I’m moving to a rather large city (Phoenix area) and have found out that my ISP (Cox) has placed a data cap on their internet plans. I plan to implement a caching server in PFsense. I’ve been contemplating building a router and would like some input. I have 16gb of ddr3 ram laying around and a wireless access point so that price has not been included
Possible Build 1: ~$231 total
AMD a8-7600 apu ~$60
FM2+ motherboard ~$50
Rosewill slimcase itx+ PSU $47
60GB SSD ~$37
4 port pci-e Ethernet card ~$37
Possible build 2: ~$176
AMD A4-5000 cpu motherboard combo $55
Rosewill slimcase itx+ PSU $47
60GB SSD ~$37
4 port pci-e Ethernet card ~$37
I am going with an AMD build because I’ve been trying to move away from Intel due to their anti-competitive practices in the past. I’m tempted to go for the A4-5000 build for its low power consumption and price (in recent years I have become more conscientious about power consumption). The a8-7600 on the other hand has much higher clock speeds but does consume more power. I can limit it to it’s lower power mode which limits the tdp to 45w. Alternatively I can manually underclock and undervolt the a8-7600. I want to go with the a4-5000 build but my worry is that it may not be powerful enough to push Gigabit based on the guide provided by PFsense. I really don’t know how powerful a CPU must be to push Gigabit (within the network). The hardware guide on the PFsense website says you need at least a 2.0GHz processor with multiple cores to get 501+ Mbps. The a4-5000 has four cores but cannot achieve a 2.0GHz clock speed. Which build should I go with?
Alternatively the router and access point I have right now is a Ubiquity Edgerouter x and an AC access point. I could simply use the networking equipment I have now and get a NAS to use as a caching server using the Edgerouter x but I’m not sure how much documentation or support is out there for for a caching server on that operating system.
Looks like PFSense 2.5 will make use of AES-NI and might even require that. I am not 100% but you might want to take a look at that.
That being said I just switched some parts and will use a pentium g3260t for now because I can probably get a xeon with that AES-NI later for cheap on ebay. (Also I want to be my router and NAS to be same socket so I can be a bit flexible with parts. And yes, I know, haswell is complete overkill for a router. )
PfSense 2.5 is a ways out but yes it will require AES-NI.
You really, really don’t need 16GB of Ram for a PfSense box. I run mine in a VM with 512MB of ram, and I’ve never seen it go over 48% utilization.
I would consider looking at used intel stuff, since there is a lot on eBay and for cheap you can get low power AES-NI supporting hardware. Also buying used Intel puts no money in Intel’s pockets, if that pleases your intel distaste.
I measured the power; but it was for everything connected to my data cabinet; a Nighthawk R7000, TP-Link gigabit 24 port switch, and the R410. That said, the R410 has a 750W power supply; something to keep in mind.
It costs roughly ~20 cents a day to power my data cabinet, at ~7.6 cents per KWh. As most of the time it’s idling as its a file server, but if it was a router it would see more use I’m sure but nothing outrageous.
As for noise I couldn’t tell you. I have no way to measure the dB of the room, but the room is loud as I have a 12,000 BTU air conditioner pointed at the data cabinet to keep everything sub 20C.
But when I turn it off I can hear the little fans inside the dell from my desk about 4 feet away, but it more of a gentle whirling hum. I am trying to find replacement fans, as stock fans for servers are usually loud; when under serious load. When the thing posts good god you can hear it its a jet engine but after that its not so bad. I’ve gotten used to it. Can’t hear it at all through my headphones either.
Yeah man definitely. These things retail for like $1200+ brand new. And you get a lot of power for what its worth. Once the BIOS is updated, running a recent version of FreeNAS 11 Stable is awesome. It is no slouch.
I outfitted mine with 4x 15,000 RPM SAS drives and it fully saturates my gigabit connection on LAN.
I, also, have been thinking about building a some pfsense boxes for a few different projects. A couple for my parents main house and lake house, and one for my dads church.
I am shooting for low cost and very low power. I’ve been looking at options for the last few weeks, trying to come up with the best option. It’s actually fairly difficult to find a dual (or quad) NIC system that’s small, low power, and cheap.
I was also looking at the Dell Optiplex 160 (not the FX160), but it only has one NIC, so I’d need to get a USB NIC. Not the best solution. Also was looking at thin clients, but again the single NIC issue persists.
PCEngines APU systems look really nice, but they can get expensive. I’ll have to compare those to the first one I linked to see if they are competitive.
I was hoping to keep the total cost at around $100 to $120, but that doesn’t look feasible at this point.
EDIT: Just looked at the APU2 systems again. Buying directly from PC Engines in Switzerland would be close to $200 with shipping. Since the price is so similar to the systems on Ebay and Amazon designed and made in China, I’d be significantly more comfortable getting one from PC Engines. Just feels more reputable and higher quality.
I just found some chinese Xeon E3 1220L v3 for 30 to 40 bucks on ebay. I mean those are really not that fast with 1.1 to 1.5GHz but they have 4MB cache, AES-NI, ECC support and they are 13W TDP. Looks pretty neat for a PFSense machine, I think. I might order one of those.
@wendell, do you know if there is maybe something wrong with some steppings of haswell E3 xeons or so? Just want to make sure that I’m not buying a box cutter.
That does look pretty nice. I wonder if most socket 1150 ITX boards accept Xeon processors? This one (here) does.
That would make for a more powerful system, yet in the long run probably cost about as much or less than an APU2 system.
I’ll have to think about it. Probably all those CPUs were dumped when a large corporation upgraded, similar to what happened with the E5-2670 CPUs from a year or so ago. Maybe Wendell can chime in if he knows anything.
I found something about a TSX bug in Haswell but I don’t think that would have an effect on AES-NI or PFSense in general. Other than that I can’t find anything negative on bugs for specific steppings or whatnot, so I’ll probably go for it.
That is a weird one. o0 Did you see the ports? I went for a more workstation style board instead but I wanted to make sure I can use ECC and have more connectivity. But that does come with a hefty price tag.
That ASRock already has dual Gbit NICs, so it might be a solid budget option.
Yeah, that’s a more industrial/commercial type motherboard. I don’t mind what’s on the back for I/O, since it has the dual NICs onboard. All the COM ports and USBs won’t be used. Plus it has a mSATA slot for an SSD, and a full PCI-e slot for an additional card if I need more NICs. And the price is right.
I remember reading about that TSX bug because I recently bought a laptop with a Haswell CPU in it. Don’t remember exactly what it was about, but I think it is the sort of bug that appears only in very rare and specific situations. Shouldn’t be a problem. Plus, I think the fix was a microcode update that disabled the component that had the bug.
I am sort of leaning toward the baby-Xeon based system. That price for the CPU is just too good. I almost want to see whether it’ll go down anymore or not.
I asked Wendell on the TeamPGP stream and he couldn’t think of any specific problems. So I just ordered two. Bit of a gamble but Xeons are pretty hard to kill anyway and these ones are so low TDP… you could probably cool 'em with your thumb. … #bloodcooling
I took a look at the a4-5000 APU and apparently it does support AES-NI so I think I will be going with the a4-5000 build. The Dell Poweredge does seem like a good deal except the Xeon has an 80w tdp which isn’t bad, but with two of them running along with all the high speed fans will probably be driving up power consumption. I don’t think I want my router idling near 100w.
I recently changed out my old phenom II for a low power avoton and honestly the difference in wattage is negligible. I wouldn’t spend too much money on lower power gear (especially at the cost of performance) because you will never get that money back in the form of power savings. If you want low power and decent performance then get something like a ubiquiti edge router or some other decent router that isn’t using x86.
The one thing I would really, really like to have is a 1u case that is reversed. Where the motherboard I/O and expansion card(s) are on the front of the case rather than the back. The power supply can still be at the back, but it being at the front wouldn’t be a deal breaker. Anyone know of a case that does this? Or what this is called?
Given that the router will be up 24/7 a difference between a 20w router and a 100w (the Dell is running two 80w Xeons) router may be quite substantial over the span of a few years. The roughly $26 in savings I’d see would probably disappear in a year or two. Plus I don’t think I need the power of two Xeons running 24/7.
Problem is most good custom firewall / router software runs on x86. DDWRT, openWRT and so on are not bad but for the really advanced stuff PFSense is still the way to go. And as I said, 35,- bucks for a used E3-1220L-v3 is not bad. Hell, you could go AM1 if you don’t need ECC. The athlons even have AES-NI, too.
)
