Intel Nucs any good for a pfsense router build?



  • Hi I have been toying recently with building a pfsense router,  I wanted to keep the power usage down since it would be running 24/7.  I was going to go for an Intel nuc,  with gigabit Ethernet and Celeron 1.8ghz.

    I have been advised by someone on another forum,  NOT to use usb to network adaptors since they are highly unreliable and unstable.

    Is this true ?

    I was advised a switch to add additional wan/lan connections as this would be more stable,  but this then adds to the power and wiring and ruins the neat and tidy and Green idea of mine!



  • Never use USB as network, EVER!

    USB uses a lot CPU processing, and thus isn't for that.



  • I agree with Gradius.  Side note, if the NIC on the Intel NUC is vlan capable, then with a vlan capable switch you can use the Intel NUC as a router/gateway/firewall, only if pfsense supports the hardware.

    The following post states pfsense does support the NUC and the NIC is vlan capable.

    http://forum.pfsense.org/index.php?topic=56452.0



  • thx guys for the links and info

    I find that link of intel nuc users trying to add pfsense to be interesting but it does appear no one followed through with an intel nuc setup.  Guess with usb to ethernet dongles being too cpu heavy and no one I guess tried the gigabit mpci card to add ethernets,  seems a bit of a failure.

    Perhaps better to build a mini itx rigg and get dual nics on the motherboard as well as a pci express network or dual card.

    vlan capable switches are a good idea but just don't like adding more hardware into the mix :)



  • I'm looking into this MB for light uses to end-user solution (not to me), it seems GA-C1007UN-D ($90 bucks) to be a good choice for 100Mbps, perhaps a bit more (need to perform a benchmark to know).

    Keep in mind it uses Realtek for NIC.



  • thx for the link and info,  nice motherboard and kit with dual nics and 1.5ghz celeron ain't too shabby,  may make a nice and in-expensive setup for a pfsense build.

    I hear many folk on here saying realtek nics are poorly how comes ?

    Will a realtek nic not give me say 100meg if I had that broadband or connection speed ?

    Any other build ideas I am open to them ;) thx



  • @Gradius:

    Never use USB as network, EVER!

    USB uses a lot CPU processing, and thus isn't for that.

    Unless he has gigabit WAN, an USB ethernet adapter won't cause any appreciable load on modern CPUs.



  • @Fevan:

    I hear many folk on here saying realtek nics are poorly how comes ?

    Will a realtek nic not give me say 100meg if I had that broadband or connection speed ?

    A lot of that advice is based on a mixture of experience with ancient Realtek devices and mere hearsay. In my experience, modern (i.e., PCIe-based) Realtek NICs are perfectly adequate; yes, more expensive NICs may be slightly more CPU-efficient if you're constantly pushing a gigabit, but at a mere 100 megabits, you won't see any appreciable performance difference.



  • @razzfazz:

    @Gradius:

    Never use USB as network, EVER!

    USB uses a lot CPU processing, and thus isn't for that.

    Unless he has gigabit WAN, an USB ethernet adapter won't cause any appreciable load on modern CPUs.

    The intel nucs all have a gigabit ethernet…..  so are you suggesting a usb ethernet adaptor would be ok ?

    Perhaps hope for an pfsense intel nuc build after all !

    I think gigabit speeds is excessive for my use,  was only considering 60-100meg ie just the normal broadband speeds.

    The reason why the intel nuc idea appeals to me is low power yet much more powerful then any router out there,  which is what I believe I would need for running under an Open VPN client.



  • I looked into Intel NUC several times.
    It was always the lack of (a second) internal NIC that kept me from going this route.

    I think the issue of CPU load for USB adapters is greatly exaggerated for today's x86 CPUs (also confirmed by my own tests). IMO it's basically a non-issue, unless it's gigabit ethernet. However, stability/reliability might be a problem. In my previous setup, using a thin client for pfsense, the USB adapter for the WAN interface repeatedly lost its DHCP lease every every two or three days. Not sure why, and I could easily just refresh manually. Worked fine otherwise, though. But in the end, I didn't investigate further and got a VLAN capable switch instead.

    Also, I didn't really like the NUCs in terms of price/performance. They seem rather expensive to me. Especially when you consider that you only get a single internal NIC. You can often get 2nd hand thin clients on eBay for much less, if you can do with only one NIC. Some with similar power consumption, and/or hardware AES support (Via Padlock). Also, most thin clients are completely fanless, unlike many NUC configurations.



  • Yeah a few suggested to use vlan switches instead…

    I think however I need something more future proof,  perhaps a decent pfsense build one that supports AES encryption so I can use it with my VPN and other uses.


  • Netgate Administrator

    @Fevan:

    so are you suggesting a usb ethernet adaptor would be ok ?

    It's better to avoid USB NICs because they aren't as reliable as a PCI/PCIe NIC by a large factor. If you search the forums here or at FreeBSD you will find many many users with unstable USB NICs. You may or may not have trouble but it's probably not a risk worth taking.

    Steve



  • thx for the confirmation,  just good to hear confirmation it would perhaps prove unstable.

    I guess this is the reason why most moved away from the intel nuc idea !


  • Netgate Administrator

    If you don't need more than, say, 500Mbps you could always run a 'router on a stick' configuration with vlans and a suitable switch.

    Steve


Log in to reply