OPNsense Forum
English Forums => Hardware and Performance => Topic started by: Antaris on February 06, 2019, 09:06:06 pm
-
From time to time i observe the net for a decent ITX 12V(or wider DC power tolerance) with proper components for a x86 router. I guess i find one in Intel:
https://solutionsdirectory.intel.com/solutions-directory/d3543-s-industrial-series-mini-itx-mainboard (https://solutionsdirectory.intel.com/solutions-directory/d3543-s-industrial-series-mini-itx-mainboard)
and found it also in Fujitsu:
http://www.fujitsu.com/fts/products/computing/peripheral/mainboards/industrial-mainboards/d3543s.html
I am in Bulgaria, and here such boards are hard to find and order. Is anyone seen this board anywhere ot order single piece in Europe?
-
Found it in german site if anyone is interested. Now negotiating shipping and price...
https://www.rutronik24.com/search-result/nojs:1337/qs:D3543-S/reset:0 (https://www.rutronik24.com/search-result/nojs:1337/qs:D3543-S/reset:0)
-
Or Asus P10S-I. A bit more money but you get more onboard LAN ports and more CPU power (and choice). Not quite so niche so not so difficult to purchase either.
-
What about these for that matter, has anyone tested them? I think this is better than Asus as it has IPMI inbuilt without having to buy an extra module and with celeron G4900T it would be cheap and it would perform fairly well, while still having ECC memory:
X11SCL-iF https://www.supermicro.com/products/motherboard/X11/X11SCL-iF.cfm (https://www.supermicro.com/products/motherboard/X11/X11SCL-iF.cfm)
Personally I would buy this one, but I’ve seen no performance reports on that one:
A2SDi-2C-HLN4F https://www.supermicro.com/products/motherboard/atom/A2SDi-2C-HLN4F.cfm (https://www.supermicro.com/products/motherboard/atom/A2SDi-2C-HLN4F.cfm)
And Netgate seems to use these processors:
A2SDi-4C-HLN4F https://www.supermicro.com/products/motherboard/atom/A2SDi-4C-HLN4F.cfm (https://www.supermicro.com/products/motherboard/atom/A2SDi-4C-HLN4F.cfm)
I think it’s possible to power it with a DC adapter only when buying P4 to jack adapter, so it will be very efficient...
-
The Fujitsu boards accepts 8-36V DC via DC barrel jack or via 4 pin socket.
There is other problem: one of the ethernets is Realtek :(
-
What about these for that matter, has anyone tested them? I think this is better than Asus as it has IPMI inbuilt without having to buy an extra module and with celeron G4900T it would be cheap and it would perform fairly well, while still having ECC memory:
X11SCL-iF https://www.supermicro.com/products/motherboard/X11/X11SCL-iF.cfm (https://www.supermicro.com/products/motherboard/X11/X11SCL-iF.cfm)
That SuperMicro board looks awesome.
-
Yeah with i3-8100 it should idle bellow 30 Watts I think, based on this review: https://www.servethehome.com/intel-core-i3-8100-benchmarks-and-review-low-cost-server-processor/3/
I think this is price/performance killer, but I will go for the Celeron G4900T and ECC Ram. As my connection is about 40Mbps only and I use currently very old Xeon CPU E3-1220L V2 with Suricata, OpenVPN client and server, shaping and about 30 clients my CPU usage was never above 15%. So I hope I could manage up to 100mbps openVPN session with celeron.
-
Will drop Fujitsu boars for now. All are with one Relatek LAN.
Found another budget solution:
https://www.supermicro.com/products/motherboard/X11/X11SBA-LN4F.cfm
Any known problems with Braswell CPUs?
-
It’s a really outdated board with non ECC RAM ddr3 ram, for the sake of stability a would rather buy something, with ecc. This costs the same money and should run faster:
https://www.supermicro.com/products/motherboard/atom/A2SDi-2C-HLN4F.cfm (https://www.supermicro.com/products/motherboard/atom/A2SDi-2C-HLN4F.cfm)
C3338 has only 2 cores, but based on benchmarks it’s faster than C2558, which I would expect to be similar as N3710 which have 4 cores.
https://www.servethehome.com/intel-atom-c3338-benchmarks-why-denverton-is-so-sweet/
-
The strange is that in some the charts of the review in STH figures N3700 which is always sits better than C3338.
And N3710 is even faster...
I am a bit confused...
-
You’re right It probably performs marginally better, but lacks ECC...I would exchange stability for couple percent of performance for sure. I had non ECC build with celeron G1610T in the past and I had to hard restart it once a week, with ECC and Xeon the issues stopped...this experience taught me to use server grade HW for firewalls...even Cisco and Netgate uses C series Atoms in their networking products.
-
According to this benchmark, the c2558 and n3710 are similar, but the later is worse...so it depends on workload, but the g4900t should be 30% better:
https://m.cpubenchmark.net/cpu_list.php
For OpenVPN single core performance is more important than multi thread performance. According to their documentation, you can count 20Hz for every Mbps in single direction with AES-NI enabled. So Celeron should give about 145Mbps down, atom N max 125Mbps and C should give about 110Mbps performance maximum. These numbers are very acceptable for me, as anything beyond 100Mbps is beyond my reach, where I live. Even when I had 100Mbps connection it was so fast, that I didn’t really cared when downgrading to 60Mbps in the past.
-
OVPN performace is important, but it's not all when it comes to netmap enabled IPS/Sensei build. For a total of 8GB memory ECC is not viable as in ZFS ARC cache in Proxmox. So for a price/performacne, N3710 is far better for me as a baremetal full-blown OPNsense router. Especially with the prices of LPDDR3/ECC DDR4...
-
Many people think that ECC makes sense for handling critical data within a datastorage only. But they forget that operating systems run on RAM too, so whenever there’s ram error your system might crash and for me that resiliency against crashes is very important. In fact I do use ramdisk in Pfsense and ZFS-mirror for dual USB boot media. Because what I add extra for ram, I save on storage. Backing up the config once a 24 hours isn’t a huge load on that flash sticks.
Almost ideal complete build, just add ram and whatever storage.
https://www.supermicro.com/products/system/Mini-ITX/SYS-E200-9A.cfm
-
Agreed those are nice machines, not cheap though. At least for what they retail for here (Sweden), you can get a SuperMicro board + much more powerful CPU in a non-SuperMicro case for less than this Atom-based barebone.
-
Denverton board will be good with 2+ 10 gigabit interfaces and with CPU with good QAT rate (8 core+). But according to high prices are too early for wide use.
-
I specced up 3 Mini-ITX builds for kicks.
Motherboard: SuperMicro X11SCL-IF (inc 2x Gb LAN ports)
Case: Fractal Design Node 304
CPU: Intel Core i3 8300 with stock cooler
PSU: Seasonic 450W PSU
RAM: 1x Samsung DDR4 2400MHz ECC 16GB
SSD: Intel 600p Series M.2 2280 SSD 128GB
LAN: HP Intel Ethernet I350-T2 2-Port 1Gb NIC
Parts available in Sweden for the sum total equiv of €883
Or
Barebone: SuperMicro E300-9A-4C 5500 (Intel Atom C3558)
(https://www.supermicro.com/products/system/Mini-ITX/SYS-E300-9A-4C.cfm)
RAM: 1x Samsung DDR4 2400MHz ECC 16GB
SSD: Intel 600p Series M.2 2280 SSD 128GB
Available in Sweden for €760
Or
Barebone: SuperMicro E300-9A-8C 7400 (Intel Atom C3758)
(https://www.supermicro.com/products/system/Mini-ITX/SYS-E300-9A-8C.cfm)
RAM: 1x Samsung DDR4 2400MHz ECC 16GB
SSD: Intel 600p Series M.2 2280 SSD 128GB
Available in Sweden for €940
So how do the CPUs compare?
According to https://www.cpubenchmark.net:
Intel Atom C3558 (4 cores): 2538, single thread 876
Intel Atom C3758 (8 cores): ??
Intel Core i3-8300 (4 cores): 8661, single thread 2167
So the custom build seems to deliver more bang for the buck and also flexibility (can stick a Xeon CPU in there in the future if needed/desired) but obviously not as neat a solution as the SuperMicro barebones. Also the SuperMicro boxes probably run very quiet if not completely silent.
-
This also seems like a sensible option for <1000€: https://www.supermicro.com/products/system/1U/5018/SYS-5018D-FN8T.cfm
Including 6xGBit + 2x10GBit SFP+
-
i am happily running my (home install) opnsense off of this board: https://www.gigabyte.com/Motherboard/GA-N3160TN-rev-10#ov
yes, its with realtek nics.
however i can use vlanning and get pretty much my full gigabit speed over the network, so i'm very happy with it.
-
I feel like the barebones are overpriced...
In general I like the i3 idea for high performance firewall builds.
What about using just 8GB ram, 16GB seems to be just too much for most cases. I have 16 GB by my self and I use only 4GB and out of it about 2,5 GB for Ram disk only.
450W PSU and 67W TDP CPU makes no sense it will be so ineffective, tha what you save on HW, you’ll pay for electricity. Let’s asume your build will consume about 50W average, with 80% PSU efficiency, it will be 62Watts. With 60 Watt external brick and SoC your average consumption won’t be higher than 20W. That’s 42Watt difference, now calculate the electricity price for 5 years, that’s 42x 24x 365x 5/ 1000x 0,19 = 349 USD in my country. The question would be, how much extra performance will you get on purpose build SoC if you pay 349USD more :) why just not buy something like this for performance: https://www.supermicro.com/products/motherboard/Xeon/D/X10SDV-4C-TLN2F.cfm this should be about 6900 PassMark points, but much more efficient and and you could use this to power it https://www.logicsupply.com/cbl-pwrpd73/
-
This Tyan serie is funny, no IPMI, so - extra 6W consumption, no redundant ports, nothing unuseful in the package:
TYAN S3227 (S32272NR-C538) made to be firewall: https://www.tyan.com/Motherboards_S3227_S32272NR-C538
Just too little ports imho..and installing it must be hassle for home user...
-
I feel like the barebones are overpriced...
In general I like the i3 idea for high performance firewall builds.
What about using just 8GB ram, 16GB seems to be just too much for most cases. I have 16 GB by my self and I use only 4GB and out of it about 2,5 GB for Ram disk only.
450W PSU and 67W TDP CPU makes no sense it will be so ineffective, tha what you save on HW, you’ll pay for electricity.
Yes completely agree, I did it pretty quickly and just picked the smallest SeaSonic on the list, wasn't even that cheap.. a smaller one and ideally more efficient too would be better of course. Agreed on the RAM also, probably too much overkill. I have 8GB in my current install, tbh 4GB would probably have been fine too.
Having said all that. In the comparison I used the same single 16GB RAM stick for all 3 options, so taking it down to 8GB would shave the same €90 or so off all of 3 alternatives.
why just not buy something like this for performance: https://www.supermicro.com/products/motherboard/Xeon/D/X10SDV-4C-TLN2F.cfm this should be about 6900 PassMark points, but much more efficient and and you could use this to power it https://www.logicsupply.com/cbl-pwrpd73/
That looks sweet! In this local market that m/board is priced approx €45 over the combination X11SCL-IF + i3 8th gen but as you say would run more efficient and maybe more quiet too.
-
why just not buy something like this for performance: https://www.supermicro.com/products/motherboard/Xeon/D/X10SDV-4C-TLN2F.cfm this should be about 6900 PassMark points, but much more efficient and and you could use this to power it https://www.logicsupply.com/cbl-pwrpd73/
That looks sweet! In this local market that m/board is priced approx €45 over the combination X11SCL-IF + i3 8th gen but as you say would run more efficient and maybe more quiet too.
By the way I see SuperMicro recommends this case for it:
https://www.supermicro.com/products/chassis/1u/504/SC504-203B
That actually comes with a 200W Gold level PSU and doesn't seem stupidly expensive so that would probably be the best option..?
That motherboard + abovementioned case + 8GB RAM + SSD would be something like €850 here, with 8GB RAM instead of 16GB. Only 2 LAN ports though. At least in my config I would also need to add a PCI card with additional 2 NICs.
-
i am happily running my (home install) opnsense off of this board: https://www.gigabyte.com/Motherboard/GA-N3160TN-rev-10#ov
yes, its with realtek nics.
however i can use vlanning and get pretty much my full gigabit speed over the network, so i'm very happy with it.
For non-industrial board with celeron and only 2 realtek interfaces, this board is very expensive.
For 50$ more
https://www.supermicro.com/products/motherboard/X11/X11SBA-LN4F.cfm (https://www.supermicro.com/products/motherboard/X11/X11SBA-LN4F.cfm)
is far more bang for the buck.
-
That actually comes with a 200W Gold level PSU and doesn't seem stupidly expensive so that would probably be the best option..?
I’m not sure about it, it’s good for sure even for server build, but that would be overkill for a firewall. I run this xeon d1521 with picoPSU in my NAS/virtualisation lab and I use 90Watt external power supply for notebooks which should have about 87-90% power efficiency, I have it with 2-3 sata drives attached. So for firewall may be only 60Watt supply will do, with 90-120watt you’re 100% sure. The picoPSU isn’t even necessary, you need just the p4 to jack connector as this board is made to accept DC straight away. I got picoPSU left over from some past build, so I’ve used it, because in my country nobody sells P4 to DC jack conectors, so I would have to order it from Germany, which makes no sense for part which costs about 4 EUR...
-
Check this ASUS P11C-I as well, I like the Supermicros better, but if you don’t need integrated IPMI or DC power supply, this might be nice as well: https://www.asus.com/us/Commercial-Servers-Workstations/P11C-I/
-
Check this ASUS P11C-I as well, I like the Supermicros better, but if you don’t need integrated IPMI or DC power supply, this might be nice as well: https://www.asus.com/us/Commercial-Servers-Workstations/P11C-I/
Nice. Yes, looks equivalent to https://www.supermicro.com/products/motherboard/X11/X11SCL-IF.cfm but without IPMI as you say. It probably varies but where I am they are basically the same price, so for an i3 or Xeon D-2100 build I would probably still go SuperMicro.
-
Sorry, I mean E-2100 of course
-
Exactly. But sometimes not having an IPMI is a good thing, because if your firewall goes down and you don’t have isolated management LAN (which I don’t at home)...than you won’t be probably able to access it anyway and it will eat you about 6Watt the whole time, just because it’s another ARM computer. So not having it will save you about 50 USD over 5 years (which I expect from a router)...not that I care too much, but this is actualy, why I like the Tyans...but I have no idea how to install them enter bios etc. as they have no hdmi/vga neither...may be some how over serial, but I’ve never done that...when taken into consideration all that the SG-1100 doesn’t seem as a bad deal after all...as it consumes as an IPMI and has about 100Mbps OpenVPN throughput...for home use you hardly need more as it enables you 2x live 4k streams and couple of users doing whatever...I’m afraid Suricata would kill it, but what about blocking any incoming traffic instead? :)
-
Hi, I guess we're talking about a router used in the home domain. Depending on your needs anything would do. Here a supermicro d-410 with a HP-364T quad gigabit adapter, such you can probably buy on your well known marketplace for a few dollar. It runs IDS, a proxy for 'shitware', a VPN, not so fast, there's no AES-ni, etc.. Though for the common home hobbyist this could be more than enough to run a dozen servers and the same amount of clients without a glitch, okay, maybe if all clients run a heavy duty webapp and very high quality movie I could expect trouble... but when does that happen on the home front. You're probably fine with older or cheap hardware. really :) To give another example, I sometimes need an AP on my box, cheap 5dollar(new) usb mini wifi AP's do the job very well with the AP software from OPNsense, it has no problem providing at least three clients with high quality audio from the MPD server tunneled through SSH, until now it never failed me or breaks.
Then there is said in this thread you should consider using ecc because you may need to reboot because of problems.. and the root cause would be non-ecc! really?, cmon don't make me laugh, boxes here run for ever without ecc, I run a debian server on an Upboard first edition which easily achieves an uptime of 150 days++(mostly rebooted due to kernel upgrades, the supermicro board(OPNsense) also has no trouble with this), ecc would maybe (very maybe) have an effect on self healing file-systems like ZFS though, if one bit more is destroyed in a million it's still not repairable. Oh and than IPMI, for your home server, why? do you run some datacenter at home? agreed nice toys which you use a few times, but you need it?, I think you don't, my 50 cents.
Greetings, mark
-
I need IPMI, my home IS a datacenter. Why wouldn't I just use my providers firewall if it wasn't? :-)
-
Of course you need that, but are you the OP? ;D
-
Hi, I guess we're talking about a router used in the home domain. Depending on your needs anything would do. Here a supermicro d-410 with a HP-364T quad gigabit adapter, such you can probably buy on your well known marketplace for a few dollar. It runs IDS, a proxy for 'shitware', a VPN, not so fast, there's no AES-ni, etc.. Though for the common home hobbyist this could be more than enough to run a dozen servers and the same amount of clients without a glitch
Fair enough and each to their own and their needs of course. How fast is your WAN?
Then there is said in this thread you should consider using ecc because you may need to reboot because of problems.. and the root cause would be non-ecc! really?, cmon don't make me laugh, boxes here run for ever without ecc, I run a debian server on an Upboard first edition which easily achieves an uptime of 150 days++(mostly rebooted due to kernel upgrades, the supermicro board(OPNsense) also has no trouble with this), ecc would maybe (very maybe) have an effect on self healing file-systems like ZFS though, if one bit more is destroyed in a million it's still not repairable.
ECC has much lower failure rate than non-ECC RAM. And non-ECC RAM is more likely to cause system instability by memory errors. That doesn't mean all non-ECC systems are inherently unstable, and most of the world's computers still run non-ECC RAM. While a large proportion of the world's enterprise servers run ECC, as do many professional workstations aimed at CAD, audio/video production, medical imaging, etc. At the end of the day, all about risk assessment and choice. Personally I run ECC on my NAS but currently non-ECC on my OPNSense router (which is still very stable) - but next build will probably be ECC.
Oh and than IPMI, for your home server, why? do you run some datacenter at home? agreed nice toys which you use a few times, but you need it?, I think you don't, my 50 cents.
I find it extremely practical. Saves having to carry the server to somewhere you can plug it into a screen and keyboard, or vice versa. Even BIOS updates and config changes can be done remotely over the network. Again YMMV depending on your layout / setup at home.
-
Hey @rungekutta, thanks for the answer;)
My internet is not fast 30/4, but enough for here..
I know ECC has better specs, but why would a home user/hobbyist need that unless the filesystem used is in par with that, F.I. a NAS with ZFS.
Also I know this is evolution, but why spend my dollar(yet) if the need is not that high!
IPMI, nice I know it's useful in some cases and I see your pros., but than again, for a home hobbyist?
The only reason I reacted was that for most home users a second hand server board ECC or not, is mostly sufficient.
Buy a refurbished cheap quad gigabit card, probably from a datacenter, you'll mostly be more than fine.
Don't think your network will only run good with 'the latest and greatest' I myself find it challenging to use small hardware(low specs)
I'm a hobbyist in heart and soul;)
-
Regarding IPMI, I manage everything through an Ipad at home if possible, if iOS doesn’t work with IPMI, I use VNC to a VM through wich I use the IPMI. I have no big monitor at home I use now. Yeah it saves my time running through home finding a monitor, puting everything out of rack and playing with cables and HW....I used to use small 7 inch monitor for devices without IPMI and keyoboard...yeah that sucked..
Regarding ECC, why not to pay for that the difference, on the whole system how much extra is it exactly 10%? It almost guarantees stability, while non ecc could do until it doesn’t..same with RAID, why to use that..basically you want to mitigate the risk of reconfiguring your router because of data loss due to hw failure...as I have written I use ZFS on dual USB pendrives and RAM disk with PFSense, it’s cheaper than using single SSD...what some pay for electricity using desktop grade HW, I’d rather pay on stability using server grade HW where it makes sense...Which might be different for everyone...if I was ok with home grade, I’d use AsusWRT and not an actual firewall...
-
Hey @rungekutta, thanks for the answer;)
My internet is not fast 30/4, but enough for here..
[...]
Buy a refurbished cheap quad gigabit card, probably from a datacenter, you'll mostly be more than fine.
Don't think your network will only run good with 'the latest and greatest' I myself find it challenging to use small hardware(low specs)
I'm a hobbyist in heart and soul;)
We both run OPNSense at home so are clearly both tinkerers ;-) but coming at this from different perspectives. You enjoy repurposing and pushing low spec hardware to the limit - all respect to that. I'm more from the perspective of building solutions that just run and run, and I like headroom... also, my WAN connection is 33x faster than yours, those speed are not uncommon here where I live (and the teenagers at home expect them ;-)). So if your CPU can just about manage your connection, by extrapolation I'd need 33x more performance if the router is not going to be the bottleneck... In real terms it's probably more like 10x according to passmark and that currently allows me 80% of my WAN capacity with IDS switched on which is good enough... right now ;-)
As for ECC... it doesn't add much to the overall cost these days if you choose components carefully so I'd definitely get it if I did a new build tomorrow. YMMV.
-
@rungekutta, I respect everyone's choice ;)
If I had a similar speed you do and would get the most out of it I would buy a Xeon with NVME etc.
So for sure it depends on your WAN speed and what you do with the network.
However, I do think it's a good idea to investigate and check out what you really need, could safe a lot of $$
I'm still not convinced using ECC for the firewall, I read a lot about it in the past, you didn't erase that :-\
Of course everyone here on OPNsense that need a new router should visit the appliance shop and think about buying one of their products.. Just thinking about that, I'm curious(I will check later) if their product use ECC..
Greetings, mark
-
Of course everyone here on OPNsense that need a new router should visit the appliance shop and think about buying one of their products.. Just thinking about that, I'm curious(I will check later) if their product use ECC..
Greetings, mark
Exactly!
-
Their appliances seem to use similar embedded AMD processors like APU2 by https://pcengines.ch/apu2.htm very dated I have no idea why would anyone use that expecially for the price of Deciso...I’d buy rather something more enterprise and contribute back to the project via donation unless you need their support, where I could understand why to pay extra...Yeah AMD seems to use ECC but depends on MB vendor implementation: https://www.amd.com/Documents/amd-embedded-guide.pdf
-
Their appliances seem to use similar embedded AMD processors like APU2 by https://pcengines.ch/apu2.htm very dated I have no idea why would anyone use that expecially for the price of Deciso...I’d buy rather something more enterprise and contribute back to the project via donation unless you need their support, where I could understand why to pay extra...
Agreed, unfortunately. Maybe the lower end models offer a reasonable package, although very modest performance with embedded low-end AMDs as you say. But moving up the value chain with their embedded A10 quad core models, you’re approaching SuperMicro Xeon server territory in terms of pricing, with higher performance in orders of magnitude and better expandability etc.
-
What abou AMD EPYC 3000: https://www.supermicro.com/Aplus/motherboard/Embedded/EPYC3000/
Are there drivers for that?
-
What abou AMD EPYC 3000: https://www.supermicro.com/Aplus/motherboard/Embedded/EPYC3000/
Are there drivers for that?
This boards will be very good with additional 2 to 4 SFP+ interfaces.
-
What abou AMD EPYC 3000: https://www.supermicro.com/Aplus/motherboard/Embedded/EPYC3000/
Are there drivers for that?
This boards will be very good with additional 2 to 4 SFP+ interfaces.
Ecept that it says 10GBase-T on the cover page and 8xSATA 3 but there are only boards with Quad GBit and 4xSATA3
-
What abou AMD EPYC 3000: https://www.supermicro.com/Aplus/motherboard/Embedded/EPYC3000/
Are there drivers for that?
This boards will be very good with additional 2 to 4 SFP+ interfaces.
Ecept that it says 10GBase-T on the cover page and 8xSATA 3 but there are only boards with Quad GBit and 4xSATA3
That's what i mean. I can't see the on the board...
-
Bleeding edge... not sure you can even buy them yet? Looks promising though.
-
They’ve started selling them in Sweden now. Bit cheaper than the equiv Xeon D-1500 and certainly D-2100 but no 10Gbit ethernet on the other hand. For 10Gbit the Xeons still look pretty good, also considering that architecture would likely be the best supported from software/driver perspective.
-
Cool I wish I had a project where I could justify the spending for it :)
-
Looking at it rationally, I guess for only a firewall and <=1Gbit, anything but the smallest Epyc 3101 is probably way overkill even including IDS. So if the need is there for a larger model, 10Gbit is probably in the mix too somewhere.
Bit different if the server is multi purpose, e.g. running ESXi and OPNsense only being one of several applications. Then the Epyc 3251 looks pretty bad-ass and great bang for the buck.
-
What about these for that matter, has anyone tested them? I think this is better than Asus as it has IPMI inbuilt without having to buy an extra module and with celeron G4900T it would be cheap and it would perform fairly well, while still having ECC memory:
X11SCL-iF https://www.supermicro.com/products/motherboard/X11/X11SCL-iF.cfm (https://www.supermicro.com/products/motherboard/X11/X11SCL-iF.cfm)
Personally I would buy this one, but I’ve seen no performance reports on that one:
I am going to get the X11SCL and the Xeon E-2126G. Anyone here with experience of this board? What do they use for a cooling solution? Thinking of using ID Cooling IS-30 (http://www.idcooling.com/Product/detail/id/156/name/IS-30) however it looks to be a tight fit ...
Oh and after various QXXX chipsets and Intel vPro, I find that I absolutely need IPMI - my equipment rack is in the basement and I don't want to go down there every time I have to hard reset something.
-
Supermicro recommends this one: https://store.supermicro.com/1u-active-proprietary-cpu-cooler-snk-p0049a4.html
... but I guess that’s if you use their chassis too. What chassis are you planning for it?
-
I was thinking of getting this one: https://www.newegg.com/Product/Product.aspx?Item=N82E16811165402.
The Supermicro one is quite expensive https://www.newegg.com/Product/Product.aspx?Item=2KH-0001-00031 bt comes with the power supply
-
Yes, Supermicro a bit more expensive but probably not by a huge margin when you account for power supply? Then you know the CPU fan will fit too. I would have gone that option... Still a relatively low cost compared to m/board with CPU and RAM.
What are you planning to run on it out of interest? Opnsense alone, or VMs / other stuff?
-
Yes, Supermicro a bit more expensive but probably not by a huge margin when you account for power supply? Then you know the CPU fan will fit too. I would have gone that option... Still a relatively low cost compared to m/board with CPU and RAM.
What are you planning to run on it out of interest? Opnsense alone, or VMs / other stuff?
I got a super micro chassis for $30 off eBay - https://www.supermicro.com/products/chassis/1U/512/SC512-260B, comes with a loud non efficiency rated 260W PSU. Will try to get the X11SCL motherboard and use an i3 or i5-8400. I’ll be running opnsense alone but I have gigabit internet and I wanted to run IPS/IDS on it as well as VPN. The other thing is I’ll be using opnsense to bypass my ATT RG using netgraph. Have you had to use opnsense with gigabit throughput on IPS/IDS?
-
Will try to get the X11SCL motherboard and use an i3 or i5-8400. I’ll be running opnsense alone but I have gigabit internet and I wanted to run IPS/IDS on it as well as VPN. The other thing is I’ll be using opnsense to bypass my ATT RG using netgraph. Have you had to use opnsense with gigabit throughput on IPS/IDS?
Nice. Yes I'm running gigabit internet with IPS/IDS on an i5-5250U cpu in a passively cooled Qotom box. I get close enough to full gigabit throughput that I'm happy. Haven't stressed openvpn speeds so not sure how it would perform then. An i5 8400 on the other hand should be almost twice as fast.
-
For i5 I would buy something non server grade as you can’t use ECC rams anyways, or I would buy rather a similar Xeon...and by that time it’s better to invest in Xeon D as it get expensive and power hungry...
-
For everyone who prefer non server grade hw, look what I’ve come across, UP Squared, it’s smaller than ITX: https://up-shop.org/home/270-up-squared.html#/100-up_squared_board-atom_quad_core_4gb_memory_32gb_emmc
Looks better than APUs...
-
For everyone who prefer non server grade hw, look what I’ve come across, UP Squared, it’s smaller than ITX: https://up-shop.org/home/270-up-squared.html#/100-up_squared_board-atom_quad_core_4gb_memory_32gb_emmc
Looks better than APUs...
Yep, but it costs like a Supermicro with ECC support, 4 INTEL GIGS and IPMI...
-
That’s right, but don’t forget, that it already has 4GB RAM and 32GB eMMC card in it for that price....so for 232 USD you have complete build with power supply and case with atom x5-e3940 and dual ethernet. It doesn’t look that bad, I think it could do Suricata as well. I only expect OpenVPN to be just about 100ish Mbps...which is still fine for many I guess...
-
One more find, the Up Core Plus and UP Net Plus Expansion Card: https://up-shop.org/945-thickbox_default/up-core-plus.jpg
I love this form factor, full specs here:
https://up-board.org/wp-content/uploads/datasheets/Data-sheet-UP-Core-Plus.pdf
-
People who prefer non server grade hw, want it at proper price too. If it made way cheaper, why not be with way cheaper selling price??
-
Man the worst build I can build bellow on commodity HW with dual ethernet costs 300 USD, I don’t get, how UP is worse given the form factor, Intel NICs and power consumption....
Celeron g4900
Gigabyte b360n wifi motherboard
Kingston ddr4 2400mhz 4GB
Eurocase 300W SFX PSU
SilverStone SFF SG13-Q Sugo
WD Green 3D NAND SSD 120GB M.2
-
Odroid H2 Might be a nice cheap sub itx platform for home use for those willing to risk Realtek NIC: https://www.hardkernel.com/shop/odroid-h2/
-
Still waiting for parts for my Supermicro build
X11SCL-IF
Xeon E-2126G
2 x 8GB Kingston DDR4 2667 ECC UDIMM
120GB M.2 SATA
Supermicro 350W PSU
Supermicro CSE-512L-260B Chassis
Intel 350-T4 V2
I got the motherboard and sadly, I had imagined using a SNK-P0046P heatsink and a passive blower - looks like this will not be possible as there's the DIMM slot and a small heatsink that interferes with this
Why Supermicro ? ? ? Oh Why ??!?!?! >:( :(
-
One of the reason I like Xeon D better, you just don’t care about the heatsinks as they are integrated as well :) ...Supermicro has suggested heatsinks for each product for this it’s: SNK-P0049A4 and SNK-P0046A4 and they use this passive one in their ready made builds SNK-P0049P...sometimes it’s better to get inspired by the manufacturer...
-
I contacted SuperMicro for using passive heatsinks on the X11SCL-IF and they suggested I use the SNK-P0049P and not the SNK-P0046P, allegedly as it wasn't compatible. Long story short, I ordered the '49P heatsink and guess what I found?
(https://i.ibb.co/S0pbynr/thumb-9a3.jpg) (https://ibb.co/HYQ64zd)]
They are identical in size!
HOWEVER - the newer heatsink is a LOT heavier (400 gms v/s 250 gms for the older one) and the fins are closer together, probably means one needs more static pressure from the fans. The newer heatsink is also better finished than the older one
(https://i.ibb.co/9cRZWWv/thumb-9a1.jpg) (https://ibb.co/mbQN44B)
I removed the paste that came with the heatsink and used Thermal Grizzly Kryonaut. Right now I have a CSE-512 case with a 92mm blower and the CPU is sitting at 30c with OPNSense doing nothing. Not a bad result I guess, will stress test the system and see how it goes.
(https://i.ibb.co/1qfHgDq/sensor.jpg) (https://ibb.co/r6GnjC6)
-
Nice one! And yes it would be interesting to hear your experience of this setup under load, this is a TDP 80W CPU right? But with superb performance to boot, the equiv Xeon D costs $$$$
-
Nice one! And yes it would be interesting to hear your experience of this setup under load, this is a TDP 80W CPU right? But with superb performance to boot, the equiv Xeon D costs $$$$
Yes the build is as follows:
Mobo: X11SCL-iF
CPU: Xeon 2126G
RAM: 2 x Kingston 8GB ECC DDR4
SSD: ADATA 128GB M.2
Case: CSE-512L-260B
Cooler: SNK-P0049P
I purchased the case used from eBay for $30. Thanks to rebates and hunting for deals, the whole setup cost me around $700. A Xeon-D 1521 motherboard is $470-$500 so the cost of the E-2126G and the X11 motherboard is pretty much the same. I could have saved a bit by going with an i3-8100 and/or using normal RAM but decided not to. Also before blindly following Supermicro's advice or going by their website, I would have saved $50 on the new heatsink - had I noticed that the older SNK-P0046P has the same exact dimensions :D
The reason for choosing the E-2126G over anything else was that I was given to understand hyperthreading hurts performance where network I/O is concerned c.f https://bsdrp.net/documentation/technical_docs/performance#disabling_hyper_threading.
The 2126G is the same CPU as the E-2136 without the hyperthreading. If you look at the benchmarks at servethehome - the Xeon E series are much faster than their Xeon-D counterparts (since they have 80W TDP and are based on Coffee Lake)
(https://i.ibb.co/YLvnZrX/thumb-9a9.jpg) (https://ibb.co/hmpQfqc)
I used some foam pieces to (temporarily) create an airway for the blower. It seems to be working fine. And it is a LOT quieter than the 3 40x28mm Delta fans I had in there earlier.
-
All seems good, temps average 30c. Speeds without IPS/IDS turned on are good
(https://i.ibb.co/DDHjZCw/load.png) (https://ibb.co/99kd7Ty)
(https://i.ibb.co/bBRQMjL/sensors.png) (https://ibb.co/854NLn2)
HOWEVER - turning IPS on even with all the tunables, results in bad performance. I get 870/890 without IPS/IDs and with it, I get 460/2 - so need to check what's going on.
-
Odroid H2 Might be a nice cheap sub itx platform for home use for those willing to risk Realtek NIC: https://www.hardkernel.com/shop/odroid-h2/
Realtek NICs aren't a risk anymore, since the use of new Realtek drivers a couple of years ago.
I have a Odroid H2 running for more than half a year now and had no issues at all.