Some recommendations/thoughts on these parts?



  • Hey guys,

    I'm really new here, just joined today. I've seen tons of pfSense build's on the web lately and I really want to get into it. Mainly for 2 reasons, a better higher performance router with more features than a standard router, as well as being more secure, one of the features that is key to me is the VPN. I managed to use TomatoUSB on a netgear router at one point though it was highly unstable, for the time that it worked, having my VPN installed on the router made life easier. I live in the middle east and prefer to browse as if I'm in the UK, I don't want to have to turn the VPN on for all my devices, I'd rather install it and forget it. For reference, OpenVPN would likely be my choice, or L2TP as I'm aware they affect the performance I'd get varying on hardware.

    As for the hardware:
    I have an old PC which at one point in its life was a nippy computer, it still holds its own, served as a basic file server for a while but gets no use now so would rather give it a second chance as a beefy router.

    It's specs currently:
    CPU: Intel Pentium E5400 (Dual Core 2.7Ghz, LGA 775)
    RAM: 3GB DDR2
    Motherboard: DG41TY
    PSU: Corsair VS450
    Case: Random coolermaster case, If I can I want to move this build into a rackmount chasis but I am not sure, based on the cooler. I can't find a good cooling solution for socket 775 CPU's in racks, I'm unsure if they will suffice at cooling the CPU enough aswell. Thoughts?
    NIC: Possibly an Intel Gigabit PRO 1000CT PCIe however I'm not sure if I will need a dual port one as the onboard one might be trash for a pfSense build?

    Let me know what you guys think, I'd love some help here.

    Note: I'll be using a network switch for all the other devices so I only really need 2 ports on the build, for incoming and outgoing.

    Thanks in advanced guys,



  • That sounds like a great start.  You didn't mention what your internet connection is, but even Realtek NICs should be good for all but 1Gbps connections.  The server class NICs are better in that they do their job while using fewer CPU resources, but any modern NIC will be fine for a sub 1Gbps home build.  All your other hardware will be fine for nearly any residential use.



  • @whosmatt:

    That sounds like a great start.  You didn't mention what your internet connection is, but even Realtek NICs should be good for all but 1Gbps connections.  The server class NICs are better in that they do their job while using fewer CPU resources, but any modern NIC will be fine for a sub 1Gbps home build.  All your other hardware will be fine for nearly any residential use.

    Thanks,

    I simply want a good router with a bit more security and robustness from a standard consumer netgear or linksys router, I came to the conclusion even with my outdated PC, at dual core 2.7GHz and 3GB of RAM, it has to be better than an off the shelf consumer router with a 500Mhz processor and 150MB ram, surely? I just want to ensure I don't bottlecap my internet speeds even when running a VPN on the router. Currently I'm confident since my internet barely gets above 30Mbps down and 4Mbps up, however I plan on moving soon and I should be hoping to get 150-200Mbps down so I dont want a router being my bottleneck. Hopefully my old system can handle it whilst encrypting my traffic through a VPN. I will likely have very few other pfSense features turned on. What do you think?

    I was looking at grabbing an Intel NIC simply because so many people have said they're much better and have no compatibility issues with pfSense, hopefully the onboard ethernet port is compatible, that's one of my main concerns, I don't really want to waste money on a single port NIC and then realize I need a dual port one because the onboard port isn't working with pfSense. Does anybody know if my DG41TY will work? Or should I get a dual port NIC? If thats the case any recommendations? As i've stated previously, Im not after full gigabit speeds, I just dont want to bottleneck my download speeds and future proof myself when I get fiber (200 down) so maybe a cheaper dual port gigabit NIC will suffice.

    Also last question, HDD, SSD or USB?
    I have an old HDD I can use, I also have some USB's I can use. I was also looking at grabbing a small SSD, 32 or 64GB and running pfSense off that. What's the recommendation here?



  • Also last question, HDD, SSD or USB?
    I have an old HDD I can use, I also have some USB's I can use.

    • Use the HDD if you prefer a full install
      Testing out things, installing more packets, much playing around with settings and so on
    • Use the USB pen drive for NanoBSD (embedded) installation
      If you don´t do the named things in the above line and you might be setting it up and let it run
    • SSD, mSATA or SATA-DOM if you would use Squid as a caching proxy and ClamAV & HAVP.
      Should be speeding up much things as named in the line above, for a smooth and liquid acting pfSense

    I was also looking at grabbing a small SSD, 32 or 64GB and running pfSense off that. What's the recommendation here?

    Rule of thumb estimate!

    • 16 GB mSATA firewall only
    • 32 GB mSATA firewall & Snort
    • 64 Gb mSATA firewall & Snort & Squid & ClamAV
      Higher amount of GB for more users, services, used functions or offered options.


  • @BlueKobold:

    Also last question, HDD, SSD or USB?
    I have an old HDD I can use, I also have some USB's I can use.

    • Use the HDD if you prefer a full install
      Testing out things, installing more packets, much playing around with settings and so on
    • Use the USB pen drive for NanoBSD (embedded) installation
      If you don´t do the named things in the above line and you might be setting it up and let it run
    • SSD, mSATA or SATA-DOM if you would use Squid as a caching proxy and ClamAV & HAVP.
      Should be speeding up much things as named in the line above, for a smooth and liquid acting pfSense

    I was also looking at grabbing a small SSD, 32 or 64GB and running pfSense off that. What's the recommendation here?

    Rule of thumb estimate!

    • 16 GB mSATA firewall only
    • 32 GB mSATA firewall & Snort
    • 64 Gb mSATA firewall & Snort & Squid & ClamAV
      Higher amount of GB for more users, services, used functions or offered options.

    Thank you very much BlueKobold for the detailed response and your advice!

    I think I shall look into pricing up a 64GB SSD for future use but may try everything out on the hard drive, its an old one so I don't really mind if I ruin it haha.

    So storage is confirmed, everything is confirmed except NIC.

    Intel or not Intel?
    Single port or dual port?
    Those are the unanswered questions haha.

    I am hoping the built in ethernet port on the DG41TY motherboard will work, does anybody know if it will? If so then I can get away with just buying a single port NIC, unless there are some good dual port ones out there for a reasonable price? Then I'll just cut straight to one of those.

    Thanks for your help guys, fantastic community here!



  • Intel or not Intel?
    Single port or dual port?
    Those are the unanswered questions haha.

    I don´t know from where you are (country) but a original refurbished intel Quad Port server adapter
    is able to get over Amazon.com for round about ~$60. Then you might be able to set up 4 Ports and
    all is fine. An Intel Dual Port Server adapter might be much cheaper to get your hands on, it all depends
    on what kind of set up you are driving or how many ports you will need. WAN, DMZ, LAN or only WAN &
    LAN I would suggest to get the board and have then a closer look on this thing.



  • @BlueKobold:

    Intel or not Intel?
    Single port or dual port?
    Those are the unanswered questions haha.

    I don´t know from where you are (country) but a original refurbished intel Quad Port server adapter
    is able to get over Amazon.com for round about ~$60. Then you might be able to set up 4 Ports and
    all is fine. An Intel Dual Port Server adapter might be much cheaper to get your hands on, it all depends
    on what kind of set up you are driving or how many ports you will need. WAN, DMZ, LAN or only WAN &
    LAN I would suggest to get the board and have then a closer look on this thing.

    Do you mind linking me to one?

    I am really only after 2 ports on the device, so I can plug my 4G receiver into the router to give it internet, and then another port to go to an 8 or 16 port switch (not decided yet) to provide internet connectivity to all my devices.

    I would go for a single port NIC but I'm unsure about the on-board Ethernet port, It might be better to grab a dual port NIC.

    Im always skeptical about buying these cheaper ones off Amazon.com as I'm worried they'll be cheap knock-offs or fakes, or broken.

    I live in the middle east currently, though I have a reship address in the US and the UK and a few other places, so i regularly order from amazon.com so If you spot a good one, if you don't mind sharing it with me that'd be fantastic!



  • Intel PRO/1000 Pt Dual Port Server Adapter ~$45
    Seller: Bets Part Inc.

    Intel EXPI9402PTBLK PRO/1000 PT Dual Port Server Adapter - Network adapter - PCI Express x4 ~$25
    Seller: AMTECH

    Intel PRO/1000 PT Dual Port Server Adapter - network adapter - 2 ports (EXPI9402PTBLK) ~$75
    Seller: Digicom Technology LLC.

    Intel EXPI9404PTLBLK-1PK PRO/1000PT 4PORT - OEM SINGLE 10/100/1000 GBE PCIE LP QUAD NIC ~$56
    Seller: AMTECH

    The last one would be my choice to go for pfSense, with 4 Ports and to this adequate price no problem!

    Cheap knock offs you will be able to get from everywhere, also fakes can be sold everywhere, but the RMA
    policy from Amazon.com is better then the one from eBay as I see it right!


Log in to reply