Feedback on potential Gigabit build using C2758

geesu

I've been looking around for a lower power pfSense build which will also be performant enough to give me full WAN gigabit usage (not PPPoE). Today I'm using a Q9300 which gives me full use but on idle it uses is 115 - 130 W, which is terrible.

I have Cincinnati Bell Fioptics which today is giving me roughly 980 down and 250 up. (I pay for 1000/250)

Here is what I'm thinking:

Motherboard: SUPERMICRO MBD-A1SRi-2758F ($340)
Processor: Atom C2758 (embedded in the above mobo)
Case: Supermicro Superchassis Cse-504-203B 200W  1U ($100)
8GB ECC RAM: Kingston 8GB 204-Pin DDR3 SO-DIMM ECC ($47)

These brings me to just shy of $500: $486.97.

I was going to use a 128GB SSD I have sitting around the house.

Anyone have any suggestions? See any potential issues?

And FYI I was inspired by this great thread.

Thanks in advance!

Guest

I would try out 2 x 4 GB ECC or 2 x 8 GB ECC pending on the dual channel mostly and only marginal higher price.

• Enable TRIM support for the SSD
  How to enable TRIM support on pfSense

• high up the mbuf size to 1000000
  available on 8 GB and for sure at 16 GB

• please ensure that the SSD is supporting TRIM

• please give us an information on your WAN throughput without PPPoE please!

• for a nice set up I would be trying at first version 2.2.6 (64Bit) VGA image and do a fresh and full install

• version 2.3.1 (64Bit) could also be tried out but if it produces perhapx failures its better for a more stable set up

Have fun its a great platform as many others reported back.

edwardwong

@geesu:

I've been looking around for a lower power pfSense build which will also be performant enough to give me full WAN gigabit usage (not PPPoE). Today I'm using a Q9300 which gives me full use but on idle it uses is 115 - 130 W, which is terrible.

I have Cincinnati Bell Fioptics which today is giving me roughly 980 down and 250 up. (I pay for 1000/250)

Here is what I'm thinking:

Motherboard: SUPERMICRO MBD-A1SRi-2758F ($340)
Processor: Atom C2758 (embedded in the above mobo)
Case: Supermicro Superchassis Cse-504-203B 200W  1U ($100)
8GB ECC RAM: Kingston 8GB 204-Pin DDR3 SO-DIMM ECC ($47)

These brings me to just shy of $500: $486.97.

I was going to use a 128GB SSD I have sitting around the house.

Anyone have any suggestions? See any potential issues?

And FYI I was inspired by this great thread.

Thanks in advance!

It's more than enough already, I don't see any issue, maybe you can save some money and go for C2358 which is even lower TDP.
Not sure you need features from full install or not (like HAVP), if not I guess you can save the 128G SSD for other purposes and use USB stick to boot.

damir

I am looking into new box for Gigabit which i am getting installed on Friday.

so, this Atom is powerful enough to handle this speed?

Is there any other (smaller) Case you guys would recommend for this mobo?

Thanks

Guest

@NEK4TE

I am looking into new box for Gigabit which i am getting installed on Friday.

Over PPPoE or FTTH/FTTC without PPPoE?
Together with a static IP address or a dynamic one?

so, this Atom is powerful enough to handle this speed?

What do you need really? If your Internet connection is based on using PPPoE only one cpu core will be running
at the WAN interface. And I really think this will be not really delivering 1 GBit/s but if you are not using PPPoE
it could really be that then 1 GBit/s will be delivered.

Is there any other (smaller) Case you guys would recommend for this mobo?

This is also pending on many more circumstances as only one!

• Installed packets
• running services
• offered options in the entire network
• The entire amount of users that are using that network
• Real offered WAN speed (real GB or only nearly GB Internet connection speed)

dgall

If the SUPERMICRO MBD-A1SRi-2758F motherboard will fit in the M350 I may go the route

virgiliomi

The mini-box M350 case works with the A1SRi-2558F motherboard, so I would imagine it would work with the 2758 version too.

Jailer

@virgiliomi:

The mini-box M350 case works with the A1SRi-2558F motherboard, so I would imagine it would work with the 2758 version too.

Physically yes but you may need to add a fan to aid in cooling from the increased heat output of the 8 core CPU on the 2758.

virgiliomi

@Jailer:

@virgiliomi:

The mini-box M350 case works with the A1SRi-2558F motherboard, so I would imagine it would work with the 2758 version too.

Physically yes but you may need to add a fan to aid in cooling from the increased heat output of the 8 core CPU on the 2758.

Which is very much possible. If a SATA-DOM SSD or USB storage will be used, then you can use the included bracket to mount a fan (or two) to. If you'll be using a 2.5" SSD or hard drive, then a second bracket can be ordered to mount the fan(s) to.

AR15USR

I just built exactly this recently. An A1SRi-2758 in a M350 case. Works perfect.

Here's what I used:
SuperMicro A1SRi-2758
16gb Ram (2x8gb sticks)
Samsung EVO 850 120gb SSD
+1 Hard Drive Bracket
2x Evercool 40mm fans

I started out without the fans, but it got past the published operating range of the board, so I added them. Huge difference, now runs at a constant 18-21c and is not very loud at all. For the case I went with the M-350 that includes the power source from the get go, I didn't feel like mucking around with finding one. Only thing I don't like about the case is no LEDs, but thats a personal pref. I'm going to eventually migrate it to a 1U case because I am going that route with all my equipment anyhow..

damir

@BlueKobold:

@NEK4TE

I am looking into new box for Gigabit which i am getting installed on Friday.

Over PPPoE or FTTH/FTTC without PPPoE?
Together with a static IP address or a dynamic one?

so, this Atom is powerful enough to handle this speed?

What do you need really? If your Internet connection is based on using PPPoE only one cpu core will be running
at the WAN interface. And I really think this will be not really delivering 1 GBit/s but if you are not using PPPoE
it could really be that then 1 GBit/s will be delivered.

Is there any other (smaller) Case you guys would recommend for this mobo?

This is also pending on many more circumstances as only one!

• Installed packets
• running services
• offered options in the entire network
• The entire amount of users that are using that network
• Real offered WAN speed (real GB or only nearly GB Internet connection speed)

Service i am getting is Cable, Gigabit (download) and 50mbit (upload).

Right now, i only have iperf/service watch dog installed on my pfSense which is running on Core2Duo CPU E7200 @ 2.53GHz.

I expect to see around 950-970mbit actually ( i think ) from this service.

Not sure if my Core2Duo will be able to handle it, that is why i am already looking into different option.

Thanks

trumee

@AR15USR:

I just built exactly this recently. An A1SRi-2758 in a M350 case. Works perfect.

Here's what I used:
SuperMicro A1SRi-2758
16gb Ram (2x8gb sticks)
Samsung EVO 850 120gb SSD
+1 Hard Drive Bracket
2x Evercool 40mm fans

I started out without the fans, but it got past the published operating range of the board, so I added them. Huge difference, now runs at a constant 18-21c and is not very loud at all. For the case I went with the M-350 that includes the power source from the get go, I didn't feel like mucking around with finding one. Only thing I don't like about the case is no LEDs, but thats a personal pref. I'm going to eventually migrate it to a 1U case because I am going that route with all my equipment anyhow..

I have a similar setup as yours. What 1U chassis are you planning to use? I havent migrated over yet because i think it maybe too noisy.

AR15USR

@trumee:

@AR15USR:

I just built exactly this recently. An A1SRi-2758 in a M350 case. Works perfect.

Here's what I used:
SuperMicro A1SRi-2758
16gb Ram (2x8gb sticks)
Samsung EVO 850 120gb SSD
+1 Hard Drive Bracket
2x Evercool 40mm fans

I started out without the fans, but it got past the published operating range of the board, so I added them. Huge difference, now runs at a constant 18-21c and is not very loud at all. For the case I went with the M-350 that includes the power source from the get go, I didn't feel like mucking around with finding one. Only thing I don't like about the case is no LEDs, but thats a personal pref. I'm going to eventually migrate it to a 1U case because I am going that route with all my equipment anyhow..

I have a similar setup as yours. What 1U chassis are you planning to use? I havent migrated over yet because i think it maybe too noisy.

Haven't really researched it yet, but maybe SuperMicro's 505: https://www.supermicro.com/products/chassis/1u/505/sc505-203.cfm. Looks pretty well ventilated..

damir

That case comes with PSU unit, right? nothing else is needed regarding power for this mobo?

so, it would be this case + that mobo + ram + disk, done? no custom parts / custom power setup, etc?

thnx!

Guest

Right now, i only have iperf/service watch dog installed on my pfSense which is running on Core2Duo CPU E7200 @ 2.53GHz.

Then try it out based on that hardware and if you are not able to archive that needed throughput you are able
to still change it against any other hardware.

I expect to see around 950-970mbit actually ( i think ) from this service.

From 1 GBit/s often or the most users will be able to see 940 MBit/s - 950 MBit/s, but it is a full GBit/s!
Because the TCP/IP overhead must be count on top of this and then the time that is needed for working
over or processing the NAT and firewall rules.

Not sure if my Core2Duo will be able to handle it, that is why i am already looking into different option.

A Intel Core i3 or i5 will do it for you; this would be the edge tech. specs. for what I would looking out for.

• @3.0GHz (core frequ. or turbo)
• 4 Core
• AES-NI

One good board that will be supporting many different CPUs are this two ones here:
– ASUS Q87T
-- Gigabyte Q87TN

• 16 GB RAM
• mini-ITX format
• real PCIe 2.0 x4 slot for add on NICs (single, dual or quad port)
• one mSATA (full) miniPCIe slot and one WiFi (half) miniPCIe slot

Would in my eyes one good way to walk on in your case.

damir

Big thanks for your response and providing additional VERY helpful information.
I appreciate it.

Hardware you just suggested to me, would be more recommended then getting something like:
SUPERMICRO MBD-A1SRi-2758F  as advised in this thread?

iPerf:

[  4] local 192.168.1.1 port 5001 connected with 192.168.1.10 port 10337
[ ID] Interval      Transfer    Bandwidth
[  4]  0.0-10.0 sec  1.09 GBytes  932 Mbits/sec
[  5] local 192.168.1.1 port 5001 connected with 192.168.1.10 port 10342
[  5]  0.0-10.0 sec  1.09 GBytes  933 Mbits/sec
[  4] local 192.168.1.1 port 5001 connected with 192.168.1.10 port 10345
[  4]  0.0-10.0 sec  1.06 GBytes  914 Mbits/sec
[  5] local 192.168.1.1 port 5001 connected with 192.168.1.10 port 10353
[  5]  0.0-10.0 sec  1.07 GBytes  921 Mbits/sec
[  4] local 192.168.1.1 port 5001 connected with 192.168.1.10 port 10356
[  4]  0.0-10.0 sec  1.05 GBytes  905 Mbits/sec
[  5] local 192.168.1.1 port 5001 connected with 192.168.1.10 port 10366
[  5]  0.0-10.0 sec  1.07 GBytes  916 Mbits/sec

edwardwong

Maybe you should try to do WAN-LAN NAT throughput test? From your test the pfSense box virtually did nothing.

PC1 (WAN) –- pfSense Box NAT -- PC2 (LAN)
I did that with my Celeron N2930 + 4 x Intel i210AT and the result is great.

AR15USR

@NEK4TE:

That case comes with PSU unit, right? nothing else is needed regarding power for this mobo?

so, it would be this case + that mobo + ram + disk, done? no custom parts / custom power setup, etc?

thnx!

If you are referring to the M350 it only comes with the PSU if you get that version.

damir

@edwardwong:

Maybe you should try to do WAN-LAN NAT throughput test? From your test the pfSense box virtually did nothing.

PC1 (WAN) –- pfSense Box NAT -- PC2 (LAN)
I did that with my Celeron N2930 + 4 x Intel i210AT and the result is great.

::) i think i better wait for Friday, and see what the throughput is, so i dont break something :)

damir

@AR15USR:

@NEK4TE:

That case comes with PSU unit, right? nothing else is needed regarding power for this mobo?

so, it would be this case + that mobo + ram + disk, done? no custom parts / custom power setup, etc?

thnx!

If you are referring to the M350 it only comes with the PSU if you get that version.

yes sir, and thank you

AR15USR

@NEK4TE:

@AR15USR:

@NEK4TE:

That case comes with PSU unit, right? nothing else is needed regarding power for this mobo?

so, it would be this case + that mobo + ram + disk, done? no custom parts / custom power setup, etc?

thnx!

If you are referring to the M350 it only comes with the PSU if you get that version.

yes sir, and thank you

You will need the extra HD bracket and the fans to mount to it. Depending on what HDD you get you might need a cable for it.

Have a read at this thread: https://forum.pfsense.org/index.php?topic=94399.0

If you are getting the 1U case in your original post list, you need to look at the bottom of this page to order the specific items you need for your setup:

https://www.supermicro.com/products/chassis/1u/504/sc504-203.cfm

damir

Thank you!

sirklezero

@AR15USR:

I just built exactly this recently. An A1SRi-2758 in a M350 case. Works perfect.

Here's what I used:
SuperMicro A1SRi-2758
16gb Ram (2x8gb sticks)
Samsung EVO 850 120gb SSD
+1 Hard Drive Bracket
2x Evercool 40mm fans

I started out without the fans, but it got past the published operating range of the board, so I added them. Huge difference, now runs at a constant 18-21c and is not very loud at all. For the case I went with the M-350 that includes the power source from the get go, I didn't feel like mucking around with finding one. Only thing I don't like about the case is no LEDs, but thats a personal pref. I'm going to eventually migrate it to a 1U case because I am going that route with all my equipment anyhow..

I'll second this. I have a similar configuration, except I went with a mechanical drive rather than an SSD and I'm running two of the Noise Blocker XM2 fans. My box is in a coat closet in my house and gets almost no actual circulation and was running at about 60c without fans and about 32c with the two XM2 fans. So far it seems to be a pretty nice setup.

damir

Guys, how about something like this:
http://www.supermicro.com/products/system/Mini-ITX/1018/SYS-1018L-MP.cfm

I am trying to figure out (i might be blind) if this comes with PSU/power?

Which i3 would you recommend?

(To remind) i am looking into setup for Gigabit internet.

Thanks!

Zaphon

@edwardwong:

It's more than enough already, I don't see any issue, maybe you can save some money and go for C2358 which is even lower TDP.
Not sure you need features from full install or not (like HAVP), if not I guess you can save the 128G SSD for other purposes and use USB stick to boot.

FYI, for anyone actually interested.  I have Gigabit (both at my office and home, the full 1000Mbit up/down fiber kind too), and I have found that if you're going to use the Atom's, you have to get the C2758.  As the C2358 caps out around 600Mbit (I have another post around here from a year ago or two about it).  I don't have a C2558 so haven't been able to test it, but in theory it should be able to.  The reason being is I found with pfSense 2.3 (since I had to disable SMP), that it's not the number of cores that have any effect what so ever on how fast it can go, but rather the clock speed.  So the 2.4Ghz C2758 vs the 1.7Ghz C2358 is the actual factor to getting Gigabit.  And I believe the C2558 is also 2.4Ghz (just half the cores/half the cache)..

However, in reality, I found it much cheaper to just buy a cheap PC which has zero issues with Gigabit.  I bought an open box special Dell from Best Buy for $200 that has a dual core AMD @ 2.8Ghz and I put in a dual Intel Gigabit NIC and I have zero issues with Gigabit speeds, and my net cost was a fraction of what I paid for my C2358 pfSense box (Netgate) and C2758 based SuperMicro system (1U case + motherboard, RAM and SSD).  Yes I use a bit more power than the C2758, but at the cost savings it will take a long time to make up the difference.

edwardwong

@Zaphon:

@edwardwong:

It's more than enough already, I don't see any issue, maybe you can save some money and go for C2358 which is even lower TDP.
Not sure you need features from full install or not (like HAVP), if not I guess you can save the 128G SSD for other purposes and use USB stick to boot.

FYI, for anyone actually interested.  I have Gigabit (both at my office and home, the full 1000Mbit up/down fiber kind too), and I have found that if you're going to use the Atom's, you have to get the C2758.  As the C2358 caps out around 600Mbit (I have another post around here from a year ago or two about it).  I don't have a C2558 so haven't been able to test it, but in theory it should be able to.  The reason being is I found with pfSense 2.3 (since I had to disable SMP), that it's not the number of cores that have any effect what so ever on how fast it can go, but rather the clock speed.  So the 2.4Ghz C2758 vs the 1.7Ghz C2358 is the actual factor to getting Gigabit.  And I believe the C2558 is also 2.4Ghz (just half the cores/half the cache)..

However, in reality, I found it much cheaper to just buy a cheap PC which has zero issues with Gigabit.  I bought an open box special Dell from Best Buy for $200 that has a dual core AMD @ 2.8Ghz and I put in a dual Intel Gigabit NIC and I have zero issues with Gigabit speeds, and my net cost was a fraction of what I paid for my C2358 pfSense box (Netgate) and C2758 based SuperMicro system (1U case + motherboard, RAM and SSD).  Yes I use a bit more power than the C2758, but at the cost savings it will take a long time to make up the difference.

I have 1000M up/down FTTH at home as well, 1 year ago I was using Intel 1037U, a 1.8GHz dual-core processor, and did a iperf test with 940Mbps NAT throughput. Now I am using N2930, a 1.83GHz quad-core processor (w/burst 2.16GHz), also handling the 1G speed very well. I couldn't believe why the C2358 is unable to handle this, may I know how you test it? From the above I saw that you need to disable SMP (which is required to improve pf's performance), why?

Zaphon

@edwardwong:

@Zaphon:

@edwardwong:

It's more than enough already, I don't see any issue, maybe you can save some money and go for C2358 which is even lower TDP.
Not sure you need features from full install or not (like HAVP), if not I guess you can save the 128G SSD for other purposes and use USB stick to boot.

FYI, for anyone actually interested.  I have Gigabit (both at my office and home, the full 1000Mbit up/down fiber kind too), and I have found that if you're going to use the Atom's, you have to get the C2758.  As the C2358 caps out around 600Mbit (I have another post around here from a year ago or two about it).  I don't have a C2558 so haven't been able to test it, but in theory it should be able to.  The reason being is I found with pfSense 2.3 (since I had to disable SMP), that it's not the number of cores that have any effect what so ever on how fast it can go, but rather the clock speed.  So the 2.4Ghz C2758 vs the 1.7Ghz C2358 is the actual factor to getting Gigabit.  And I believe the C2558 is also 2.4Ghz (just half the cores/half the cache)..

However, in reality, I found it much cheaper to just buy a cheap PC which has zero issues with Gigabit.  I bought an open box special Dell from Best Buy for $200 that has a dual core AMD @ 2.8Ghz and I put in a dual Intel Gigabit NIC and I have zero issues with Gigabit speeds, and my net cost was a fraction of what I paid for my C2358 pfSense box (Netgate) and C2758 based SuperMicro system (1U case + motherboard, RAM and SSD).  Yes I use a bit more power than the C2758, but at the cost savings it will take a long time to make up the difference.

I have 1000M up/down FTTH at home as well, 1 year ago I was using Intel 1037U, a 1.8GHz dual-core processor, and did a iperf test with 940Mbps NAT throughput. Now I am using N2930, a 1.83GHz quad-core processor (w/burst 2.16GHz), also handling the 1G speed very well. I couldn't believe why the C2358 is unable to handle this, may I know how you test it? From the above I saw that you need to disable SMP (which is required to improve pf's performance), why?

I did my testing a year ago when I purchased one of the pfSense branded Netgate Boxes with a C2358 in it.  The testing was done out of the box with FreeBSD machines plugged in on the WAN and LAN ports, using iPerf and iPerf3 (so single stream and dual stream testing).  On the C2358 it literally caps out at 600Mbit (interrupts are pegging a single CPU as described).  This box had 4 x igb interfaces on it.  On my C2758 with the same test (it also has 4 x igb interfaces), it's 960+Mbit and the CPU doesn't fully peg out (so could actually go a bit higher).  None of this was done with Jumbo MTU or any of the other things you can do to lighten the load, as I wanted to simulate true internet traffic.  On my AMD at home, I have also performed the same test, with similar results.  CPU isn't pegged, no problems pushing 960+Mbit..

As for the disabling of SMP, it's a bug in 2.3 when dealing with IPSec tunnels (https://redmine.pfsense.org/issues/6296).  And since I have 4 pfSense boxes in 4 locations connected via IPSec tunnels, it affects me.  The current solution is to disable SMP (so all 4 boxes are running with a single CPU effectively)..

edwardwong

@Zaphon:

I did my testing a year ago when I purchased one of the pfSense branded Netgate Boxes with a C2358 in it.  The testing was done out of the box with FreeBSD machines plugged in on the WAN and LAN ports, using iPerf and iPerf3 (so single stream and dual stream testing).  On the C2358 it literally caps out at 600Mbit (interrupts are pegging a single CPU as described).  This box had 4 x igb interfaces on it.  On my C2758 with the same test (it also has 4 x igb interfaces), it's 960+Mbit and the CPU doesn't fully peg out (so could actually go a bit higher).  None of this was done with Jumbo MTU or any of the other things you can do to lighten the load, as I wanted to simulate true internet traffic.  On my AMD at home, I have also performed the same test, with similar results.  CPU isn't pegged, no problems pushing 960+Mbit..

As for the disabling of SMP, it's a bug in 2.3 when dealing with IPSec tunnels (https://redmine.pfsense.org/issues/6296).  And since I have 4 pfSense boxes in 4 locations connected via IPSec tunnels, it affects me.  The current solution is to disable SMP (so all 4 boxes are running with a single CPU effectively)..

So it's something more or less a bug on pfSense, not the hardware itself. But you can also take a look to my build a month ago with N2930, with bidirectional iperf test (with 1 macbook as WAN and another macbook as LAN client) my CPU is at about 50-60% load only, still leaving plenty of processing power for other purposes.

For the bug you listed, did you try out what's being mentioned in the comment? On my system I disabled all and seems not seeing any problem, but I can try out again to verify if problem persist after disabling all offloading options.

Zaphon

@edwardwong:

So it's something more or less a bug on pfSense, not the hardware itself. But you can also take a look to my build a month ago with N2930, with bidirectional iperf test (with 1 macbook as WAN and another macbook as LAN client) my CPU is at about 50-60% load only, still leaving plenty of processing power for other purposes.

For the bug you listed, did you try out what's being mentioned in the comment? On my system I disabled all and seems not seeing any problem, but I can try out again to verify if problem persist after disabling all offloading options.

I saw that post, and I've thought about it.  But right now I'm just in a holding pattern as I don't want to have another outage (I upgraded and ended up with an outage during business hours)..  So for now, the boxes are working just fine with 1 CPU (they basically just do basic NAT + IPSec to the other locations, so not really taxed at all).

I will take a look at your build as well.  As I do hate the stupid dell I have at home, it's a brick and due to it's age it's also probably not the most power efficient.

damir

Just got my service installed today, Core2Duo is running this thing just fine with 30-40% CPU load

Area is still under upgrade, upload / download will be a bit higher.

So far, happy, no need to upgrade :)

Thanks all for your input/help.