The Gatekeeper (overkill pfSense xeon shoebox with integrated DSL-modem)

Hardware Build a PC
, ,
1

I hinted on this before, now it is done. I may have gone to far ... But I don't care.
This machine is just way to cool. And I like overbuilding stuff.

So, introducing my new modem, router, firewall ... shoebox, whatever you wanna call it.

I call it:

This machine replaces my old pfsense box (an APU.1D4, successor to those ALIX devices), a Draytek Vigor130 DSL modem/router as well as the two power bricks necessary to use the two. And although my solution is a bit bigger than those four components combined (and far more expensive), it is way easier to handle and has a LOT more power.

"So what is it made from?" ... well

  • an Intel Xeon E3 1240L v3 CPU
  • an ASRock E3C226D2I mITX mainboard
  • 16GB (2x8) of Hynix DDR3 1333 ECC memory
  • an Intel S3510 120GB SATA SSD
  • a Draytek VigorNIC132 PCIe DSL modem/router
  • a SilverStone SST-ST30SF PSU
  • a Noctua NH-C14S cooler
  • and a Sharkoon QB One case

The Draytek VigorNIC is the one component that makes this whole thing possible. It is basically the same thing I had externally before but now on a PCIe card, a basic router with a modem mode. pfSense only sees a realtek NIC, it doesn't even know that the modem is on the same PCB.

"So how is it?" ... well

As you would imagine it does everything and then some and it doesn't care at all. The CPU is idling at 30°C like .. all the time, the memory is basically empty, the PSU never hits the temperature or load to spin up the fan and the 140mm is running at 500rpm a.k.a. slower than James May. This machine is inaudible. even in a completely silent room.

I can monitor the machine from the browser because of pfSense, sure. But I can also use the IPMI to go deeper than that, which is very nice. I have tons of space for log files, firewall rules and whatever. ... in short: I am very happy with this thing. :D

I am fairly certain that this will be my router / modem / firewall / whatever for a looooong time.

MISSION ACCOMPLISHED!

gatekeeper_0004.jpg3235x2259 959 KB

gatekeeper_0005.jpg3235x2259 968 KB

gatekeeper_0007.jpg3235x2259 963 KB

gatekeeper_0008.jpg3235x2259 817 KB

17 Likes
2

now it just needs a sick paint job, or a fancy decal based on the gatekeeper


also stealing that name for mine...
1 Like
3

How much power is it consuming on a day to day basis?

4

Good question. I have no idea to be honest. Probably a little more than my old setup but still very little.
I might measure it when I'm done with the config and stuff. ... Yeah, now I wanna know too. :)

2 Likes
5

Very nice. I'd like to rebuild mine to make something smaller, with more ram and less power consumption, but can't justify the cost.

6

What hardware are you running?

7

It's a phenom II X4 945 with 4gb of ddr2

8

Hmm, you might wanna recalculate that. That is a 95W TDP chip. My Xeon is 25W (ok, stupid expensive). But even the 120,- buck i3 skylake is only 35W. I would guess you might be able to justify the cost.

9

i'm in exactly the same situation.

vigor nic.
and some server hardware.
My problem is getting the vigor nic setup correctly, and the bigger one is, that i want that box to also be my NAS and VM Server.

Any ideas ?

10

For that I have one: don't!

NAS and VM-Server on one thing is fine but the firewall has to be it's own thing.

11

@noenken thx for the advice.
how is the onboard Router capabilety of the vigor nic? haven't been able to check that.
Because that looks to be the only other way, i don't have any other hardware that i could dedicate for a pfsense.

Solution could be to just scrap the pfsense and use the vigor nic in router mode.

12

That would be an option but ... a bit meh. pfSense is all about the control and you won't get that with any standard router.

So far I don't see a difference between the PCIe vigor and the standalone performance wise.
I never used any of them in router mode though.

13

my router ain't that overkill yet but it is called cerberus ^^

Wow I realy like that machine, the if you go, go big aproach is lovely =) I am usually on the overkill side as well - e.g. no consumer stuff, but only enterprise gear for my humble home XD

14

I like the configuration as well. To add to the mix, here is the configuration of my router:

Supermicro SYS-5018A-FTN4 1U chassis
8 core Atom CPU
32GB ECC DDR3
256GB Samsung 850 Pro SSD - OS
512GB Samsung 850 Pro SSD - Web Cache

Running pfsense latest version with tons of features and caching over 400GB of internet content directly at the router. Love having the extra speed. Not to mention the multiple levels of defensive options.

1 Like
15

Nice box! Webcache might be something in the future for me but right now I am fine.

16

I echo your comment above on overbuilding which is why this was put in. Previous testing box had a spindle drive and saw the impact and figured it was well worth the money to have the space and reliability. Bonus is that the Atom cpu and the 200W PSU sips power with its pinky up all classy-like while still moving packets like a beast!

17

That is like 10W TDP or so, right? And the PSU, what is the rating on it?

18

Here is the base chassis:

CPU is 20W TDP and PSU is 200W Gold. 4 intel NIC's & IPMI!!!! Love this router a lot!

19

Nice. On the CPU side, my Xeon is also just 25 watts. So, not much of a difference.

20

It seems that great minds do think alike