Looking to build a small-ish pfSense-box

[iZohanX]

Hey folks, new to the forums but I've been watching the STH Youtube channel for a while.

I've been running pfSense for just about over a year on my i5 6600k from within a full-tower case (ye-olden Thermaltake Kandalf LCS, but I've removed the liquid cooling).
At first I was running pfSense on the bare metal and recently I've dipped my toes into ESXi and boy... what a rabbit hole...
Currently pfSense runs virtualized a long-side TrueNAS from within the same box, as of recently I've noticed a few hiccups in performance that I'm not sure are due to the virtualization or not, but regardless, I think I'd like to have it back on the bare-metal and run a different machine that would serve as a dedicated ESXi host.

I'm trying to figure out the best way to achieve these goals:

• It has to to be rather compact, either short depth 1U or a small-ish tower (preferably as small as possible).
• It has to be able to add extra network cards/replace existing ones (planning on running Chelsio T580s/QSFPs with the new ICX 6610 I got, for the lols).
• I'd like it to be fairly quite.
• And most important of all, I want to spend as least as possible.
  
  What I already have:
• As mentioned I already own an i5-6600k, I wouldn't mind reusing it, but willing to get something new.
• I have 2 Intel i350-4 cards.

The rig build doesn't need to include the Chelsio T580s or QSFPs, those will be purchased separately.

I appreciate any input you guys can lend me on this =)

 

[tozmo]

HP 290 has an x16 and an x1. Switching out the default 3.5 for either nvme and/or ssd, removing the wifi card, disconnecting the dvd drive: silent and runs 8-12W with pfsense. I added ram to mine for 8gb total, and the only problem it has is with tons of pfblocker feeds and IDS turned on. WIth pfblocker only, it does well.

 

[Fart_biscuits]

I run a Citrix netscaler (aka wanscaler, aka cloudbridge) it’s the cb-504-2 model which is a supermicro x9skv-1105 board. Works great and it looks like there’s one on the bay rn for $90. Mine came with a 16gb usb dom, 32gb ddr3 ecc, and 6x intel gbe (2x i210, 4x 350 listed as bypass pairs but that’s configurable in bios). There’s also the slightly newer sd-wan 410 for a little more, which I think is a custom odm supermicro board with a dual core Xeon D (no promises, I never found anything definitive but if you find out please let us know)

 

[StevenDTX]

SuperMicro CSE-505-203B. Take your pick of motherboards that fit in it. I was using a C2000 board, and recently upgraded to an X11 in the same case for pfSense.

 

[newabc]

If considering a thin client, a HP T730 or Wyse 5070 extended(the fat version, not the thin one) should be good.

 

[ullbeking]

SuperMicro CSE-505-203B. Take your pick of motherboards that fit in it. I was using a C2000 board, and recently upgraded to an X11 in the same case for pfSense.

I agree. This is a great chassis.

Post Feb. 2018 C2000 boards are great for this application, and super quiet.

If X11 then I would go for the X11SSH-TF (with 2x 10 GbE NIC's) or the X11SSH-* with 4x 1 GbE NIC's (assuming that more NIC's is useful for the switch functionality of this server and how you use it).

 

[StevenDTX]

I ended up used an X11SDV-4C-TP8F

 

[ullbeking]

I ended up used an X11SDV-4C-TP8F

Excellent choice. It will fit inside a small chassis too. And finally you have 4x Ethernet ports, which is super useful for a firewall+switch.

 

[iZohanX]

Thank you all for the suggestions.

I've done some eBaying around and it seems that I've run into somewhat of a problem.

I run a Citrix netscaler (aka wanscaler, aka cloudbridge) it’s the cb-504-2 model which is a supermicro x9skv-1105 board. Works great and it looks like there’s one on the bay rn for $90. Mine came with a 16gb usb dom, 32gb ddr3 ecc, and 6x intel gbe (2x i210, 4x 350 listed as bypass pairs but that’s configurable in bios). There’s also the slightly newer sd-wan 410 for a little more, which I think is a custom odm supermicro board with a dual core Xeon D (no promises, I never found anything definitive but if you find out please let us know)

The netscaler/wanscaler looks to be a really nifty little box but the cheapest I've found it on ebay (for me at least) is for about 180$ shipped (I assume since I am from Israel). The SD-WAN 410 that was listed for 90$ got snatched before the seller had managed to send me a shipping qoute for it.

Also in terms of motherboards, all I can find the X11's for is about 350$~ is that the going price of these?

 

[Fart_biscuits]

The SD-WAN 410 that was listed for 90$ got snatched before the seller had managed to send me a shipping qoute for it.

Also in terms of motherboards, all I can find the X11's for is about 350$~ is that the going price of these?

Yeah location is likely going to be an issue for you. Timing is also critical, I got mine for $75 shipped. About a month or so ago I saw several for around $100 but ymmv with shipping. The x11 boards are much newer and for me overkill when older/cheaper hardware is more than adequate for my needs.