pfSense hardware

[DJ9]

I guess I should not mention that I have 1Gbps up/down via Google fiber for $70.00 US :).

Lucky fellow. ;)

 

[Arwen]

Lucky fellow. ;)

That's Lady, thank you very much :).

 

[rogerh]

That's Lady, thank you very much :).

Still lucky! (512/488 kb/s here)

 

[DJ9]

That's Lady, thank you very much :).

I stand corrected. :)

 

[9C1 Newbee]

Dating must really suck for you Arwen. You are constantly asking yourself "he only wants me for my internet connection".

 

[cyberjock]

Dating must really suck for you Arwen. You are constantly asking yourself "he only wants me for my internet connection".

ROFL!

 

[Arwen]

Dating must really suck for you Arwen. You are constantly asking yourself "he only wants me for my internet connection".

<humor>How dare you assume he'd only want me for my Internet connection! It's obviously also for the beer
in the fridge, and ice cream in the freezer.</humor>

But back to reality, 1Gbps down/up is only as good as your ISP's POP, (Point Of Presence on the Internet). I
have had many times slow connection for trivial things, like a single HD video from Netflix, Vudu or Amazon
re-buffering. Or browsing common pages taking >30 seconds. All of this is wired in the house, (not WiFi), and
then fiber outside.

 

[Ericloewe]

<humor>How dare you assume he'd only want me for my Internet connection! It's obviously also for the beer
in the fridge, and ice cream in the freezer.</humor>

But back to reality, 1Gbps down/up is only as good as your ISP's POP, (Point Of Presence on the Internet). I
have had many times slow connection for trivial things, like a single HD video from Netflix, Vudu or Amazon
re-buffering. Or browsing common pages taking >30 seconds. All of this is wired in the house, (not WiFi), and
then fiber outside.

That's an experience I know well, though only at ~100Mb/s bandwidths.

My old ISP's "fiber" (coax through and through, advertised as optical fiber - and yes, they are the local Comcast equivalent, how did you guess?) was horrible on some very rainy days, but pings to servers were generally consistent.
My new ISP's real fiber is an awesome last mile solution, but their routing is not quite as good, sometimes causing 50-100ms fluctuations in pings (European servers, so something around 50-70ms is the expected baseline).

 

[Jailer]

My new ISP's real fiber is an awesome last mile solution, but their routing is not quite as good, sometimes causing 50-100ms fluctuations in pings

I would be ecstatic with 50 -100ms ping fluctuations. I've done the best to mitigate the problem with traffic shaping in pfsense and I still see upwards of 200-300ms swings. It's even worse without the shaping but unfortunately dial up is my only other option.

 

[MtK]

So @Rilo Ravestein, did you buy any pfSense machine?

 

[MtK]

@Rilo Ravestein look what I just found: https://knowledge.zomers.eu/pfsense/Pages/Building-a-pfSense-low-energy-machine.aspx
prices seems to be a little bit outdated, but still...

another alternative is @DataKeeper build (which is almost twice the price, but at least twice as strong): https://forums.freenas.org/index.ph...on-1st-freenas-build.28814/page-8#post-217058

 

[Rilo Ravestein]

Thanks for these sources. I still don't get why so many pfsense builds use CPUs without AES.

 

[MtK]

Thanks for these sources. I still don't get why so many pfsense builds use CPUs without AES.

so you can go for the C2758 @DataKeeper is using (~ €400) or the C2558 (~ €300)...

 

[Rilo Ravestein]

so you can go for the C2758 @DataKeeper is using (~ €400) or the C2558 (~ €300)...

Thats a big price difference. You do get twice the amount of cores and cache for on third more of the price... But if i were building on a budget i'd go for the latter one.

 

[Ericloewe]

Thats a big price difference. You do get twice the amount of cores and cache for on third more of the price... But if i were building on a budget i'd go for the latter one.

There's no pricing pressure, so Intel charges more or less whatever they want, then Supermicro, as the only manufacturer selling C2x58 boards, gets to add their own comfortable margin.

 

[Jailer]

Thanks for these sources. I still don't get why so many pfsense builds use CPUs without AES.

If you have no plans to run a VPN then there really isn't much of a need for it.

Another good option to consider (and will likely be my next build) is the Supermicro X10 SBA-L if it's available in your area. Intel J1900 4 cores, 8GB max memory, 2 Intel NIC's and can be had around here for $136. A complete build with SSD should only draw around 12 to 15 watts or so.

 

[diedrichg]

If you have no plans to run a VPN then there really isn't much of a need for it.

I DO plan to use VPN and I'd be the only user. I didn't see AES on that board, what's the hot hardware these days for VPN?

 

[MtK]

I DO plan to use VPN and I'd be the only user. I didn't see AES on that board, what's the hot hardware these days for VPN?

If you're not willing to read the whole thread, then at least take a look 6 messages up, where this part of the conversation started...

 

[diedrichg]

If you're not willing to read the whole thread, then at least take a look 6 messages up, where this part of the conversation started...

I've been following it off and on. I have it as one of my subscribed threads that I've been very interested in. Sorry about that.

 

[Jailer]

I DO plan to use VPN and I'd be the only user. I didn't see AES on that board, what's the hot hardware these days for VPN?

My first choice would be any of the 2x58 Avaton boards. Which one depends on your bandwidth needs.