Build Advice



  • Hi All

    Newb here looking for advice on a pfsense build with optional squid/squidguard packages, will also be running openvpn/openssl. I have some parts lying around and was looking at the optimal build for my needs, I have the following core components:

    Minibox M350 mini itx case
    Intel DQ77KB mini itx board with external laptop PSU
    2 x 2GB SODIMM ram
    80GB 2.5" HDD 5400 rpm

    I have the following cpu's left over from various microserver rebuilds (all LGA1155):

    e3-1220l v2
    i3-3220
    G1610T

    I also have an Intel Pro1000 dual nic pcie card but I only think I could get it in the case if I use the xeon in a fanless design (low profile small heatsink).

    Is this overkill for task and should I consider different parts, say an SSD for example.

    cheers



  • Newb here looking for advice on a pfsense build with optional squid/squidguard packages

    If the Squid should be used as a caching proxy I would prefer to go with a SSD or mSATA if a slot is there
    on this Intel mainboard.

    will also be running openvpn/openssl.

    A CPU with AES-NI support would be fine in this case.

    Minibox M350 mini itx case

    If you would be able to cool down this case together with the Intel Xeom CPU it would be ideal!

    Intel DQ77KB mini itx board with external laptop PSU

    Super board if it would be able to mount the Intel Xeon and a mSATA I would go this way.

    2 x 2GB SODIMM ram

    2 x 2 GB ECC RAM or 2 x 4 GB ECC RAM
    You might be finding it out how many RAM you will need for all services, packages and running options.

    80GB 2.5" HDD 5400 rpm

    Together with Squid I would more tend to a small SSD or ideally to a mSATA.

    e3-1220l v2
    i3-3220
    G1610T

    At these days nothing beats an Intel Xeon CPU!

    • AES-NI
    • ECC RAM support
    • 2,3GHz - 3,5GHz "TurboBoost"
    • 2 CPU Cores and 4 virtual HT Cores

    I also have an Intel Pro1000 dual nic pcie card but I only think I could get it in the case if I use the xeon in a fanless design (low profile small heatsink).

    Your mainboard comes sorted with 2 Intel based NICs and if this might be enough for you you will
    have no need for the extra dual port NIC!

    Is this overkill for task and should I consider different parts, say an SSD for example.

    Might be pending on all other tasks, functions, options and installed packets on your pfSense box and
    then all together would be the point we have to talk about. But something that could sufficient for all
    might be the following;

    • Your Mainboard
    • Intel Xeon E3-1220l v2
    • 2 x 4 GB ECC RAM (must supported by the mainboard)
    • 120 GB mSATA (with TRIM support)

    For the case that you will or need urgent to add another NIC to that parts you might go better
    with a mini ITX case with one expansion slot likes the following cases will offer.
    Jetway JC-110-B 60W 58946
    Delux DLC-MS126
    Travla C158

    This would be a really strong and powerful pfSense box for sure and also a long time running firewall.



  • Hi Frank

    Thanks for that, some good info there.

    I can get a 120GB ssd cheap enough but the msata is still quite pricey here by comparison. Yes I will be caching with squid, I am on an adsl2 line so I need all the help I can get.

    The xeon is my preferred choice of cpu and whilst I have come across reference to it booting fine in this board, I still don't fathom how that can be so given it has no gpu built in, possibly the AMT on the lan port is being used to configure and install the OS. In any case my backup is the i3 and it should be fast enough to handle my needs just a shame it has no AES-NI.

    The intel board does not support ECC memory, so its just plain old laptop ram. Would i really need more than 4GB though?

    The onboard nics should suffice as all i need is 1 wan and 1 lan port, at least thats all i think I need for this use case, is there a situation where more ports would come in handy?



  • I can get a 120GB ssd cheap enough but the msata is still quite pricey here by comparison. Yes I will be caching with squid, I am on an adsl2 line so I need all the help I can get.

    I was only thinking on the mSATA due to the heating inside of the case, a SSD will be also very good
    in this case for sure.

    The xeon is my preferred choice of cpu and whilst I have come across reference to it booting fine in this board, I still don't fathom how that can be so given it has no gpu built in, possibly the AMT on the lan port is being used to configure and install the OS. In any case my backup is the i3 and it should be fast enough to handle my needs just a shame it has no AES-NI.

    The OS will be installed then over the USB port and from a USB pen drive over the serial console
    you will do this really fast and secure so no GPU or screen is needed on the pfSense box side.

    The intel board does not support ECC memory, so its just plain old laptop ram. Would i really need more than 4GB though?

    Really sad to hear about that, perhaps the Intel Xeon will be running with the other ram together also well
    if you have luck.

    The onboard nics should suffice as all i need is 1 wan and 1 lan port, at least thats all i think I need for this use case, is there a situation where more ports would come in handy?


Log in to reply