@Edvar
Go with the fanless if you want lower power and a sleek box but, the ports on it aren't upgradable w/o swapping the whole chassis.
Go SFF PC is you want somewhat low power draw but the option to upgrade the ports later on.
I went a step further and built an ATX box that is the router and all of the networking aspects but also rolled in additional functions like NAS / OTA / AP / etc. This allows some consolidation and reduced the bottleneck potential for other services. It also removed the need for a power strip and additional ports for devices to connect to the network. It just kind of depends on how many wired devices you have that could be wireless and if you see your ISP speeds going up again for another $3/mo to get to 2.5gbps or 5gbps. Maybe jump to 10GE for $10/mo or whatever they decide down the road.
So, I'm a little nuts when it comes to this stuff, but here is what I did a few years ago:
- Consumer Mini-ITX board (find one with dual Gigabit Intel NIC's*, in my case Asrock H270M-ITX/ac, but this is a while ago, you'll want something newer.)
- Lower power CPU (I went with an i3-7100 which is both reasonable power wise, but has enough brute force (on only two cores) to handle some serious OpenVPN challenges)
- Small m.2 drive for booting
- Smallest amount of RAM I could buy while still going dual channel
- Mini-Box 60w Pico PSU Bundle
- Mini-Box M350 super-compact case
- pfSense
*avoid Realtek or really any other brand. Also avoid multigig. You really want older on board i210 or i211 NIC's. These things are bullet-proof from a reliability perspective and always capable of maximizing transfers per the gigabit spec. Intels newer multigig models are really hit or miss, and Realtek, just no. In a pinch Broadcoms NetXTreme series of NIC's will do too, but you don't usually find those on board on consumer motherboards.
(representative pics of case, not mine)
The Pico-PSU's are amazing. Not only are they very efficient and reliable, they are also very tiny. I had this thing at single digit watts as measured at the wall using my Kill-A-Watt when pfSense was idle. Very efficient.
They are essentially a tiny 12V AC to AC PSU that sits on the ATX connector and hooks up to an external 12V power brick. (You'll need a 4pin or 8pin motherboard power adapter unless you go with the bigger model that comes with it)
Intel box cooler that came with the i3-7100 I used
just barely fit inside that M350 case.
Reasonably quiet too.
The i3-7100 was admittedly total overkill for a router (it really doesn't take much, most people use Atom CPU's) but I wanted the option to max out my connection over OpenVPN on the router, which this handled quite nicely. I don't think I've ever seen a CPU utilization readout over ~11-12% even at max speed test.
It was a great little router box with surprisingly high capability. I've used it on on Gigabit Verizon FiOS for years without a problem. As mentioned I can even push OpenVPN at or near full gigabit speeds (as long as I'm not limited on the other end, which usually is the case.)
Then about 3 years ago, I decided I wanted to stick it in my rack, and didn't want it just all ghetto sitting on a rack shelf, so I got a good deal on a used 2U case (iStarUSA D-214-MATX, not my favorite case of all time, but it was a good deal and it works) and transplanted the whole thing into it.
For shits and giggles, since I had a spare one kicking around, I also installed an Intel x520 dual SFP+ 10gig network adapter. I had accidentally bought too many during a previous project. Totally did not need it, but if you have it, why not use it?
Never mind the busy cables on the left. That was a since abandoned "for fun" experiment. I wanted to see if I could use a "redundant PSU adapter" with two PicoPSU's to get redundant PSU's.
The interesting part is it worked. I just decided I didn't need it. Who knows how long term reliable something like that is though. Not sure I'd recommend it for anyone else. I was just curious.
My latest stage is moving the router to actual server hardware.
It had a random issue the other day, and during the troubleshoot and reboot which fixed it, I found myself wishing it had IPMI/BMC like my big server. I had always wanted to move it to proper server hardware, so I hopped on eBay.
This time around I'm replacing the innards with:
- Supermicro X12STL-F LGA1200 Rocket Lake Xeon E-23xx motherboard. (best balance between cost, and relatively recent, so it is lower power)
- Cheapest CPU that goes in that socket, while still being a Xeon (Xeon E-2314) This is even more overkill than the i3-7100 was, but c'est la vie A little overkill never hurt anyone I guess. If there were a lesser model I would have bought it, but there isn't.
- 16GB (2x8GB of DDR4-3200 ECC UDIMMS). Again, total overkill, but 8GB is apparently the smallest you can get now, and I didn't want to sacrifice the dual channel controller by going with just one stick of RAM.
- Two spare 256GB Inland premium NMVe drives I had kicking around from previous upgrades. (Plan is to mirror them in ZFS for more resiliency)
- New low profile cooler (in case this CPU runs too hot for the intel box cooler) I went with an ID Cooling IS-55 Black, as it was really cheap and reviews very well.
- Also needed a PCIe to m.2 adapter, as this board only has one m.2 port
Here we are doing some burn-in-stability testing before the heart transplant into the 2U case.
The cooler is awesome, quiet and very effective. In this bench test, the only noise I hear is the little fan in the ancient Antec 150W PSU, which is only used for testing. Unlike other Xeon motherboards, this motherboard takes standard LGA 115x/1200 coolers, which gave me lots of flexibility and I landed on this amazing little cooler. Only 55mm tall with fan installed.
It wouldn't have fit in the little M350 case, but it will fit with plenty of space to spare in the 2U case.
One thing I noticed is that the m.2 slot on this X12STL-F motherboard is pretty bad. It is routed off of the chipset, and cant even keep up with its rated 4x Gen3 speeds. The other identical NVMe drive in a PCIe slot with an adapter is much faster. So, I have decided to get a second adapter, since they are cheap, and I have a spare 8x PCIe slot anyway.
This will be fun when it all comes together. I'll post pics if anyone is curious.
I am also considering migrating from pfSense to OPNSense, but that is going to be much more work and downtime on my complex network setup. I'll have to decide if I want to do that.
I have a Qotom Q20332G9-S10 that I intend to use as a multi-gig router, so I'd say the hardware itself seems pretty nice so far.
