Squidguard proxy, because kids here now surf …

    If it doesn't do the job of PfSense firewall, doesn't matter, I'll convert it in an other XBMC player ;).

    And YES, you heard the ridiculous Intel sound when the box is opened ...  ;D
    That's the more narcissistic advert I've never seen  :D

    PS : this evening I have tested last stable version of IPCOP, it didn't see the mSATA and had install himself on the USB boot stick. A big fail...



  • About the FAN : with a single CORE at 100%, yes you'll heard it in the living-room.
    But, when playing a video the 2 cores are at 10% each, you need to put your head on it to heard something, really efficient.

    For a home firewall, I bet on a 2% per core, so it's not really a problem.

    About the reliability, I don't know, but I don't really care : always repair myself broken stuff  ;D



  • I'm due for a new install of CentosOS and all the stuff running in it.  I'll consider this depending on your evaluation of it over time.  I don't upgrade my hardware more than once every 5 years and probably closer to 10.  Life cycle security and maintenance updates for my current version of CentOS ends in 2017-03-31 so I'm really crunched for time…  Let me know how these perform over the next two years or so.



  • Hi,

    Some news : the NUC (Celeron) is in production, with a new Trendnet TU2-ET100 USB<->ETH adaptor (for a 6MB ADSL line, it's enough).
    A Samsung mSATA 32GB & 2 GB memory inside.

    Backup & restore from/to 2.0.3 went wrong, 2 issues :

    • with the interface mismatch, even with the graphical tool to change it, it didn't reboot as it should, it lost the PPPOE configuration & need to reconfigure 2 networks interface & PPPOE.
    • impossible to restore the RRD datas.

    But, it doesn't matter  ;)

    For the moment everything is OK, as it should. The 2 cores are doing nothing, the web interface is faster than the old openbrick.
    Boot & applying setting are light-speed.

    Bad point, the NUC is a little hot and the TU2-ET100 VERY hot, but today the house is at 27°.

    I'll came back in a few days or month to keep people informed on how this setup will act.

    ++

    Phil



  • It would be better if the entire housing were a piece of ribbed aluminium with a heat-pipe heat sink connecting to CPU to housing.  The fan just ruins the theoretical reliability of it.



  • Sure the fan is a bad point, but : with a basis of 3% of CPU charge, the fan isn't running or is impossible to heard. Means that it doesn't scare me …
    And I think you can run the box without the cover if the fan is burned, just waiting the Chinese spare copy you've order on the Bay :).

    24H after : everything stable.

    Is their a way to probe the ACPI temp. sensor with PFSense or shell ?



  • @phil242:

    Is their a way to probe the ACPI temp. sensor with PFSense or shell ?

    Look in System > Advanced > Miscellaneous. About the middle of the page is a thermal sensors option with choices for None/ACPI, Intel and AMD. The Intel (or None/ACPI) option doesn't show anything on my Xeon based Dell 1850 server but the AMD option shows data on my Opteron 140 based home-built machine. It's likely that the Xeon uses different thermal sensors than the Intel Core it's expecting to read. That said, it should read something on the NUC's Celeron so give that a try. The output is on the dashboard between MBUF Usage and Load Average if it gets a reading.

    ![pfsense temp display.PNG](/public/imported_attachments/1/pfsense temp display.PNG)
    ![pfsense temp display.PNG_thumb](/public/imported_attachments/1/pfsense temp display.PNG_thumb)



  • Thanks you for the details, but, bad luck, I don't have this option in the advanced -> misc tab.

    According to your screen-shot, you run a 2.1 version, I'm in 2.0.3.
    I need to wait for 2.1.0 as I don't have the Jedi level for debug version ;D

    BTW : I have check the PowerD option in the "misc" tab, don't know if it is important or not for the NUC. But if I compare it to the NUC dedicated to XBMC, the PFSense is really hot and shouldn't according to the low CPU & hardware. I think I have something to find to get it the same temp as XBMC box …
    How can-I display the CPU MHZ in "live" (as I would do with a cat /proc/cpuinfo under a Linux kernel, "sysctl -a" doesn't seem to grab the CPU current stepping) ?

    Phil



  • You know, I just assumed that was a 2.x feature not 2.1 specific. I know I didn't see it on 1.2.2 and 1.2.3 but I've been using 2.1 for a looong time now (was using the old 2.1 IPv6 Development version) so it all seems like a blur to me sometimes.

    For CPU clock speed, I recall seeing two different measurements under CPU type on the dashboard, but it was in a VMware ESXi install so that may have had an impact on it. I doubt it was "live", it would probably refresh whenever you refreshed the screen and it may be a 2.1 specific feature but I remember seeing it at one point.


Log in to reply