Small and Silent PFSENSE build recommendations

[Diavuno]

I run a bumch of these...

https://www.amazon.com/Firewall-Mic...e=UTF8&qid=1502150389&sr=8-3&keywords=pfsense
Typically it's Kingston or Samsung ram and MSATA.


Small silent cheap and works great.

 

[BlueLineSwinger]

I run a bumch of these...

Amazon.com: Firewall Micro Appliance With 4x Gigabit Intel LAN Ports, 4GB RAM / 16GB mSATA: Computers & Accessories
Typically it's Kingston or Samsung ram and MSATA.


Small silent cheap and works great.

No AES-NI support in the Celeron J1900, so it's not a good choice for a new pfSense purchase.

pfSense 2.5 and AES-NI
Intel® Celeron® Processor J1900 (2M Cache, up to 2.42 GHz) Product Specifications

 

[Steve Jones]

Lots of nice options offered. I'm still running an HP t5740/Atom N280 with pfSense, Broadcom Ethernet on-board and a quad Intel PRO/1000 in the slot. Admittedly it only has to keep up with a ~20 Mbps connection, but it does fine even with IPv6 enabled. If I really need to shift to something with AESNI, I can grab a t620+ to get the necessary slot and an AMD Kabini SoC.

 

[Ch33rios]

Anyone have any experience with these

Amazon.com: LIVA LZ-N332SNW432 Z N33 Dual UHD 4K Intel Latest Apollo Lake 2.42Ghz Computer Dual Lan USB C Wi-Fi Bluetooth Digi Mic: Computers & Accessories

I can't seem to find it it's got intel based nic or not. Also, I like the T620 thin client you referenced @Steve Jones but is there sufficient space in those things for an add-on nic?

 

[SlickNetAaron]

Anyone have any experience with these

Amazon.com: LIVA LZ-N332SNW432 Z N33 Dual UHD 4K Intel Latest Apollo Lake 2.42Ghz Computer Dual Lan USB C Wi-Fi Bluetooth Digi Mic: Computers & Accessories

I can't seem to find it it's got intel based nic or not.

Interesting! I haven't seen that brand before. Manufacturer shows ECS which was a bigger name in the past. I wonder if they are trying to reboot the brand?


Sent from my iPhone using Tapatalk

 

[Ch33rios]

Interesting! I haven't seen that brand before. Manufacturer shows ECS which was a bigger name in the past. I wonder if they are trying to reboot the brand?


Sent from my iPhone using Tapatalk

The LIVA line has been around for a few iterations and I've always been intrigued by it's more powerful platform than the rpi's. This isn't too expensive and could be useful as a docker host or something if pfsense doesn't work so perhaps I'll just pull the trigger...give it a bit more time for others to answer though

 

[realtomatoes]

interesting box.
looks like it's got realtek NICs though.

 

[Danic]

How about PC Engines APU2? Very small, 3 ethernet ports. AES Support (with pfsense 2.4 beta) I got the board, 4gb ram, enclosure, power, 16GB ssd, shipped for 174$ I've had it since july last year without any issues.

 

[SlickNetAaron]

How about PC Engines APU2? Very small, 3 ethernet ports. AES Support (with pfsense 2.4 beta) I got the board, 4gb ram, enclosure, power, 16GB ssd, shipped for 174$ I've had it since july last year without any issues.

Where'd you source that guy?


Sent from my iPhone using Tapatalk

 

[Ch33rios]

Where'd you source that guy?


Sent from my iPhone using Tapatalk

Also interested in source...this was referenced earlier in the thread and they do look compelling but the website seems a bit....well unprofessional.

 

[SlickNetAaron]

Also interested in source...this was referenced earlier in the thread and they do look compelling but the website seems a bit....well unprofessional.

I've purchased products from pcengines before. They are solid. Still have my original running pfsense at my mom's. They are popular with the WISP world. I think they are a bunch of engineers without a marketing team.


Sent from my iPhone using Tapatalk

 

[Danic]

Where'd you source that guy?

I think they are a bunch of engineers without a marketing team.

I purchased straight from PC engines website. I was hesitant at first but when I asked for a quote for one unit, I was surprised by the low price and went for it. Also I've seen their name a lot in the pfsense forums (ALIX boards, etc), so that gave me more confidence in my purchase. I agree, I see no marketing/sales team. But that is ok, I'm a techie guy. I like a simple websites with tables of specifications. No fluff.

 

[Ch33rios]

In regards to the fact that the LIVA device has REALTEK nics, why is there so much hate against them in the pfsense world? I previously ran a very generic OEM mini-itx device that had realtek nics and it ran beautifully so every time I read "STAY AWAY" in regards to realtek, Im just curious as to the actual technical reasoning.....

 

[Evan]

This may be a high power interesting option from Norco with dual intel nic

Amazon.com: BIS-6862-I3 Intel 7th Gen High Performance Fanless Computer with HDMI + DP and Dual Gigabit Ethernet Ports: Computers & Accessories

 

[SlickNetAaron]

In regards to the fact that the LIVA device has REALTEK nics, why is there so much hate against them in the pfsense world? I previously ran a very generic OEM mini-itx device that had realtek nics and it ran beautifully so every time I read "STAY AWAY" in regards to realtek, Im just curious as to the actual technical reasoning.....

They have a reputation for crappy drivers.. Particularly when they get pushed with more than minimal load. Intel NICs just always work and don't choke when under load. I've definitely seen issues be resolved by swapping to intel NICS!


Sent from my iPhone using Tapatalk

 

[Evan]

I see supermicro also have similar Kaby lake 3.5" embedded boards with 2 x intel nic arriving soon... sure they will cost a bit though.
X11SSN-L,E,H (i3,i5,i7)

 

[Steve Jones]

Also, I like the T620 thin client you referenced @Steve Jones but is there sufficient space in those things for an add-on nic?

You need the t620 Plus, as opposed to the more common base models, to get the 4 lane PCIe slot. It also has a faster quad core CPU and faster integrated graphics. More info on this model available here: HP Thin Client: t620

 

[wiretap]

In regards to the fact that the LIVA device has REALTEK nics, why is there so much hate against them in the pfsense world? I previously ran a very generic OEM mini-itx device that had realtek nics and it ran beautifully so every time I read "STAY AWAY" in regards to realtek, Im just curious as to the actual technical reasoning.....

I can't tell you how many bizarre issues I've had with Realtek NICs and the associated drivers over the years. Some issues I've had: High CPU usage with medium traffic volume, random disconnects for a few milliseconds corrupting downloads, it looks like it is working and connected but has no connection, BSOD's or crashes associated with hardware and driver packages, autonegotiation problems where it flip flops between 10/100 and 1000, jumboframe incompatibilities, eco power mode spamming the network with malformed packets and crashing switches/firewalls, etc..

 

[EffrafaxOfWug]

Personally I'd second the Jetway build (I use a JBC375 [4 port job but without AES-NI running as a switch at a mates place] and a JBC313 myself); yes there are cheaper dual-NIC boxes available but most of them have Realtek NICs (as wiretap and others have said - I've been burned by them before when experiencing weird errors only with Realtek NICs) or aren't passively cooled, and the Jetways are very ruggedly built and perfectly suited for replacing a little router*. If I had a grand free I'd buy one of their JBC512 boards and get four PoE ports thrown into the bargain.

If you can afford the space and the cost there are dozens of mITX boards with multi-NIC setups.

* Depending on where you are, the Turris Omnia might be a great choice if you can handle a custom build of openWRT instead of pfsense - I'm pondering getting one for myself as the hardware is completely open running a pretty beefy ARM SoC.