I am doing my research now for a few days to get the right hardware for a new OPNsense system that should replace my DD-WRT system. I am especially looking for devices capable of 2.5GbE with 2-4 NICs. In that process I have read a log about Realtek NICs and Intel NICs and the issues people have with the i225/i226 NICs.
The problem is, that no matter what devices I search for in that segment (small, fanless, 2-4 NICs, 2.5GbE), there does not seem to be a way around the i226-V NICs. Even on devices that are meant to be used with OPNsense like the Thomas Krenn LESv4, they all use the i226-V NICs.
I also read that some people can get rid of the issues by tweaking the APM features (turning them off), but that defeats the purpose of a low power, low noise Firewall for me (which sits right here on my desk).
Even when reading all the recent posts about which hardware to chose, in the end it seems always to be a device with an i226-V. Like no other thing exists... and I can not find something else with current technology and low energy consumption either.
I was even on the fence to get a Odroid H4+, because of its super low power consumption but still good performance... well, i226-V again :-) Current CWWK systems? i226-V. Most of the Aliexpress no-name stuff? i226-V or i225 if they are a bit older.
Can you go up in power and find a used HP T740? Then you can install the card of your choice. Yes it's a lot more power draw, but noise is very low when used as a firewall, my fan never really spins up under normal load.
After that I can't help, I only have gigabit connections so I installed a used real Intel i350 card. Cost stopped me from playing with a Realtek 2.5g card, the i350 was significantly cheaper at the time I bought it. Same goes for the i226 cards at the time. I do have the built in Realtek gigabit port active, it has not given me any issues, but mostly I use it for a direct connect "management" port so not extensive testing. I did load the plugin Realtek drivers through the software catalog, not sure if those helped, but they didn't hurt either.
You have no reason to shy away from i226-V or i225.
Whether it's a DEC, which I think all are using i226-V, or Protectli which depending on the model might have one or the other same as the ones from AliExpress - you'll be just fine on the latest FreeBSD/OPNsense.
I'm looking after FWs that have both cards and all are running fine.
Depending on what CPU you get, the microcode might make more of a difference than any of the NICs, so I would highly recommend you install it on any physical FW.
Agree with new,
I think there is nothing to be worry.
Personally I have 2 boxes i226-V rev4, both of them have upgraded microcode. So far both of them are working fine without causing any issue for the NIC.
@CJ actually stared a thread some time ago, where we are tracking i225 & i226 NICs due to a potential flaw that Intel created > https://forum.opnsense.org/index.php?topic=38055.0
But as mentioned so far for me all good, even thou I do not have a 2.5G switch only 2X1G LAGG I do not see any issue with those NICs.
Regards,
S.
I second that. The latest issues with the Minisforum MS-01 turned out to be ASPM related, yes, but that does not mean the machine as a whole uses much more power. In fact, I monitor my devices and in the grand schem of things, that setting is not even measureable.
I would guess that my internet connection is busy most of the time anyway, considering how rarely the hangups occured.
Quote from: Greg_E on June 03, 2024, 09:48:47 PM
Can you go up in power and find a used HP T740? Then you can install the card of your choice.
That sounds very tempting, but I only can find those new over here and to be honest: I do not want anything with a fan that runs 24/7. That stuff will sit right on my desk where I also work everyday. I already regret that I bought a (really very silent, but still thereĀ“s a fan) Lenovo Ideacentre Mini 5 as my Server and not paid a little bit extra for something fanless. It is not an issue when I use my regular PC for gaming, watching Videos etc, but when I am at work on my Surface (which is dead silent) and concentrating on some difficult tasks, I really appreciate when it is dead quiet here. That barely noticable fan of the Ideacentre is sometimes already too annoying, now that I know what silence is :-)
@newsense
@Seimus
@meyerguru
Thank you to all of you. This is very reassuring and makes it much easier for me to find the right hardware.
I am looking at the new Odroid H4+ by the way, if just the cases were not that ugly ;-) They announced another case for May/June, so I might take a look at that or pick one of the N100 multi-NIC boxes that I see everywhere.
Regarding the ASPM related issues, that was one of the reasons I get so nervous. Looking at the specs and power usage measurements over at Odroid for their H4 (https://www.hardkernel.com/shop/odroid-h4-plus/ (https://www.hardkernel.com/shop/odroid-h4-plus/)) pretty far at the bottom there, I have seen that ASPM on / off makes quite a difference in total power usage. With off they claim it uses twice the power than with ASPM on. Sure, in total that is not that much power since the whole unit is very low on power usage anyway, but why give away money you can save ;-) But I am yet to find out if the ASPM + i226-V issue is a general one or only for certain manufacturers / BIOS / UEFI implementations.
When you 3 say you do not have issues with your i226-V NICs, do you know if ASPM is on or off for you?
Don't remember seeing ASPM on any other devices, first time I heard of it was here on the MS-01 thread.
I have ASPM on the N5105, looks like is set to disabled by default
On the N100, there is no option for ASPM, BIOS is bit a limited, have to update it.
From Power drawn perspective I agree with @meyerguru
"but that does not mean the machine as a whole uses much more power"
Regards,
S.