Mini ITX Recommendations



  • I'm interested in putting together a pfSense box and for various reasons, including price/performance ratio and wanting to run a number of packages like snort, openvpn, squidguard and a/v, my preference is to stay away from the embedded system and atom lines.  I'd also like the motherboard to have dual on-board NIC's, preferably Intel.  The Intel BOXDQ77KB seems to be recommended quite heavily, but most likely as a result of this:

    http://www.anandtech.com/show/6685/the-end-of-an-era-intels-desktop-motherboard-business-to-ramp-down-over-next-3-years

    is extremely hard to find.

    I've seen other recommendations in the forums, including:

    http://www.newegg.com/Product/ComboDealDetails.aspx?ItemList=Combo.1417806

    which is intriguing, but after adding a HDD and RAM would run ~$400.  I can't help but feel that a decent itx system with either a pentium or celeron processor can be built for around $300.

    I've also seen:

    http://www.newegg.com/Product/Product.aspx?Item=N82E16813128567

    recommended but the onboard NIC's are Realtek, which I would prefer to avoid.

    It looks like:

    http://www.newegg.com/Product/Product.aspx?Item=N82E16813128615

    would fit the bill, but it's a Haswell based system and I'm not sure about compatibility with pfSense.  Does anyone have any experience?

    Are there other recommendations for a mini-itx system with a pentium or celeron processor and dual on-board Intel NIC's?



  • I dont have a specific recommendation for you, but remember that going the full desktop cpu route gives you a system which you can virtualize and do a lot more with - rather than just run pfsense only.
    Mini itx boards are unfortunately not cheap. Surprisingly Intel itx boards were among the lower priced. You can also take a look at Jetway but they are also pricey.



  • Thanks for the suggestion.  I've seen the virtual route posted quite often and it seems like a decent number of people are doing it.  I guess I'm just an old school security curmudgeon who likes the physical separation for a firewall.  It's worth the couple hundred bucks to me for the piece of mind to buy a purpose built system.  I am also looking at building a second system for an esxi build, but that's another story …



  • Exactly what kind of compute resources do you need?

    http://www.supermicro.com/products/motherboard/Core/H81/X10SLV.cfm

    satisfies all your conditions. but for some strange ass reason, that "type/family" of board doesn't have a version with IMPI.

    Is there a particular reason why you don't want embedded?
    A Giada N70E-DR has an IVB 1.8GHz Celeron and satisfies the rest of your conditions save for the no-embedded clause.



  • @mcr6401:

    Are there other recommendations for a mini-itx system with a pentium or celeron processor and dual on-board Intel NIC's?

    Forget about getting any itx with dual nics that aren't realtek. The dq77kb is gone, whether or not intel admits it, and its glitchy anyways. Intel chips n' nics = good, intel motherboards = run away. (great examples of epic fails: VT-d on their itx "server" boards, Ivy-E on their X79 boards)

    There are some single nic boards that will be intel, but tend to be the pricey feature loaded boards. (asrock and especially asus will sell you one around $150-200+ and they are pretty nice for a gaming/media computer, but you're paying for lots of useless stuff for a firewall)

    Just get whatever cheap itx board you like and a half-height intel quad nic, problem solved. You can always just ignore the realcrap port.



  • I like this one:

    http://www.mini-box.com/Jetway-JNF9J-Q87

    Pricey but nice. Needs 4th Gen Haswell Processor.



  • @ayah:

    Exactly what kind of compute resources do you need?

    Not much, at most about a 20Mbps cable modem connection.  I'm concerned about future proofing as I'd like to run it at least 5 years.

    @ayah:

    Is there a particular reason why you don't want embedded?
    A Giada N70E-DR has an IVB 1.8GHz Celeron and satisfies the rest of your conditions save for the no-embedded clause.

    I was looking more to stay away from Alix systems and the like.  While I appreciate their advantages, especially power draw, I'd like to have the horsepower to run some cpu intensive packages.

    @Aluminum:

    Just get whatever cheap itx board you like and a half-height intel quad nic, problem solved. You can always just ignore the realcrap port.

    Probably not a bad idea.  A quick ebay search shows the dual nics can be had for <$40.

    @daniev:

    I like this one:

    http://www.mini-box.com/Jetway-JNF9J-Q87

    Pricey but nice. Needs 4th Gen Haswell Processor.

    I do like the Jetway and the Supermicro lines, but as you mentioned a little pricey.  Do you know if the Haswell chipsets have decent compatibility?



  • Any opinions on the Giada N70E-DR? It has your dual intel NICs and the IVB celeron might just be enough for you, though I'm assuming that with your price limit that you're not dreaming of snorting/vpning through 1Gb/s.

    apparently newegg.ca's specs and the manufacturers specs on the processor included don't agree. newegg.ca says 1037U (1.8GHz) while Giada's page says 1007U (1.5GHz).



  • @mcr6401:

    @daniev:

    I like this one:

    http://www.mini-box.com/Jetway-JNF9J-Q87

    Pricey but nice. Needs 4th Gen Haswell Processor.

    I do like the Jetway and the Supermicro lines, but as you mentioned a little pricey.  Do you know if the Haswell chipsets have decent compatibility?

    I do not, unfortunately.



  • The bulk of the Haswell boards you'll find will NOT have working NICs.  The i210 and i217 Intel NICs are not currently supported.



  • For what it's worth, I am using this as a firewall at work:  http://www.amazon.com/Jetway-NF96U-525-LF-Mini-ITX-Motherboard-Onboard/dp/B008GWMIWM/

    with this: http://www.amazon.com/Jetway-AD3INLAN-G-Daughterboard-Controller-motherboards/dp/B003Y3RWV0/

    I can confirm that the 3x Intel daughterboard works fine with both pfsense 2.0.3 & 2.1, and the realteks were recognized when I upgraded to 2.1.



  • @Jason:

    The bulk of the Haswell boards you'll find will NOT have working NICs.  The i210 and i217 Intel NICs are not currently supported.

    The Jetway NF9J Q87 says 1 x Intel I217LM PHY Gigabit LAN (iAMT 9.0) and 1 x Intel 82574L PCIE Gigabit LAN. So, then one of the NICs is unsupported.



  • I've been using pfSense for a little over a year now on an old computer I had lying around. I'd like to get a mini itx (or something similar) that will run 2.2 smoothly. I currently have a 50 meg connection at home, and will hopefully be able to upgrade to 100 meg+ within a year. Are there any recommendations? I'm good building or buying pre-built…

    I was thinking about getting one of these, but with all Intel NIC (which the description states is optional).  Any thoughts?

    Jetway NF9N-2930 Intel Quad Core 5 x LAN Fanless Networking Appliance, 2GB, 557 https://www.amazon.com/dp/B00SX9V9DC/ref=cm_sw_r_awd_a8m3ub1EWZGYK

    Thanks in advance

    -Lenny



  • I have no experience with this, but do have my eye on it: Supermicro A1SRI-2558F-O.  This is a quad-core Rangeley C2558 CPU.  Rangeley means it supports AES-NI and QuickAssist.  Quad Intel i354 NICs.  Dedicated IMPI chip for out-of-band management.  Available for $240+10 S/H from SuperBiiz.  Obviously cost will be higher once you add ECC SO-DIMMs, storage, case and power supply.

    If electrical power draw is a concern (it is for me), I'm guessing this board might idle around 15 watts with an efficient power supply.  I can't find anyone on the web who's posted numbers, but there are numbers available for similar Avoton/Rangeley systems.  It's been my experience that Intel CPUs in the same family tend to have the same (or very similar) idle power consumption, even if their TDPs are different.  I'd wager that you can probably save a watt or two if you disable any unneeded ports, a couple cores, use one DIMM instead of two, etc.  But again, this paragraph is mostly speculation, I'm just thinking out loud.

    Semi-comparable systems might be the Netgate RCC-VE or Netgate RCC-DFF systems.  But those have less flexibility (IMO) given the fixed RAM, and no IPMI.



  • I am running my pfsense on a gigabyte j1800-d2h mini itx and it is running fine and i have no performance/driver issues.
    i just found this car wirt with an celeron 1900 ! and dual gigabyte lan (realtek)
    http://www.kitguru.net/components/cpu/leo-waldock/gigabyte-j1900n-d3v-review/

    i think this is the best mini itx MB to run pfsense on considered the low price and low power consumption
    http://www.ebay.co.uk/itm/Gigabyte-GA-J1900N-D3V-Desktop-Motherboard-Intel-Chipset-/291349323150?pt=LH_DefaultDomain_0&hash=item43d5c5dd8e



  • I Currently run 2.2 on a Gigabyte J1900 and have it working well, there's a pretty long thread on this board here on pfsense forums - you might have some install issues that can be fixed with the advice in that thread.

    also, if you don't need dual lan ports, the Asrock Q2900 or the Q1900TM might be good solutions:

    http://www.newegg.com/Product/Product.aspx?Item=N82E16813157546
    http://www.newegg.com/Product/Product.aspx?Item=N82E16813157496



  • My biggest recommendation for the j1900s is set it up and leave it alone.  Don't plug in and unplug any usb drives etc or you will end up going into bios to set up boot order all the time.  Other than that, its very nice.



  • ion the cheap:

    1. gigabyte celeron-j 1900 itx with dual on-board realtek nics (GA-J1900N-D3V (rev. 1.x)) and 4-8gb so-dimms - max is 8gb and no ecc

    2. athlon 5350 with an asus AM1I-A and a ebay intel dual nic gigabit pcie card and 4-8gb+ of regular ram (ecc works)

    anything above cheap:

    when you add in the cost of an i3, decent board, intel nic,etc - makes more sense to go SUPERMICRO MBD-A1SRi-2758F-O

    http://www.newegg.com/Product/Product.aspx?Item=N82E16813182855&cm_re=atom_c2758--13-182-855--Product

    add some ecc ram and run with it



  • I builded my last box (few months ago) with the Jetway NF9N with Intel Celeron N2930 and their GEN2 4XNIC Intel Daughter card. Totaled about $220

    It is working very smoothly, then again my load is very low, home environment, 1 EXSi server (3 instances),  1 NAS, 1 Workstation, handful of mobiles devices.