Intel Mini-ITX Atom 8-core Hardware Build Recipe Available Here
-
So, I found a work around to my WAN not aquiring DHCP, which it did at least for 3 days. IGB0 no longer will accept a DHCP address from my cable modem, however it does work fine getting an address from a generic dd-wrt router serving DHCP. I have to use any of the other Ethernet ports to connect the Supermico board to the cable modem. Very very wierd. Currently the more I use pfsense, the more broken it seems, for example even with a clean install of squid3, I only get I-CAP errors. NTP service when setup seems to drop randomly, and the webgui many times is just too slow, or allowing no access with an internal error 500 or 503. Fresh pfsense installs only work for short periods.
-
I went ahead and ordered another 8GB from Amazon for a total of 16GB.
I would guess to high up the mbufs numbers, 16 GB is really enough, better then wasting
unused RAM then spending 3 GB in total for a higher mbufs size. I would give this a try. ;)@Justin0
In your signature you have named a Supermicro C2558 mainboard and a SSD.
And after a fresh install did you enable TRIM support and PowerD, related to
the slow GUI or Interface?Regarding to the NTP Server, did you configure it in this direction:
- Setting NTP up on the DD-WRT and then on the pfSense setting up the DD-WRT as the NTP server?
- Or did you only setting up the NTP on pfSense and then nothing?
-
@BlueKobold:
@Justin0
In your signature you have named a Supermicro C2558 mainboard and a SSD.
And after a fresh install did you enable TRIM support and PowerD, related to
the slow GUI or Interface?Regarding to the NTP Server, did you configure it in this direction:
- Setting NTP up on the DD-WRT and then on the pfSense setting up the DD-WRT as the NTP server?
- Or did you only setting up the NTP on pfSense and then nothing?
Trim and PowerD enabled.
NTP was setup after I tried to deploy PFsense: Internet>Cable Modem>PFSense>DDWRT AP ONLY mode
It's not just NTP though, it seems services tend to stop and start randomly, or not work at all. Squid3 antivirus blocks everything w/default settings after fixing the prompts to fix the files once saved, igiving ICAP errors on websites. Disabling IPV6, and saving interfaces (along with disabling IPv6 tracking or DHCP6) results in many log entries about not able to find IPv6 on WAN. Just odd problems that feel like the GUI does not properly alter the settings.
-
Does anyone know a definitive way to enable trim on this motherboard?
I searched, but there are so many methods, I don't know which one to use for version 2.2.4. Is the boot in single user mode and running
/sbin/tunefs -t enable / /sbin/reboot
the recommended way to enable trim? Will this persist between reboots and upgrades?
Also, what is everyone using for PowerD settings for this build recipe?
-
The above is how I enabled trim. Again just make sure you are in single user mode, which I did over IPMI.
-
the recommended way to enable trim?
At first I would even have a look on the tech specs. from the SSD, mSATA, SSD-DOM or SATA-DOM
or what ever you have installed in your pfSense box!!! Because there are some devices that not
accepting any TRIM orders and for this it is not really fine to enable the TRIM support.But if your device is accepting and supporting TRIM I would also at first have a look in the OS
that TRIM is enabled or not and then if this was not done during the installation process I would try
enabling it.Will this persist between reboots and upgrades?
Many things can be done by set up a /loader.conf.local that during the updates and upgrades
many things would be not wiped away, the other option is to work it out by using scripts that
should stored in a place that will be not affected by the upgrade or update process, so that they
all can be run with a cron job after those processes.Also, what is everyone using for PowerD settings for this build recipe?
This can be really different each from another! Because this tends mostly on the running services,
installed packages, amount of users, network load and much other things that plays together.So it is not a really "We have all the same Supermicro Board and should use then all the same settings"
or something likes that. I one situation it will be the best to go without, and in other situations it is better
to go with min, max, adaptive or high adaptive mode, but this tends really on every single situation and
offered services, usage, number of users, or what ever is your situation at your place.In one way it is for CPUs or SoCs with so called "CPU turbo clock" but this can also be differ
from other CPUs or SoCs with more then one CPU core for using it for power saving´s.But this settings are often affect the whole system performance and so it can be different
what users are choosing to go with, this often is more related to their system and config.
At many mainboards this must also activated in the BIOS first to use it.PowerD minimum = is using only the minimum CPU frequency
PowerD maximum = is using only the maximum CPU frequency
PowerD adaptive = ?
PowerD highadaptive = is using from the minimum to the maximum CPU frequencyIn FreeBSD that is also called "powerd flags" if want to search by your own over this settings.
As an example:
Alix APU 1D4 Board without PowerD enabled shows up max. ~450 MBit/s throughput (iPerf)
Alix APU 1D4 Board with PowerD enabled shows up max. ~650 Mbit/s - 750 Mbit/s throughput (iPerf) -
Got my case, ssd, memory, and board. (no fans or power supply yet).
Hooked up a regular ATX power supply I have sitting around and am tinkering with the IPMI configuration to try to get SOL working with pfsense so I can make configuring this thing completely without the need to hook anything up directly to it.
No problem! I am just waiting on my RAM to be delivered tomorrow, I went ahead and ordered another 8GB from Amazon for a total of 16GB. The rest of the system is hooked up and boots up fine to the POST screen where it obviously errors out due to no RAM. The IPMI also works and is super cool, I had no idea that existed until researching a pfsense system to build.
I'm the last person to "question" overkill :)
But is 16gb really necessary, or is it overkill? I know one SODIMM isn't taking advantage of dual channel, but does is that really going to make a difference here? And under what conditions would one really need/want 16GB ram for pfsense? -
~2 GB for highing up the mbufs size (if used)
~2 GB for the ClamAV (if used)
~4 GB for Squid (depends on what caching method is used)
~4 GB - 8 GB for pfSense & Snort (if snort will be used)Ok this might be then more likes a full featured UTM appliance
but why not if he is willing to use it in this way? -
@BlueKobold:
Ok this might be then more likes a full featured UTM appliance
but why not if the he is willing to use it in this way?Don't get me wrong. If someone wants to and can, why the hell not :)
I'm asking because I'm genuinely curious why someone would need that much ram.Because, you know, it might convince me to get that much RAM :)
-
@BlueKobold:
Ok this might be then more likes a full featured UTM appliance
but why not if the he is willing to use it in this way?Don't get me wrong. If someone wants to and can, why the hell not :)
I'm asking because I'm genuinely curious why someone would need that much ram.Because, you know, it might convince me to get that much RAM :)
It's because I live in Texas, where everything is bigger!
-
I'm the last person to "question" overkill :)
But is 16gb really necessary, or is it overkill? I know one SODIMM isn't taking advantage of dual channel, but does is that really going to make a difference here? And under what conditions would one really need/want 16GB ram for pfsense?My current pfSense box has only 2Gb Ram, AMD Dual Cores processor, running Snort (WAN and LAN) + IPBlockerNG without any issue, Memory was used about 19%, PowerD was turned on. It was also running Squid3+iCap+ClamAV too before, still had no issues at all.
If you use SSD, want to use ramdisk, the more RAM the better. If you want have best Snort performance (e.g. set search mode to AC-NQ), It requires more RAM.
If the 8G ECC ram is cheaper in US, Why not. Here in Canada, the cheapest Kingston ValueRAM 8Gb ECC (KVR16LSE11/8KF) is $CAD 81 + Tax + Shipping charges = ~100:
http://www.tigerdirect.ca/applications/SearchTools/item-details.asp?EdpNo=8868966&CatId=11484
-
My current pfSense box has only 2Gb Ram, AMD Dual Cores processor, running Snort (WAN and LAN) + IPBlockerNG without any issue, Memory was used about 19%, PowerD was turned on. It was also running Squid3+iCap+ClamAV too before, still had no issues at all.
Ok if it is running also without any problems for sure why not, but
then you are truly not from Texas. ;) -
Ugh.
The supermicro board is very sensitive to ATX power supplies apparently. I was using a spare Forton power supply that technically fits all of the requirements. ATX 2.2, eps12v, etc etc.but it only intermittently powered on the board. IPMI was powered on successfully 100% of the time though but shorting the power pins wasn't powering up the board - it wasn't activating the power supply.
Spent all night trying to troubleshoot it, and then finally got fed up, and went and got my other spare power supply (asus neo550) and it worked 100% of the time.
I'm not planning on powering it permanently with this PS, just waiting for my external mini-din power brick to arrive, but if anyone else is planning to power it with an ATX supply, keep that in mind.
-
Ugh.
The supermicro board is very sensitive to ATX power supplies apparently. I was using a spare Forton power supply that technically fits all of the requirements. ATX 2.2, eps12v, etc etc.but it only intermittently powered on the board. IPMI was powered on successfully 100% of the time though but shorting the power pins wasn't powering up the board - it wasn't activating the power supply.
Spent all night trying to troubleshoot it, and then finally got fed up, and went and got my other spare power supply (asus neo550) and it worked 100% of the time.
I'm not planning on powering it permanently with this PS, just waiting for my external mini-din power brick to arrive, but if anyone else is planning to power it with an ATX supply, keep that in mind.
Hmmm, I thought any ATX power supply should be fine. Thats odd. Did you try the 4pin or 24pin?
-
With an ATX powersupply you can't use the 4-pin without modding it.
ATX supplies don't provide full power without a PS_On signal sent back. The 4-pin is "dead" until the ATX supply is told to turn on. and the 4-pin doesn't have a PS_On pin for the motherboard to tell it to turn on.
-
With an ATX powersupply you can't use the 4-pin without modding it.
ATX supplies don't provide full power without a PS_On signal sent back. The 4-pin is "dead" until the ATX supply is told to turn on. and the 4-pin doesn't have a PS_On pin for the motherboard to tell it to turn on.
Right. I forgot that.
-
With an ATX powersupply you can't use the 4-pin without modding it.
ATX supplies don't provide full power without a PS_On signal sent back. The 4-pin is "dead" until the ATX supply is told to turn on. and the 4-pin doesn't have a PS_On pin for the motherboard to tell it to turn on.
Still waiting on your 4-pin from eBay? Mine literally only took 2 days to get to me in Austin, TX. I freaking love this system!
-
Still waiting on your 4-pin from eBay? Mine literally only took 2 days to get to me in Austin, TX. I freaking love this system!
Should be here tomorrow. Still waiting on the fan bracket and fans though. I'm not sure I'll need them, but noise isn't a concern in the utility room so I'll install them just in case.
I'm pretty excited to get this set up. I currently have a /29 but that's primarily because network isolation was easy and anything more complicated was a bit of a pain with dd-wrt. With pfsense, I think I can drop down to a /30 and just have a couple of VLANs.
-
Power supply installed. Got the build installed and doing some basic tests. I just hooked it up as a DHCP client to my current internal network and did some tests with the dhcp and dns server and some throughput tests over NAT.
900+MBit/s either direction using iperf3.
So yup, definitely gigabit routing - i was expecting this.
CPU temp topped out at 39c. I currently don't have a fan on it at all. Doesn't seem like I'll need one, but I have 3 40mm and a bracket still enroute, but I think this thing would definitely function well fanless even.
I set a 100MB /tmp and 200MB /var ramdisk and I think my memory peaked out at 5% of 8gb :)
-
900+MBit/s either direction using iperf3.
Wow, this sounds really good.
Can you have a look at the LAN Port LED´s please, are they on or off?
Thnx for that.