DIY Router + NAS

gvi70000 · February 10, 2020, 11:54am

Hello all,
My name is Ion and i need your help in making a small form factor (mITX) Router + NAS + small web server.

So far i have only the CPU, and AMD 3700x available and i need to buy the other components - see list below:

1 MB: ASUS PRIME B450M-A or Gigabyte B450 I AORUS PRO WIFI
2 RAM: Ballistix Sport LT DDR4 16GB
3 PSU: Cooler Master MasterWatt Lite 400W
4 Case: Fractal Node 304
5 HDD: 2xSeagate IronWolf 4TB 3.5’’ NAS HDD for NAS+ 1 120Gb M.2 for OS
6 CPU: AMD Ryzen 5 3400G - alternative to 3700x and also no video card needed
7 NIC: QNAP dual port 5GbE multi-Gig exp card/ PCIe - to connect my workstation + 1 spare port for future
8 UPS: APC Back-UPS CS 500VA

The whole setup is intended for high speed LAN on 2 clients, the rest will be WiFi or 1Gb, also the ISP modem is 1Gb.

Q1: Can i install only one OS and add the required applications for Router and NAS ?

Q2: If Q1 is no, then i guess i have to put 3 VMs on the computer one for Router ( pfSense), one for web server and also for NAS(FreeNASe). Do you have any recommendations for the main OS? I have experience running only one VM under linux or windows.

Q3: I got fiber optic connected to my modem but i have no idea about brand, how can i get any info about the modem itself? I am thinking that maybe it will be possible to plug the fiber in a different modem that will allow higher speed.

Any other advice is welcomed.
Best regards,
Ion

mehmedbasic · February 10, 2020, 1:16pm

Q1: a single router/NAS is probably not going to be viable if you want a good router or a good NAS.

Q2: Try Proxmox, it’s free.
Edit:
See below for my setup.

You can add a third VM for running your webserver, you may need more RAM if your application requires it.

Q3: Your ISP will probably need to terminate the fiber connection. You will most likely have to go with ethernet from the modem to your router. Going above 1 Gbit gets either very expensive or very complicated. Your choices are 10 Gbit adapters or pair-bonded 1 GbIt. If you actually buy more than 1 Gbit from you ISP I would assume they will deliver a modem capable of those speeds.

Edit 2:
Didn’t see you had a 5Gb NIC.
What is your WiFi situation? Are you using the built-in one or a separate AP?

My old setup

1x Netgate APU something pfSense box with a very shitty AMD CPU from 2008-ish
1x Intel Atom box running OpenMediaVault

My build
Last year I built a router/nas combination on a Ryzen 1600 with 16 GB ram and a 120 GB SSD for the OS. It’s running Proxmox as the host and then pfSense for routing and OpenMediaVault for the NAS.

I have an Intel I350 quad gigabit NIC in the system. Two ports for the router, one port for the NAS and the host is running on the onboard realtek something NIC. The I350 can be had for less than $100 US on eBay, and if that’s too steep a price you can go with a broadcom quad gigabit NIC instead, they are usually cheaper.

The CPU is clocked as low as possible (1.6 GHz I think) with lowest voltage allowed in the BIOS. The RAM is running at 2133. I’ve turned off SMT and there’s no graphics card in the system. There’s only one fan on the stock AMD cooler.

The router has 2 cores, the NAS has 2 cores and the rest is for the host. The router has 6 GB RAM dedicated to it, the NAS only has 4.
Locally I can max out the gigabit link and read/write with very close to 95-97 MB/s on my shitty rust drives.

The system is very stable and without a doubt the best router I’ve ever had. I easily max out my 200 MBit connection even with IPSec and/or WireGuard running on it. The CPU has plenty of horsepower left and it is VERY power efficient when underclocked and undervolted. Compared to the previous setup it reduced my idle power usage with 15-20W.

gvi70000 · February 10, 2020, 2:11pm

Hi,
Thank you for replying.

I intend to use the integrated WiFi of Gigabyte B450 I AORUS PRO WIFI.

Looking through the specs of IronWolf seems that 2.5Gb network is enough, I will have to look at the r/w performance using 4 drives and the fastest/safest solution i can get with 4 drives.

Airstripone · February 10, 2020, 3:00pm

Easy to help you with this one. Don’t do it. Unless the data on the NAS is copies of publicly available data you don’t mind being taken from you, never put your data anywhere near the edge of your network.

Also for a router You will likely want a couple of physically separate network cards for the routing and firewalls which your ITX build can’t support. Therefore you need a different board.

Nice idea but there are better ways to do what you want to do.

risk · February 11, 2020, 6:54am

You could e.g. install Debian or any other Linux or bsd and get a webserver, firewall/router, and some file shares going.

The main reason, IMHO, to keep things in VMs is if you care to use the shiny UIs these appliance like distros that specialize in a particular use case offer.

Q.1 - yes (it’s how things worked by default between 1995 and 2010 - approach still works)
Q.2 - Proxmox or Unraid (paid)
Q.3 - post pictures. Also, who’s your isp? It might even be possible to plug in fiber directly to your machine with an sfp network card and the right transceiver/adapter.

gvi70000 · February 12, 2020, 1:20pm

Hello Risk,

Thank you for your reply.

My ISP is Telenor in Norway, unfortunately they are not replying questions unrelated to their equipment, i guess they don’t want to have any headaches.

I don’t have any pictures to show as i am first interested to know if this might work and only then to spend money on hardware.

gvi70000 · February 12, 2020, 1:24pm

Your concern is related to the number of expansion slots on the MB?

You

Airstripone · February 12, 2020, 8:28pm

My main concern was for your personal data. This was just an observation that if you use the onboard NIC for WAN and the 5Gbps card is passed through for routing, where are you connecting the 1Gbps switch to? Also how is the WiFi bridged, and how are you firewalling off the WAN from the web server, NAS and internal network?

If you are relying on virtual network adapters via virtualisation do you trust your cyber skills enough not to put your bank statements or partner’s artistic photos on the web facing ports?

risk · February 13, 2020, 8:23pm

I meant of your telenor modem … for example, does it have an SC fiber connector or LC.
If SC it’s probably just gpon and finisar makes an ONU you could potentially use.

disarrayer · February 17, 2020, 11:34pm

I’d say go virtualization. Either Proxmox (seems to be the community favorite… I REALLY have to learn more about it) or xcp-ng. Then you don’t really have to worry about your NAS being on the Edge of your network, if you do pfsense correctly and split WAN/LAN/DMZ correctly.

Also yes: go with 3 VMs. Also for FreeNAS consider more than 2 HDDs, depending on what kind of RAID you want to use. And yes. RAM. Lots of RAM (Insert Matrix MEME here) That said, 32 GB should be fine, considering 4 for the Hypervisor

As I try to do in all my posts…the Why xcp-ng:

xcp-ng is a stable and easy to use Hypervisor. Granted, it seems not as feature-rich as Proxmox, but it should more than be enough for such a setup
Also FOSS
If you have XENServer experience, it is basically the same. But free.
Virtual Networking is easy AF
Support is widely available due to having the same base as XenServer. So there is a lot of info out there.
Should support your HW as far as I remember (best look it up beforehand or try it)
Feature-rich but easy to grasp