Budget PFsense build questions

LowSpecActionSquad · November 24, 2020, 11:25pm

I have three questions below, but first I’ll provide context.

I’m no stranger to PFsense, but I’ve never used it outside of a lab environment. So, I’ve never actually seen it’s performance in real-world scenarios on real world hardware. In my lab, it’s almost always on a Poweredge 1950 or on a equivalent Supermicro chassis, with two quad core xeons and 8 to 16 gigs of ram. I know it doesn’t require that much, but for my labs, it just isn’t worth the time to DOWNGRADE my gear just to try out PFsense for a few weeks at a time before moving on to another config.

I was forced to consider PFsense for my actual home router when my ISP decided to screw me over. My rental router/modem combo unit broke and they refused to fix or replace it, and even had the gall to try and claim it wasn’t broken and I didn’t know what I was talking about. So, here we are.

I immediately went out and got a used modem for $10 , and slapped together an antique Pentium 4 630 computer just as a temporary “I need internet NOW” machine from parts I had lying around, and… it worked! I was happy with it, except for two things. One was the fact that it’s a full tower desktop, and really inconvenient to have sitting on my desk next to my main PC. Second, it only had 10/100 ethernet ports. So, I decided to build a rackmount server that I could install in my short-depth network cabinet. My budget for this was… nonexistent… so I based my build mostly around parts I already had on hand, to keep new purchases to a minimum.

Here is where my questions begin.

I was already sus of the capabilities of the P4 630, so I decided to upgrade. The ITX board I picked up for $15 is 775 and I was planning on installing an e4600. I suspect that is plenty fine for a basic home router, I mean, I don’t even get gigabit from my ISP (I pay $140 a month for 200 down and 30 up). Is an e4600 fine, or should I upgrade to a q6600?

Second, I was really limited on RAM options. I have some low-profile DDR2, but only in 1-gig capacity, and the motherboard only has 2 slots. 2 gigs should be enough, right?

Lastly, I planned on using an ancient 32-gig SATA II SSD that I have lying around from an old Win XP computer… I know it’s enough for PFsense, but will I get any benefits from switching to faster storage? I wouldn’t imagine I’d get any benefit at all, but I don’t know that for sure. I’m familiar with PFsense, but I’m no expert and I can’t find definitive answers for these questions.

misiektw · November 24, 2020, 11:56pm

It should be fine up to 1GB, depends what you want to do beside routing packets. You could find things to bring it down I suppose.
I have symmetric 100Mb for 30 users on Athlon x4 virtualized, and it doesn’t even break a sweat. It is Slack on Debian, but I don’t see why PFsense should be any worse.

Not really, like with routing.

Here’s an idea. Since you seem to already have everything you need, why don’t you just run it and see for yourself. Better yet report how it went

LowSpecActionSquad · November 25, 2020, 12:14am

Sounds like a plan! I haven’t built it yet as I am still waiting for things to arrive. The biggest reason I wanted to ask these questions is because getting things in and out of my rack is a pain due to it’s location, I just didn’t want to get everything built and installed only to have to tear everything apart and do it again. I didn’t want to waste my only q6600 on the build if I didn’t have to, but I also didn’t want to install the e4600 only to disciver it wasn’t good enough. I’ll report back next week once all the parts arrive! (assuming they are all on time!)

misiektw · November 25, 2020, 12:53am

It’s common misconception that router has to be in rack in order to route packets.
In my experience it’s totally not true, you can hang it from ceiling even, it will be fine

Of course after that, if it works, put it in the rack.

Good luck

LowSpecActionSquad · November 25, 2020, 2:50am

I know it doesn’t have to be in one, but it’s really inconvenient to have a second ATX full tower on my desk It would also be more convenient to have it closer to my switches

LowSpecActionSquad · December 11, 2020, 5:00am

I finally got all the parts in (the PCI flexible riser cable I ordered got delayed AND my Dynatron 1U CPU cooler was faulty and I had to wait for another).

Here are the results of this little experiment:

1 gig of RAM was just barely enough, I should have put more in. It was fine with the first two computers, sitting around 20%. However, after adding in the rest of my network, it sits at about 70% used and will likely only get higher as time goes on. I should have done 2 gigs.

The CPU was fine, it seems to sit around 10 to 15% usage with everything more or less at idle, though I have seem spikes up to 25-30%. What really sucks is how PFsense cannot read the thermal sensors in the CPU. I would really like to know how hot the CPU gets in that stifled little 1U case with it’s terrible airflow, in my hotbox of a network rack…

The Ethernet card I wanted to use didn’t work, which surprised me because it was an Intel card, I thought PFsense was excellent with Intel cards. I swapped to a Realtek card and it works now. (Sucks though because the Intel card was dual-port and the Realtek is only single port). The intel card tests fine in Linux (CentOS 7) and Windows (7 and 10)

I didn’t test much of anything else, but I did notice I’m not getting as high bandwidth as I anticipated. Locally I can hit about 890 Mbps, where as before I could hit 943 Mbps on the regular. I’m unsure if this is due to the Realtek card or not, I’ve only ever experienced this before with Broadcom hardware (“10” gig only hitting 7.9 gig for example while my Intel 10-gig can hit 9.4 gig)

risk · December 11, 2020, 7:43am

You can try booting Linux for a quick test. (compare ram usage and performance). If Debian and ssh sound scary there’s a “combined ext4” build of openwrt, see here:
https://downloads.openwrt.org/releases/19.07.5/targets/x86/64/

LowSpecActionSquad · December 14, 2020, 10:12pm

It seemed to be worse at first, using a higher “idle” amount of ram, hovering around 30-35%, but surprisingly it didn’t go up much from there even after extended use (using openWRT). I think my best bet is to just toss in my low profile 2-gig sticks (that I forgot I had) and be done with it, that way I never have to worry. That was sort of the plan from the beginning anyway, before my boss convinced me 1 gig was enough for my home setup!

Good suggestion though!