First time with pfSense, build check please!

  • Hello everyone,

    I am getting ready to order my parts to build my first pfSense box.  I plan to use it as a router/firewall, going out to a Gbit switch with my old router as a wireless AP.  I want it to be able to comfortably pull 20-30 Mbps while connected to a VPN with OpenVPN.  I would also like to have the headroom to run Squid, Snort, etc. as well.  Please let me know what you think of these parts:

    Case: M350 Universal mini-ITX case
    Mobo/CPU: Supermicro X10SBA-O Intel Celeron J1900 (has dual Intel i210AT Gbit ports) product page
    RAM: 2 x Crucial 2GB Single DDR3 1333 MT/s (PC3-10600) CL9 SODIMM 204-Pin 1.35V/1.5V
    PSU: Mini-Box picoPSU-80 80 watt Output 12 volt Input DC-DC Power Supply
    SSD: SanDisk ReadyCache 32GB

    Switch:  TP-LINK TL-SG108 8-Port 10/100/1000Mbp​s Desktop Gigabit Steel Cased Switch, IEEE 802.1p QoS

    My main concern is with the CPU.  The J1900 is a quad core 2-2.4GHz Celeron (ark)), but doesn't support AES-NI.  Is this guy powerful enough to do what I want?  If not, what would be a better, but still fanless alternative?

    Edit: links

  • It's plenty powerful enough to do whatever you need at 20-30Mbit/s even without AES-NI (which doesn't do much of anything right now anyway).

    The larger issue is that the board might not work at all.  There have been reported ACPI issues with some of the BayTrail-M boards.  The only "it's working" post I found was over here.  My recommendation is to buy it from some place that accepts returns, just in case.

  • Thank you for getting back to me so quickly!  I certainly appreciate your taking the time to help me out.

    That's comforting to know that the CPU has more than enough power to handle the throughput I'm looking for.  I wonder how fast it could go before I'd have to upgrade to an actively cooled, rack mounted option?

    As for the board, I'm hoping the Supermicro will work…I noticed in that bug report that most people were using consumer boards (ASRock, Gigabyte, etc) that were only aimed at supporting Windows and the like, but Supermicro is designed for servers and such so hopefully it has better support for FreeBSD based OS's?  I'm encouraged by the fact that the board that is mentioned in the "working" post is the exact same board I'm planning on using (he used the -L model which is a few bucks cheaper but loses some of the expandability, but it's the same board really).

    I followed the links in the bug report to an insightful post for FreeBSD in general.  It seems to be a problem more commonly seen with the Intel NUC boards using Baytrail-M, if I'm reading it correctly.

    I'll certainly keep it in mind, though, to make sure the vendor does returns if I end up going with it!

    Does anyone else have any input/suggestions?

Log in to reply