need opinion on building my own router

vl1969

Active Member
Feb 5, 2014
634
75
28
hi, I a, in the process of building my home vm server with oVirt and came to conclusion that I might need a better router for my home setup.

I am currently bidding on HP GT7725 thin client on ebay to be my new router.
so #1 is it a good machine to run pfSense or Sophos UTM on?
the specs are 2G RAM 2.4mhz turion CPU. has a PCIe expansion board that I plan to put a second NIC into.
my main concern is storage. the unit comes with 1Gb flash, have anyone worked with it and is it possible to put an SSD or laptop drive in? I can not even find what type of flash storage is in the unit ie. CF card? SD card? what. no where is the specs mention it.

I do not have a big budget for this. I am hoping to get the unit for around $40 and maybe an intel NIC for $10-$20 bucks if I need the drive I guess total setup should still be under a $100
 

Danic

Member
Feb 6, 2015
82
34
18
jrdm.us
What kind of internet connection are you serving up? How many Clients? will you have other services running like Squid or OpenVPN? The Turion is an old laptop cpu. So don't expect it to be too fast. But I would guess it can serve up 100mbit internet to 10-20 clients just fine.

I have no experience with Sophos UTM, but I do know pfSense can run off a USB drive.

You could virtualizing your router as well.
 

vl1969

Active Member
Feb 5, 2014
634
75
28
this is a home setup so I do not expect anything over 100mbit in or out.
altogether I expect no more than 10 maybe 15 tops clients real and VMs
I am sure turion is still faster than any soho router so no issue here.
not planning on Squid but maybe....
OpenVPN is in question as well but I might need/want that I do not have ether now but might want to.

I thought about VM for a router but giving the difficulties I have on setting up the main server, I think a dedicated hardware would be safer.
 

bds1904

Active Member
Aug 30, 2013
271
76
28
On a t5745 I have seen 75mbps thruput while running ids. It'll route 550mbps all day without ids. Considering the t5745 is a single core atom 1.6GHz the gt7725 will fit your needs just fine as long as you are bidding on one with a pci-e expansion chassis.

I usually run a sandisk cruiser for storage and the nanobsd version of pfsense. There is a handy "secure" USB area on these thin clients.
 

zedkyuu

New Member
Sep 22, 2015
11
4
3
43
If all you're doing is NAT, then any old computer from the last ten years (!) will do. I have a single core VM on a Xeon E3-1230v2 that handles 300 Mbps just fine. Utilization is fairly high (around 50%) but that's because the network card is cheap and doesn't do any kind of offload; if I were using a real server NIC (or a fake I350-T4), it'd be below 20% for a full 300.
 

vl1969

Active Member
Feb 5, 2014
634
75
28
Well it will be more than NAT.
Dns, dhcp routing, firewall . I was looking at sophos because it has a very good simple to use network zonning.
 
  • Like
Reactions: dswartz

canta

Well-Known Member
Nov 26, 2014
1,034
215
63
41
if you have laying old one, just go ahead

my suggestion:
buy modern motherboard and less much power: J1800/J1900 or M3050/M3150 and virtualize router .
you can add other VMs too for lighter tasks
use Intel or broadcom NIC for a good reason. i340T2 NIC should be running perfect with pcie 2 X1.

I went to virtualize when my via C800 died suddenly ( in 2008) and replace with shuttle -celeron
shuttle -celeron got died too( bad capacitor plague.. :p) ~ in 3 years, and bought $35 for C847 mini-itx motherboard (in 2011) to replace dead shuttle-celeron motherboard, C847 was good enough running router and some ubuntu VMs.

I replace C847 with J1800 miniitx (bought for $35 on 2014) and put in to 1U supermicro server case.

Via C800 with 10/100Mb 3 com nic :D
C847 with 1G PCI intel Nic. *esxi*
J1800 with 1G dual port Intel NIC pcie 2 . *proxmox*

openvpn eats cpu cycle much, if you want to use openvpn server for many users. I suggest to get processor with AES.
 

vl1969

Active Member
Feb 5, 2014
634
75
28
I think I need to explain my situation more clearly :)

#1. I have (well in process of configuring) a real full fledged server using CentOS-7 with oVirt Hosted Engine, that will be used as a Virtualization server and File Server. It is a dual socket AMD Opteron running 2 AMD Opteron Hex Core 2431 @ 2.4Ghz for total of 12 cores with 49GB of RAM. ect. all of that in a Supermicro SC846 24 Bay chassis.

and I have no issue with VM router except for the fact that: A. I am new to virtualisation thus I am most likely to screw up something on the server often enough for it to be an issue if router is in VM.
I can do it as a backup (and I am most likely will clone the setup into a VM as well ) but I preffer a dedicated machine for the router. I do not have any hardware new or old to build this off hand. the only available hardware I do have is a full desktop parts that would need a full desktop case mid size or up with a normal PSU and such. cost will probably be close to over $100 and cost to run will be more as it will be a full desktop setup.
i might as well get the thin client and a NIC and be done with it. it quite, low power consumption and small.
 

canta

Well-Known Member
Nov 26, 2014
1,034
215
63
41
if you need dedicated hardware router, thin cliet + extra nic (I suggest not to use USB since running 24/7, when data incoming/outcoming is busy, USB device NIC is eating cpu cycle, and somehow you need to reboot when USB NIC is getting slow).

this is my simple plan that already in implementatin
*one baremetal for router and othter light task VM (linux non gui servers for me that do simple monitoring and doing push/pull that running my own code in python for my Home Automation)
*one REAL baremetal for heavy lifting :D.

this is the cost on me for J1800 solution
* motherboard = $35 (deal from newegg in 2014)
* memory sadimm ddr3l 8G = $35 (from newegg)
* reuse 1U supermicro short-depth.
- 3 fans form used parts
* 1 real i340T2 $14 ( bought 2 for $28 on ebay)
* 1 extenstion cables 1X to 16X , $2 ( US seller on ebay)
* real used DC-DC atx(not cheap faked pico miniatx one from china). $9 ( bought 2 for $18).
* some available cables/solder/hotglue .
* used HP thinclient powerbrick 12V on ebay $5 ( do not buy cheap from china, those are crappy and fire hazard)
total hardware: $35 embedded mobo+$35 memory + $14 ( or $28 if counted 2) intel nic I340 + $2 pcie ext cable + $9 (or $18 counted 2) dc-dc atx psu + $5 12v powerbrick = $100 ( or $ 122 when counted spare part 1 NIC and 1 dc-dc atx).

I was thinking back to make dedicated for my router and back off since wasting resources. virtualize is on my plate again.

if you have many spare parts to be reused .. you could save $
 

vl1969

Active Member
Feb 5, 2014
634
75
28
Ok want to revisit this post again. Just got a lenovo think center sff. 3ghz intel 2gb ram. Adding an Intel dual nic. Now can not choose between sophos utm and pfsence. Can some one chime in with recommendations?
 

Lost-Benji

Member
Jan 21, 2013
424
23
18
The arse end of the planet
Just remember the basics:
  1. Twin drives (connected as AHCI, Not onboard or Hardware RAID like others try and fail) as PFSense will RAID them itself, google it.
  2. 2-4GB RAM is plenty for most users, if you have more then OK but only if not wasting coins on it.
  3. Fast dual or Quad-core CPU's, PFSense still pretty crappy at real CPU load balancing as most things are limited thread count.
  4. Avoid using nVidia chipsets and network adapters. Intel works best followed by Realtek.
  5. Run it up with basics, make backup of config once running. Now slowly add packages and make sure all is good, make backup config after each package.
 

Keljian

Active Member
Sep 9, 2015
429
71
28
Melbourne Australia
Benji, you can't be more wrong about your points 3 and 4.

Pfsense is well multithreaded with the exception of snort openvpn and ppoe, all of these are not the foundation's fault and unlikely to cause issues unless you are running 10gbit internet, or have a relatively slow processor.

Nic preferences are strongly Intel or Chelsio. Realtek should not be used unless absolutely necessary
 

vl1969

Active Member
Feb 5, 2014
634
75
28
Just remember the basics:
  1. Twin drives (connected as AHCI, Not onboard or Hardware RAID like others try and fail) as PFSense will RAID them itself, google it.
  2. 2-4GB RAM is plenty for most users, if you have more then OK but only if not wasting coins on it.
  3. Fast dual or Quad-core CPU's, PFSense still pretty crappy at real CPU load balancing as most things are limited thread count.
  4. Avoid using nVidia chipsets and network adapters. Intel works best followed by Realtek.
  5. Run it up with basics, make backup of config once running. Now slowly add packages and make sure all is good, make backup config after each package.
well as posted I got a ThinkCentre M58p Intel Core™ 2 Duo 3.0GHz CPU 2GB RAM
in specs online it show with Intel graphics and Intel PRO 100/1000 Gigabit Ethernet NIC
so it's pretty much Intel all around. I am waiting for second Intel NIC to arrive..
do not have twin drives. and m58 only supports one HDD. unless I am willing to dump the DVD drive, which I am.
 

canta

Well-Known Member
Nov 26, 2014
1,034
215
63
41
Intel or broadcom nic... On my experience..


Linux flavor or pfsense are good on multithreading..

Correct.. Openvpn is a single thread..
Higher cpu speed is the best benefit for openvpn.


Realtek is crappy on my experience..