Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




111 posts

Master Geek


# 205094 29-Oct-2016 12:59
Send private message

Hi All, 

 

 

 

I am looking at building a pf sense box for use on the Vodafone Fiberx network. I am wanting the wan to be capable of 1gbps and all lan ports will of cause be 1gbps. 

 

Any recommendations on hardware? I already have a spare 60GB SSD I can use for the build. 

 

 

 

thanks in advance


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4 | 5
2591 posts

Uber Geek

Trusted
Lifetime subscriber

  # 1660393 29-Oct-2016 13:14
One person supports this post
Send private message

I recommend trying the old or spare hardware you have before buying (unless unsuitable for some reason). Any intel CPU under 8 years old should be more than capable with PCIe slots.




"4 wheels move the body.  2 wheels move the soul."

“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams



111 posts

Master Geek


  # 1660398 29-Oct-2016 13:17
Send private message

the old old hardware I have is a video card (useless for this) and a ssd.


 
 
 
 


2591 posts

Uber Geek

Trusted
Lifetime subscriber

  # 1660400 29-Oct-2016 13:19
Send private message

lol that would be a limiting factor. What part of the country are you in?




"4 wheels move the body.  2 wheels move the soul."

“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams



111 posts

Master Geek


  # 1660402 29-Oct-2016 13:21
Send private message

Im in Wellington


3481 posts

Uber Geek

Trusted

  # 1660411 29-Oct-2016 13:35
One person supports this post
Send private message

Sure there are some people there with old hardware they could give you. Could give you something if you were in Auckland :S








111 posts

Master Geek


  # 1660418 29-Oct-2016 14:04
Send private message

Zeon:

 

Sure there are some people there with old hardware they could give you. Could give you something if you were in Auckland :S

 

 

 

 

Im more then happy to purchase or even accept free second hand hardware as long as its capable of gigabit wan. from my understanding just about any old dual core and a decent nic can provide this.

 

If I was looking at new i have estimated around $400 


370 posts

Ultimate Geek


  # 1660421 29-Oct-2016 14:08
Send private message

Dynamic: I recommend trying the old or spare hardware you have before buying (unless unsuitable for some reason). Any intel CPU under 8 years old should be more than capable with PCIe slots.

 

I would say an Intel i3 CPU and 4GB RAM.

 

For networking, forget any onboard network interface and go with a server class Intel dual (or quad) port NIC - note, the NIC must support the "em" FreeBSD Intel network driver.


 
 
 
 


919 posts

Ultimate Geek

Subscriber

  # 1660453 29-Oct-2016 15:41
One person supports this post
Send private message

I have one of these on my way to me at the moment from Aliexpress.

 

I'm running of the older ones with pfsense at the moment and it does a decent job but I'm going to move that over to be my HTPC. There's some testing of it on Arstechnica here (my current one is similar to the Homebrew v1).


Mr Snotty
8764 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1660476 29-Oct-2016 15:48
Send private message

How about This?

 

Reviews say it is capable to do Gigabit WAN and is quite cheap. Will use less power than a PC build.

 

Edit: @meesham bet me to it.





616 posts

Ultimate Geek


  # 1660510 29-Oct-2016 16:09
Send private message

We're running pfSense off an old Core 2 Quad system with 4 GB RAM. It has one integrated Ethernet adapter and one PCIe add-on Ethernet adapter.

 

We're interested to see how it performs on gigabit come Monday. Wondering how it'll compare to the router that Vodafone will provide.






2120 posts

Uber Geek


  # 1660513 29-Oct-2016 16:11
One person supports this post
Send private message

I have just done the same, except instead I went with a Server 2016 build with a Sophos UTM9 Firewall VM sitting on top of it.

 

The Sophos UTM is a great firewall/router OS for x86/x64.  It's free and really user friendly.

 

I spent a lot of time reseaching the right Celeron board that would be up to the task of Gigabit UFB I get installed on monday coming.

 

I had a some criteria. 

 

1. It needed to be low power - this was going to be running all day and night and I didn't want to both pay for expensive fibre, and an expensive power bill.

 

2. The platform needed to have at least 2x PCI-E 4X or 8X or 16X as I have a 4 port I350-T4 4 port Intel Nic I wanted to use, and for below, a 2x4 Mini SAS RAID CARD

 

3. It needed to support virtualisation so I was able to have both a Windows OS and a router OS sitting on the box.  Windows for an old billing application I use and to be a NAS for the home. 

 

4. It needed to be cheaper than buying a router, and a empty NAS.

 

I ended up not being able to find a Celeron board that suited my needs, none had that many PCI express slots nor an alternative like Dual INTEL Nics or RAID on motherboard. I also wanted to build it on labour weekend as a bit of a project so it being in stock was also required.

 

I ended up seeing what I could do around pricing for a Skylake platform. Interestingly you could buy a B150M motherboard and Pentium G4400 for less than the top tier Celeron board in stock (N3710) but you would get many more features.

 

So...

 

I put together a very low end Skylake build

 

Intel G4400 3.3Ghz dual core (includes crappy box cooler that is fine for this job)

 

Asrock B150 Pro4/Hyper

 

2x 4GB DDR4 2133Mhz

 

120GB Kingston SSD

 

Crapp4 400W PSU

 

Even Crappier mATX Case.

 

4x Seagate Baracuda 2TB 7200RPM HDD's

 

I added to this with my own

 

Intel I350-T4 off Ebay

 

Intel 2x4 port mini sas pci-e card off ebay + mini sas to 4 sata break out cable.

 

This has all gone together quite nicely.  I am still using VDSL at the moment, but getting the Sophos up and running is a breeze, there is a little bit of learning how to get the nat working and there is no UPNP so you need to manually allow ports outgoing.

 

It's installed in my cupboard now, my fibre install is on Monday so with some configuration I will be able to give you some stats. I have also ordered two 10Gbit Mellanox ConnectX-2 Nics that I will use between this and my workstation for that 10000Mbps love.

 

 

 

 

 

 

 

 

 


616 posts

Ultimate Geek


  # 1660519 29-Oct-2016 16:26
Send private message

@macuser: That's a beautiful system! How's pfSense been treating you in a mixed environment like that? I like running it on bare metal with nothing else, but we had it integrated into another server system momentarily. We found it to be messy and higher-maintenance, but it was nice only needing to worry about one box.






2120 posts

Uber Geek


  # 1660526 29-Oct-2016 16:43
Send private message

Kodiack:

 

@macuser: That's a beautiful system! How's pfSense been treating you in a mixed environment like that? I like running it on bare metal with nothing else, but we had it integrated into another server system momentarily. We found it to be messy and higher-maintenance, but it was nice only needing to worry about one box.

 

 

It's actually running Sophos UTM 9 which I am trialing vs PfSense.  If UTM wont allow me to get the throughput numbers I may switch to PFSense.


44 posts

Geek


  # 1660531 29-Oct-2016 16:47
Send private message

I got one of the 4 port Qotom mini pc so same spec with 4g ram it did wire speed @L1 between routed ports @1500 bytes around mid to late 800m @512 bytes. I'm using vyos on it testing between a couple of jdsus. Single iperf tcp stream is what I'd expect @around 940m. So seem like an OK option I did read somewhere the power supplies might be suspect but so far so good and easy replaced. Nice compact unit did get better performance out of it when I took it home and connected it in place of my home router on 100m connection.



111 posts

Master Geek


  # 1660576 29-Oct-2016 17:51
Send private message

macuser:

 

I have just done the same, except instead I went with a Server 2016 build with a Sophos UTM9 Firewall VM sitting on top of it.

 

The Sophos UTM is a great firewall/router OS for x86/x64.  It's free and really user friendly.

 

I spent a lot of time reseaching the right Celeron board that would be up to the task of Gigabit UFB I get installed on monday coming.

 

I had a some criteria. 

 

1. It needed to be low power - this was going to be running all day and night and I didn't want to both pay for expensive fibre, and an expensive power bill.

 

2. The platform needed to have at least 2x PCI-E 4X or 8X or 16X as I have a 4 port I350-T4 4 port Intel Nic I wanted to use, and for below, a 2x4 Mini SAS RAID CARD

 

3. It needed to support virtualisation so I was able to have both a Windows OS and a router OS sitting on the box.  Windows for an old billing application I use and to be a NAS for the home. 

 

4. It needed to be cheaper than buying a router, and a empty NAS.

 

I ended up not being able to find a Celeron board that suited my needs, none had that many PCI express slots nor an alternative like Dual INTEL Nics or RAID on motherboard. I also wanted to build it on labour weekend as a bit of a project so it being in stock was also required.

 

I ended up seeing what I could do around pricing for a Skylake platform. Interestingly you could buy a B150M motherboard and Pentium G4400 for less than the top tier Celeron board in stock (N3710) but you would get many more features.

 

So...

 

I put together a very low end Skylake build

 

Intel G4400 3.3Ghz dual core (includes crappy box cooler that is fine for this job)

 

Asrock B150 Pro4/Hyper

 

2x 4GB DDR4 2133Mhz

 

120GB Kingston SSD

 

Crapp4 400W PSU

 

Even Crappier mATX Case.

 

4x Seagate Baracuda 2TB 7200RPM HDD's

 

I added to this with my own

 

Intel I350-T4 off Ebay

 

Intel 2x4 port mini sas pci-e card off ebay + mini sas to 4 sata break out cable.

 

This has all gone together quite nicely.  I am still using VDSL at the moment, but getting the Sophos up and running is a breeze, there is a little bit of learning how to get the nat working and there is no UPNP so you need to manually allow ports outgoing.

 

It's installed in my cupboard now, my fibre install is on Monday so with some configuration I will be able to give you some stats. I have also ordered two 10Gbit Mellanox ConnectX-2 Nics that I will use between this and my workstation for that 10000Mbps love.

 

 

 

 

 

 

 

 

 

 

 

 

 

Thanks for all of that info, that is an awesome setup. Are you confident this will max a gigabit wan? 

 

 

 

EDIT: Would something like this out perform an edge router lite? 


 1 | 2 | 3 | 4 | 5
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Intel expands 10th Gen Intel Core Mobile processor family
Posted 23-Aug-2019 10:22


Digital innovation drives new investment provider
Posted 23-Aug-2019 08:29


Catalyst Cloud becomes a Kubernetes Certified Service Provider (KCSP)
Posted 23-Aug-2019 08:21


New AI legaltech product launched in New Zealand
Posted 21-Aug-2019 17:01


Yubico launches first Lightning-compatible security key, the YubiKey 5Ci
Posted 21-Aug-2019 16:46


Disney+ streaming service confirmed launch in New Zealand
Posted 20-Aug-2019 09:29


Industry plan could create a billion dollar interactive games sector
Posted 19-Aug-2019 20:41


Personal cyber insurance a New Zealand first
Posted 19-Aug-2019 20:26


University of Waikato launches space for esports
Posted 19-Aug-2019 20:20


D-Link ANZ expands mydlink ecosystem with new mydlink Mini Wi-Fi Smart Plug
Posted 19-Aug-2019 20:14


Kiwi workers still falling victim to old cyber tricks
Posted 12-Aug-2019 20:47


Lightning Lab GovTech launches 2019 programme
Posted 12-Aug-2019 20:41


Epson launches portable laser projector
Posted 12-Aug-2019 20:27


Huawei launches new distributed HarmonyOS
Posted 12-Aug-2019 20:20


Lenovo introduces single-socket servers for edge and data-intensive workloads
Posted 9-Aug-2019 21:26



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.