need opinion on building my own router

vl1969

Active Member
Feb 5, 2014
634
75
28
Old drives are plentiful and easy redundancy. Beats having to put all he packages back in.
well I do not have any old drives or at least no two of the same capacity anyway.
also I do like to have an SSD in this machine rather than HDD. or am I wrong?
and anyhow the machine only supports one Drive and one DVD. like I said I am willing to part with DVD drive if I have to.
 

vl1969

Active Member
Feb 5, 2014
634
75
28
well the machine came with WD blue 250GB drive. not sure how old it is.
I though to replace that with one 120GB SSD
given advice to use raid I though to put in second 120GB SSD instead of DVD drive
also I still consider Sophos UTM as well as pfSence so not sure what it will be yet.
 

canta

Well-Known Member
Nov 26, 2014
1,034
216
63
42
Get cheap to Intel ssd 120g or 64g..

I use clonezilla for backing up and restoring image. Save the image via USB hd or shared network.
 

vl1969

Active Member
Feb 5, 2014
634
75
28
You can get a bracket to fit 2x2.5 drives in a 3.5 slot.
the issue is not that I can not fit 2 drives in, it's that I have no sata or power ports. The machine is designed to support only 2 sata devices. Has only 2 sata ports and only 2 power connectors.
 

Lost-Benji

Member
Jan 21, 2013
424
23
18
The arse end of the planet
the issue is not that I can not fit 2 drives in, it's that I have no sata or power ports. The machine is designed to support only 2 sata devices. Has only 2 sata ports and only 2 power connectors.
Dude, just run one drive and stop fussing. If it fails, learn next time.
SSD is fine although, last time I looked, no TRIM support.

If tight and worried about power usage like some others passing their wind, then move away from these style of firewalls and use a all-in-one.
 

canta

Well-Known Member
Nov 26, 2014
1,034
216
63
42
I am running with single ssd.
I made aa whole image of ssf via clonezilla.

Whenever happens.. I just reimage a new ssd with the last image..

Create or restore Image of ssd 120g is not taking long...
Ssd rules....
Haha

This is a small proxmox with one vm of router and two Debian vms as now...

No zfs .. Just simple single Intel ssd 530 that bought used from ebay.
 

vl1969

Active Member
Feb 5, 2014
634
75
28
I guess that is what I will do. I got an intel 120 ssd. Will image it once setup. I wish I could image it live but no such luck.

I can have an age and backup of config.
 

Keljian

Active Member
Sep 9, 2015
429
71
28
Melbourne Australia
Oh for crying out loud. I ran a cheap Kingston v300 64 gig ssd (the cheapest I could buy) in my pfsense box for nearly 4 years with squid and heaps of other things. I ran 6 gig of mixed brand ram, and a Chinese knockoff Intel nic.

Yes I backed up the config when I got it how I wanted it. Didn't fail me once, despite power outages and other rubbish due to me mucking around with dodgy Chinese picopsu knockoffs.

I restored the config from backup when I installed pfsense in a VM, all I had to do was remap the ports and it brought everything back to where I was.

Y'all are getting too precious about all of this.
 

vl1969

Active Member
Feb 5, 2014
634
75
28
Oh for crying out loud. I ran a cheap Kingston v300 64 gig ssd (the cheapest I could buy) in my pfsense box for nearly 4 years with squid and heaps of other things. I ran 6 gig of mixed brand ram, and a Chinese knockoff Intel nic.

Yes I backed up the config when I got it how I wanted it. Didn't fail me once, despite power outages and other rubbish due to me mucking around with dodgy Chinese picopsu knockoffs.

I restored the config from backup when I installed pfsense in a VM, all I had to do was remap the ports and it brought everything back to where I was.

Y'all are getting too precious about all of this.
Please let us all be civil and respect each others POV.
Keljian >> nobody is getting too precious about anything. just because something works for you, doesn't mean it will work for me. I too mostly run an older hardware or non brand name hardware , that I either have or can get cheaply on eBay. I have been building my PCs for years and so on.
BUT, while I have researched the setup I am trying to work out now, and have most technical stuff at hand, I want to get a feel off how it works in real world, a fell and opinion of other people who might be more technical than me, and have done this already and have a real world data to share.
everybody is providing information based on what is most important for them, and I can get all this info and pick and choose from it based on what is important for me.
as an example, we have a poster here more concerned with power consumption, I do share his/hers POV on that, even though at the moment power consumption is not on the top of my list. also the hardware I have is rated at reasonable numbers in my situations.
my main concern is more "Set-it-and-forget-it" aspect of the setup, I want to be able to do the setup, configure it and mostly just forget about it, similar to (notice I say similar to not just like) the SOHO router I already have. since I do not know how old the current HDD is and such I am willing to spend on new SSD
it gives me 2 thing, first I know it is new and when I got it, second it does save me some power as it is more economical. third it bring my setup more inline with a regular router as most components solid state just like the router suns the fans.
just as I ask opinions on hardware and basic setup I also ask opinion on the OS. and just like with hardware, I can pick and choose that aspect of the setup based on info I get here and on my own research.
even though the consensus on this blog is more favorable to pfSence I might still go with Sophos, or I might take the advice of people here and go with pfSence . at the end it is my choice, but I still like to hear other people opinions and advice to help me with making the choice.
 

mstone

Active Member
Mar 11, 2015
505
118
43
45
Keljian >> nobody is getting too precious about anything.
Yes, the insistence on redundant hard drives in every firewall is precious. Calling people "tight" if they want low power consumption (and low heat and low noise) is, if not precious, at least a little rude. FWIW, I'm running my firewall off a 2G SLC SD card. Older firewalls have run off CF cards or on-board flash. It's a firewall--it isn't disk intensive. Once it's booted, it basically doesn't touch the disk except for config changes. (Assuming remote logging; otherwise you'll see log writes but still basically don't touch the OS image.) The most likely failure mode for flash is "can't write any more" not "ate the data". But yeah, there's a chance the data might get eaten. There's also a chance that the too-hot firewall with unnecessary disks and ram and CPU will catch on fire and eat all of the redundant data. So the real question isn't, "how many disks did you shove in the chassis", it's "what's the disaster recovery plan". I've got a backup of the firewall which I can boot as a VM and get the network back up until I replace the firewall hardware. If my home network made me money, I'd install redundant firewalls. It's extremely unlikely that I'd rate firewall disk failure as a major concern, because the redundancy solves that problem as a side effect. If someone wants to layer squid and such on the firewall instead of breaking that out into separate instances than I guess disk is a lot more critical for them--but that's hardly "the way firewalls have to be done".
 
  • Like
Reactions: Keljian

mstone

Active Member
Mar 11, 2015
505
118
43
45
The only reasons to have an ssd in the pfsense box are:
Cache if you are running squid
Power (if the alternative is a big spinning disk)
The other reason to have some kind of non-spinning disk is that the spinners tend to stop spinning after a while. The main reason to use a spinning disk these days is capacity, which is generally not a factor on a firewall. I'd rather have a 30G SSD than a 2TB HD in my firewall, for about the same money.
 
  • Like
Reactions: Keljian

canta

Well-Known Member
Nov 26, 2014
1,034
216
63
42
Picoatx clone is OK .
Rule of thumb.. Assume 50% than they stated....

I bought originalused 100 miniatx dc to dc for sure..
II tested with i3 haswell with load.. Yeah.. 70w consumption is smooth.
Clone picoatx can not do that .. Let say..120w clone..

If you need 100w 12v dctodc ... There's on eBay..$10 with free shipping..
Shipped from us and can be trusted to deliver stated rate.

I bought 2 for 18 with free shipping..

I have one clone picoatx too...

The components and board quality is better on used original 12v dcdtodc mini itx..
 

vl1969

Active Member
Feb 5, 2014
634
75
28
well I am definitely go with SSD so there is no arguments there. my only concern was that some people insist on raided setup and since I only have connections for 2 devices total in the system I either have to forgo the DVD drive (which is fine with me as who needs the DVD on Router/firewall) or go with single drive setup regardless.

reason in favor of raid is that I had an SSD die on me not more than a month ago, it simply went dead which I was not prepared for at all. with all research I had on SSD I expected for it to go read only before dying, no such luck. it just went dead. I reboot my HTPC and get nothing.
the SDD not even readable in the dock. so now I plan to have a backup when I rebuild the setup.
now the router needs to be more reliable and faster to recover than HTPC. I can live without HTPC, I can not live without router
 

canta

Well-Known Member
Nov 26, 2014
1,034
216
63
42
Get Intel ssd...

You can utilized smartctl to monitor wearout flag.
If the flag not zero.. Prepare to replace..

Raid doesn't give you quick recovery...
It gives you availability..

Or.. You can virtualized with promox and zfs root...
Zfs does not need cpu processing...
You can capped max memory usage.. Let say.. 2g or something.
 

Keljian

Active Member
Sep 9, 2015
429
71
28
Melbourne Australia
FYI, my insistence that one drive is enough comes from me knowing that pfsense takes all of 6 minutes to install, and the backup config takes about another 5-10 minutes to propagate(and while this is happening, the router is routing). I am ok with that as irregular downtime for the power saving. I have other drives I can put in there if it fails.
 
Last edited: