Help picking out hardware for 1 gbps + VPN
-
So I am fortunate to have access to 1 Gbps internet, and will be getting it shortly. I will need to buy a new router to handle the speeds and since they range in price from 100 and up I figured I would look into building a pfsense machine instead. I also plan on getting a VPN like Private Internet Access.
From everything I have read so far, I will need a decent CPU to handle the 900ish Mbps speeds as well as running a VPN at the same time. I have this build so far (except for this is the actual MOBO). Is there anything wrong with this build? I would like to spend half of what I am spending currently, but pretty much everything I looked at in that price range didn't seem powerful enough (atom proccessors and such). Can anyone find hardware capable of handling what I will be doing for less than 400 US dollars?
-
Hello,
related to your budget you would be not really able to buy a device from the pfSense store, because
the SG-2220 unit is not capable to handle 1 GBit/s WAN throughput or load! :'(But the Netgate RCC-VE 2440 System is able to install the ADI community version of pfSense 2.2.2
for only $353 Unit and USB console cable and on top a 30 GB mSATA for ~$69 :(Other hardware related to the following circumstances and points would be;
- Supermicro C2558 board for ~$280 and ~$70 case & RAM & SSD
- Intel Celeron G3260 @3,3GHz & 8 GB RAM & mSATA or SSD Intel Dual or Quad Port NIC ~$250
- Jetway NF9HG-2930 Intel Celeron Quad Core Fanless PC w/ 4X Intel LAN, 2GB, M350 ~$299 & RAM Upgrade & SSD
4 Intel GB LAN Ports 1 x miniPCIe slot + SIM slot & 1 miniPCIe mSATA slot, max. 8 GB RAM ::) - Jetway Intel N2930 Network PC w/ 5X Intel LAN, 2GB, JBC200F9N-E4IN-B, ADE4INLANG ~$309 & RAM Upgrade & SSD
5 Intel GB LAN Ports 1 x miniPCIe slot & 1 miniPCIe mSATA slot, max. 8 GB RAM 8)
-
So it looks like I will be paying 300$ minimum if I want to get a pfsense machine as my router.
Thanks for the recommendations. I think I might just go with a gigabit router for now, as there are some in the sub 100 dollar price range with ~800 Mbps throughput, and that is good enough for me :)
-
So it looks like I will be paying 300$ minimum if I want to get a pfsense machine as my router.
No, but related to your wishes and needs it would be going in this direction!
If you only need SPI/NAT/Firewall ruels for 50 MBit/s internet connection, you can go with a used
Alix board for 150 € or $150. But this is then not really matching your criteria and the needs.Thanks for the recommendations.
- Intel Celeron G3260 @3.3GHz ~$50
- mini ITX Board ~$50
- mini ITX case ~$100
- 8 GB RAM ~$70
- mSATA or SSD ~$70
- Intel Quad Port NIC ~$60
Might be also running for you!
I think I might just go with a gigabit router for now, as there are some in the sub 100 dollar
price range with ~800 Mbps throughput, and that is good enough for me :)??? Could be that you are right. Perhaps then with DD-WRT or OpenWRT.
-
So it looks like I will be paying 300$ minimum if I want to get a pfsense machine as my router.
Thanks for the recommendations. I think I might just go with a gigabit router for now, as there are some in the sub 100 dollar price range with ~800 Mbps throughput, and that is good enough for me :)
I have the ASUS RT-AC66U which SmallNetBuilder says has a WAN to LAN throughput of 836 Mbps but the max I get is 220~ Mbps. So just be careful with the routers available. I am currently in the process of ordering the parts to build a pfsense machine based on the C2758.
-
I have the ASUS RT-AC66U which SmallNetBuilder says has a WAN to LAN throughput of 836 Mbps
This a very heavy home router, but not really compare able to pfSense which is a full featured firewall.
Those routers often do SPI/NAT and thats it, not more but also not less and this also often on top assisted
by a smaller and cheaper ASIC/FPGA chip to saturate the WAN - LAN throughput, in pfSense is all done in
software without support from those chips, since the latest versions they use AES-NI and in the future
they will benefit also from Intel QuickAssist.You should also using the same method as they have done in their test, to come closer to the same result.
but the max I get is 220~ Mbps. So just be careful with the routers available.
Perhaps you should sending from one PC to another running iPerf or jPerf or NetIO.
I am currently in the process of ordering the parts to build a pfsense machine based on the C2758.
From the pfSense shop or based on a supermicro mainboard? Which case you thing to go with?
-
My home network is all 1 Gbps, as tested by iperf, it's just the router's WAN to LAN that is slow, hence why I am going with pfsense.
I am indeed going with the Supermicro board and I'll be using the M350 case unless you have a better recommendation?
-
I am indeed going with the Supermicro board and I'll be using the M350 case unless you have a better recommendation?
If you want to go with the Supermicro board perhaps you could tell me first about which one
we are talking about, the SoC I mean, C2758, C2558 or C2358? -
@BlueKobold:
I am indeed going with the Supermicro board and I'll be using the M350 case unless you have a better recommendation?
If you want to go with the Supermicro board perhaps you could tell me first about which one
we are talking about, the SoC I mean, C2758, C2558 or C2358?C2758 like my previous post stated.
-
So it looks like I will be paying 300$ minimum if I want to get a pfsense machine as my router.
Thanks for the recommendations. I think I might just go with a gigabit router for now, as there are some in the sub 100 dollar price range with ~800 Mbps throughput, and that is good enough for me :)
I have the ASUS RT-AC66U which SmallNetBuilder says has a WAN to LAN throughput of 836 Mbps but the max I get is 220~ Mbps. So just be careful with the routers available. I am currently in the process of ordering the parts to build a pfsense machine based on the C2758.
Damn. That makes me worried then about the router I am getting. How can they say it has that kind of throughput, yet you are not even getting 1/4th of that >:(
-
So it looks like I will be paying 300$ minimum if I want to get a pfsense machine as my router.
Thanks for the recommendations. I think I might just go with a gigabit router for now, as there are some in the sub 100 dollar price range with ~800 Mbps throughput, and that is good enough for me :)
I have the ASUS RT-AC66U which SmallNetBuilder says has a WAN to LAN throughput of 836 Mbps but the max I get is 220~ Mbps. So just be careful with the routers available. I am currently in the process of ordering the parts to build a pfsense machine based on the C2758.
Damn. That makes me worried then about the router I am getting. How can they say it has that kind of throughput, yet you are not even getting 1/4th of that >:(
I have no idea. My hardware is either faulty or their tests are wrong. I'm using Cat6 cable and with the modem connected directly to my computer it maxed out. I've disabled/enabled every combination of the NAT/SPI/hardware acceleration in the router settings and the speed stays the same. I've also tested with stock firmware, dd-wrt, and Merlin and they're all about the same too.
I'm glad in a way because it gives me an excuse to drop $500 on pfsense gear! Haha.
-
C2758 like my previous post stated.
Would be really enough for a long time or many services running together likes, snort, squid,…..
-
I have the ASUS RT-AC66U which SmallNetBuilder says has a WAN to LAN throughput of 836 Mbps but the max I get is 220~ Mbps. So just be careful with the routers available. I am currently in the process of ordering the parts to build a pfsense machine based on the C2758.
I have pretty much the same router running Merlin and I have Rogers Cable 250/20 internet service. When I use the Rogers Cable Hitron device in Gateway mode I get speedtests of 320Mbps. But when I switch it to bridge mode and use my own router, which is an Asus RT-N66U, my speedtest drop to ~235 Mbps. So I can corroborate your results - and I am thinking of a pfSense router as well.
-
I have the ASUS RT-AC66U which SmallNetBuilder says has a WAN to LAN throughput of 836 Mbps but the max I get is 220~ Mbps. So just be careful with the routers available. I am currently in the process of ordering the parts to build a pfsense machine based on the C2758.
I have pretty much the same router running Merlin and I have Rogers Cable 250/20 internet service. When I use the Rogers Cable Hitron device in Gateway mode I get speedtests of 320Mbps. But when I switch it to bridge mode and use my own router, which is an Asus RT-N66U, my speedtest drop to ~235 Mbps. So I can corroborate your results - and I am thinking of a pfSense router as well.
Glad to hear that it's not just me. But at the same time, it's disappointing. Oh well! I just finished ordering all my parts to build my pfsense box a couple hours ago. Here's my complete parts list..
Motherboard/CPU (Supermicro A1SRI-2758F-O) http://www.amazon.com/gp/product/B00FM4M7TQ?psc=1&redirect=true&ref_=od_aui_detailpages00
SSD (SanDisk SSD 120GB) http://www.newegg.com/Product/Product.aspx?Item=N82E16820173071
6" 4-Pin Molex to SATA Power Cable http://www.newegg.com/Product/Product.aspx?Item=N82E16812200061
RAM (Kingston 8GB ECC Unbuffered SODIMM) http://www.newegg.com/Product/Product.aspx?Item=N82E16820239702
PowerSupply (150W 12V 12.5A AC-DC Power Adapter) http://www.ebay.com/itm/130478987672
Sleeved ATX 4-Pin P4 Extension Cable http://www.amazon.com/gp/product/B00E6QK5N6?psc=1&redirect=true&ref_=od_aui_detailpages00
Case (Mini-Box M350) http://www.amazon.com/gp/product/B005TX3LA4?psc=1&redirect=true&ref_=od_aui_detailpages00
HDD Mounting Bracket for M350 (for 2 extra fans) http://www.amazon.com/gp/product/B007HEN2W0?psc=1&redirect=true&ref_=od_aui_detailpages00
Fans (3x Evercool EC4015SH12BP 4-Pin PWM Fans) http://www.directron.com/ec4015sh12bp.html
Fan Screws (3x Sets of Screws) http://www.directron.com/fanscrews.htmlTotal: $593.69 Shipped
-
Cable Hitron device
This is only a smaller router, and both the Hitron in Gateway mode (with SPI/NAT) acting
as a router or in front of the ASUS what is doing also only doing SPI/NAT you will be getting
not even but mostly tends on the used hardware, better results as using a pfSense for sure.But this is owed to the circumstance that the pfSense is not only a router, it is a firewall
and firewall rules plus on top perhaps snort rules are really narrowing down the entire
throughput if not so powerful hardware will be used.So if you are using now a really big or powerful device running pfSense on, you will get better
or the same results in any or more kind of situations.- Jetway NF9HG-2930
- Intel Atom C2758
- Intel Celeron G3260
- Intel Xeon D-1540
- Intel Xeon E3-12xxv3
-
Well damn. Now I'm in quite the conundrum. I really don't want to spend more than 300 for a pfsense machine, yet I don't want to get screwed buying a 100 dollar router that lets me use 1/4th of my connection, so I should probably get a better(more expensive) one. Yet if I spend 200ish on a router I might as well make the investment in a pfsense machine that will be the best and only router I should need for as long as the hardware lasts.
What to do…..
-
Well damn. Now I'm in quite the conundrum. I really don't want to spend more than 300 for a pfsense machine, yet I don't want to get screwed buying a 100 dollar router that lets me use 1/4th of my connection, so I should probably get a better(more expensive) one. Yet if I spend 200ish on a router I might as well make the investment in a pfsense machine that will be the best and only router I should need for as long as the hardware lasts.
What to do…..
A good pfSense firewall/router >>>> any consumer grade routers in the current market.
-
I really don't want to spend more than 300 for a pfsense machine,
There are many many options to do so and who is even telling you all must be done
by yours in one step!? If you start with a good basis and then hug the machines up
from time to time would not really deep kicking your bank account!Let us start at the smallest level but sufficient enough for your needs:
$200 - refurbished or eBay
Celeron G3260 @3,3GHz
Board
4 GB RAM
case & PSU$300
Jetway NF9HG-2930 Thin mini-ITX Network Motherboard for self made
Jetway NF9HG-2930 Intel Celeron Quad Core Fanless PC w/ 4X Intel LAN, 2GB, M350 4 GB LAN Ports ready to go
Jetway Intel N2930 Network PC w/ 5X Intel LAN, 2GB, JBC200F9N-E4IN-B, ADE4INLANG 5 GB LAN Ports ready to go$350
Intel Core i3 or i5 CPU based$300 - 400
pfSense Store SG-2220
Supermicro C2358 or C2558 self madeSo the most thing is that you are owning a 1 GBit/s Internet connection that must be handled proper.
The layzy consumer router is able to deliver nearly ~800 MBit/s, offering the latest WLAN standards
and also he is doing SPI/NAT but no firewall rules, and all other options that comes by pfSense by side.For sure you will be happy with both machines and perhaps when money will be at one day not the
angle point for you, you could make from the consumer router with DD-WRT some impressive WLAN
APs that are connected to your pfSense, could be. If you are only at the stage of a 100 MBit/s or 200
MBit/s Internet connection you will be able to build a pfSense machine starting at $100 - $250 that
is sufficient for all your needs. -
I really don't want to spend more than 300 for a pfsense machine,
Trust me, you will spend more than 300 for the consumer grade routers in the foresee future.
-
Trust me, you will spend more than 300 for the consumer grade routers in the foresee future.
This could really be right! If he is willing to get a fanzy router for something around ~199 €, by changing
normally a router all 2 - 3 years it will be then during 4 years ~400 €.If he is only going to buy even a <$100 router and change all 2 years then, it would be only ~$200
in 4 years. So if a consumer router serving his needs it could be a win situation for him, but for sure
without the capabilities, options and features given by pfSense.