I JUST finished this: Supermicro X11SBA-LN4F Review - Sweet! - ServeTheHome - Server and Workstation Reviews
Might be worth checking out.
Might be worth checking out.
Looking to build a firewall - recommendations?
- Thread starter denisl
- Start date
Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
N3700 is the beast!
on low power with HW AES. j2900 is too, but no AES support.
I am sure that Intel tries to push aside RISC low power "server" such as AMD RISC and other companies..
How low can be low power
and less less less heat.is hidden that depends on the BIOS support....
I try install gigabyte A4-5000 minit-itx with ECC UDIMM, and the BIOS does not support aka ECC Disabled (based on linux telling via cmdline).
I know my old AM2 asus supports ecc unofficially( well the bios says supported, but tech support said as is)
how about Asus AM1M-A?
ecc supported hahaAM1M-A - Specifications
2 x DIMM, Max. 32GB, DDR3 1866(O.C.)/1600/1333 MHz ECC, Un-buffered Memory
some asus AM1 support ecc officially
buying used Asus AM1M-A? and do NOT update the BIOS since the last bios is disabled ecc support.. (as I know)...
go to asus site, and start digging AM1 motherboard that has ecc support officially
but.. I believe inside the hood, asus would give unofficially supports ecc on AM1, this is my assumption that based on my past experience.
Last edited:
that should be ok doing virt router/firewall as long the hardware supported
the issue is how the company get support from virt firewall..
I know that based some experience, support for virt firewall must be certified by the firewall vendor
do you want to pick apple or orange
....btw. some componies charges your more for virt firewall supports? why?.... this is a hot topic and common today to do virt. they charge you more since you willing to do virt firewall.
best of wisdom:
listen whatever the big boss tell
..... boss do you want reall router/firewal or just virt with bla2 features? ...
The lack of ecc on those sodimms might be a problem for some but the low power configuration and price is extremely tempting .
intel JXXXX and NXXXX do not support ecc sodimm
AM1 and A4-5000 use regular udimm size...
I didn't say broken vm, I said broken vm environment. You screw up the vm server, and it's a flaming pain to fix it if it's also your internet gateway. Yeah, you could implement multiply redundant failovers, but 1) that's actually hard on a residential internet connection without adding additional failure modes and 2) that's more stuff to screw up, especially if the only reason to be doing it is to play with things (things tend to break mostly when they're getting played with). Virtualization has its place, but it's helpful to use it when it makes sense and not because of a self-licking ice cream cone of circular requirements. In most households the home lab isn't particularly critical but the internet connection is--so why introduce an unnecessary dependency?
That said, if you want to virtualize your firewall, go for it. But the question was why people would not do so.
The big boss is cooking dinner and I don't know anyone with a service contract or sla's in their basementthat should be ok doing virt router/firewall as long the hardware supported
the issue is how the company get support from virt firewall..
I know that based some experience, support for virt firewall must be certified by the firewall vendor
do you want to pick apple or orange
btw. some componies charges your more for virt firewall supports? why?.... this is a hot topic and common today to do virt. they charge you more since you willing to do virt firewall.
best of wisdom:
listen whatever the big boss tell
You have a significant other and no requirement not to break the internet? Inconceivable!The big boss is cooking dinner and I don't know anyone with a service contract or sla's in their basement
Unfortunately I don't have experience with anything other than ESX, but it is difficult for me to imagine a scenario where one could screw that up to the degree of which you speak. In a single host environment (home use) you can back up the config by dd'ing the USB stick it should be installed on.
If I can't recover from a busted ESX host at home in a timely fashion and my Internet connection is down as a result, I can log into the AT&T supplied router, enable DHCP, and remove the static MAC forwarding thingie that passes through the static IP to my pfSense VM. Failing that I get a paper clip and activate the red reset button on the back.
Why virtualize at home at all, then? For the same reasons you virtualize in the office - to save on power utilization, hardware costs, and physical footprint of additional devices. If you want to make the argument that there isn't a good reason for virtualization in a home environment, one could probably apply a great deal of your argument to the question of why not just use the "firewall" your ISP provides.
I think we are getting a bit off topic here. Should I move the virtualized firewall discussion to its own thread?
Here is my perspective having both virtualized and non-virtualized pfSense running at all times - and it comes down to being in a Plano, TX mall on a business trip just after getting married. I got a gchat from the wife saying the Internet was down just after virtualizing pfSense. She is a programmer so tech savvy enough to fix the setup if so guided. Then again, the thought of having to guide her through the process of navigating Hyper-V/ pfSense to troubleshoot over the phone (since the Internet was down) was frightening.
Here is my perspective having both virtualized and non-virtualized pfSense running at all times - and it comes down to being in a Plano, TX mall on a business trip just after getting married. I got a gchat from the wife saying the Internet was down just after virtualizing pfSense. She is a programmer so tech savvy enough to fix the setup if so guided. Then again, the thought of having to guide her through the process of navigating Hyper-V/ pfSense to troubleshoot over the phone (since the Internet was down) was frightening.
Why virtualize at home? Because you want to play with VMs. Why not use the ISPs firewall? Because they suck at basic functionality.
Appreciate all the feedback. Patrick it looks like the review you did above in you post would be great but was hoping to find something for around $150 all in (maybe that's not possible). My internet bandwidth is not crazy - we stream some movies from prime/hulu/netflix but only on one or two devices. Rarely simultaneously. I do not do any VPN connection now but I absolutely plan to. It would be nice to put my owncloud server behind a VPN if it's not too difficult to get VPN clients on all the remote devices (various family members phones/laptops/pc's).
Would it make sense to virtualize pfsense on a box all by itself?
Anyone have an opinion as to what firewall is most user friendly (pfsense, sophos,etc).
Also - worth noting, I have a Netgear R7000 router that I can put DD-WRT on but decided I'd rather have more control. The R7000 is a DD-WRT favorite as far as i can tell. My plan was just to make it a wireless access point and leave the netgear firmware on it.
Would it make sense to virtualize pfsense on a box all by itself?
Anyone have an opinion as to what firewall is most user friendly (pfsense, sophos,etc).
Also - worth noting, I have a Netgear R7000 router that I can put DD-WRT on but decided I'd rather have more control. The R7000 is a DD-WRT favorite as far as i can tell. My plan was just to make it a wireless access point and leave the netgear firmware on it.
I would get a PC-Engines APU2B4 board, it finally appears to be out of beta (although the BIOS is apparently still missing a couple of features).
Quad core AMD GX-412TC CPU with support for AES-NI and three Intel gigabit NICs for around 150 $ is pretty awesome.
It is not in stock today, but some were available yesterday, so perhaps they will be back in stock soon.
Quad core AMD GX-412TC CPU with support for AES-NI and three Intel gigabit NICs for around 150 $ is pretty awesome.
It is not in stock today, but some were available yesterday, so perhaps they will be back in stock soon.
No stock on those. The nice bit is that they come with memory but no IPMI.
Also, I don't think four AMD Jaguar "cores" is like 4 of the Intel cores. AMD Athlon 5150 Benchmarks and Review – AM1 APU is quad core 1.6GHz so the 1GHz would be 38% lower performance?
Close call but my 2016 resolution is - always IPMI.
My understanding of the issues with the BIOS was that it was mostly due to an external contractor, Sage or something, have you or anyone else for that matter seen anything as to whether or not they have been hired to do the APU2 BIOS?
+1 for this. Always this. After getting used to remote management I could never go back.
+1 for this. Always this. After getting used to remote management I could never go back.