Looking for Hardware with: SFP/WiFi/AES



  • I am looking forward to build a  router for my new FTTH internet connection. I am totally clueless what I should buy. I just list my requirements for the box and maybe someone can come up with something.

    • WAN: SFP WAN Interface for 1000BASE-BX Ethernet (integrated or recommendation for affordable PCI-E card)

    • LAN: Gbit Copper Interface

    • Ability to handle 200Mbit/s in both directions over a AES encrypted OpenVPN tunnel (the router is the endpoint)

    • I want to use it as WiFi access point, too. Therefore I need a recommendation for a good WiFi PCI-E card (need 5GHZ support since 2.4 is full)

    • Enough PCI-E slots to fulfill the above constraints

    • Should be small enough (no midi tower :))

    • Low Power consumption / passively cooled

    My ISP uses 6RD. This is supported in pfSense, right?



  • I have looked into a lot of this recently. From what I have read:

    -I found that almost unilaterally that a) Intel is the best NIC, and b) PCI/E NIC is cheaper than getting Intel NIC's onboard. Some Dell and HP PCI-E NICs can be had cheaply on ebay, and many are Intel based. Best to search for which work well - I went for the HP NC360T which reportedly works well, but I haven't had a chance to test mine yet.

    -pFsense makes an awful WiFi access point. You should use a proper (even if cheap) router for your access point.

    -There is also no support for 5GHz WiFi, even as a client.

    -I am waiting to see if my hardware selection meets the correct criteria for my 100Mbps connection, but from what I've seen, maybe a N3700 board, or an AMD Athlon 5350 should be about the right level. Anything higher I haven't looked into!

    Of course I could be wrong, but I'm sure someone will confirm or deny soon.

    Tom.


  • LAYER 8 Netgate

    @TomHBP:

    -pFsense makes an awful WiFi access point. You should use a proper (even if cheap) router for your access point.

    You should use a proper access point as an access point. Many people use the LAN side of a wi-fi router as a cheap AP but it has its limitations (obtaining a LAN management address via DHCP being a typical one).



  • WAN: SFP WAN Interface for 1000BASE-BX Ethernet (integrated or recommendation for affordable PCI-E card)

    Is there no GPON installed by your ISP? If so they will put mostly a coper cable between the GPON and your
    apartment. Anyway, a cheap SFP media converter that will support the BX standard will be even cheaper
    as a SFP NIC and a SFP BX GBIC.
    Perle

    LAN: Gbit Copper Interface

    How many of them you need?
    From 4 Ports to 10 Ports all is available.

    Ability to handle 200Mbit/s in both directions over a AES encrypted OpenVPN tunnel (the router is the endpoint)

    How fast is your entire FTTH Internet connection?
    To handle 200 MBit/s you should get a strong CPU with AES-NI support likes the Intel Core i3 or i5 are
    offering. Take a modern 4 Core CPU @3,0GHz that will be sufficient enough for your wish.

    I want to use it as WiFi access point, too. Therefore I need a recommendation for a good WiFi PCI-E card (need 5GHZ support since 2.4 is full)

    Why the hell it must be a PCIe card? Could you not go by a miniPCIe card also or instead of this one?
    Compex WLE200NX a/b/g/n
    UBNT SR71-E a/b/g/n

    Enough PCI-E slots to fulfill the above constraints

    In a mini ITX case?

    Should be small enough (no midi tower :))

    But with many PCIe slots?

    Low Power consumption / passively cooled

    Go to the pfSense shop and get your hands on a SG-4860 or SG-8860 box that would be
    handle all your need! 3 miniPCIe Slots for modem, wifi and mSATA.

    My ISP uses 6RD. This is supported in pfSense, right?

    6RD support
    6rd support added

    -I found that almost unilaterally that a) Intel is the best NIC

    Mostly the best supported drivers you get in pfSense.

    and b) PCI/E NIC is cheaper than getting Intel NIC's onboard.

    I really don´t know what you want to tell about NICs, but if I can get many Intel based onboard NICs
    I don´t need any more other NICs to buy.

    Some Dell and HP PCI-E NICs can be had cheaply on ebay, and many are Intel based. Best to search for which work well - I went for the HP NC360T which reportedly works well, but I haven't had a chance to test mine yet.

    Mostly a mini ITX case is not coming with PCIe slot breakouts that will support those extra NICs.

    -pFsense makes an awful WiFi access point. You should use a proper (even if cheap) router for your access point.

    For dual MIMO or ac support this could be the best, but if you get an internally card really good working
    you can also go with an internal miniPCIe WiFi card. In pfSense it is likes the following, you get it working
    or not. This is what I was getting out of this forum and in real life.



  • My whole FTTH connection is 200Mbit (synchronous). The fiber ends in my flat. No copper. The ISP provides some crappy plastic router with fiber input but I can't use that as converter because it can't be put to bridge mode and does not support prefix delegation. I have to replace it completely.

    As I see it external WiFi access point is the way to go. The thing is all these "Access Points" you can buy nowadays are actually routers with a WiFi interface (at least the non-enterprise hardware). The only thing I found that supports the AC standard is: http://www.broadbandbuyer.co.uk/products/19129-cisco-smb-wap371-e-k9/

    The SYS-E200-9B looks interesting. Thing is. I have a Intel Quad Port Low Profile PCI-E card here that I could use. So I actually don't need an onboard nic.

    Assuming I use this quad PCI-E and a external media converter and an external access point: Is there some other integrated solution with only one slot for PCI-E? Or is there no potential so save money when dropping the onboard nics for PCI-E slot?



  • Intel Celeron 1037U
    Would be the best option for you as I see it right.

    A media converter would be here in Germany to get for something around ~50 €
    and a TP-Link SFP mini GBIC that supports the BX standard might be able to get for
    something around ~30 € so all is done and you could go with all routers or firewalls
    you like.

    Edit:
    A MikroTik RB260GS could do this job from the media converter also good and cheap.
    Also a TP-Link TL-SG2210 will be able to do this job without any problems.


  • LAYER 8 Netgate

    You can always use a blank VLAN on a managed switch to convert GBIC to copper. Or a media converter.

    Might be easier and cheaper than SFP in the pfSense node.



  • @rippz:

    As I see it external WiFi access point is the way to go. The thing is all these "Access Points" you can buy nowadays are actually routers with a WiFi interface (at least the non-enterprise hardware). The only thing I found that supports the AC standard is: http://www.broadbandbuyer.co.uk/products/19129-cisco-smb-wap371-e-k9/

    Not sure if this is available where you are but some of the "range extenders" from SOHO hardware manufacturers can function strictly as access points as well.  The  D-Link DAP-1650 http://us.dlink.com/products/access-points-range-extenders-and-bridges/wireless-ac1200-dual-band-gigabit-range-extender/ comes to mind, and includes a switch as well.


Log in to reply