Small form factor PFSENSE HW that can do greater than 1Gig / SFP+ ?

Started by Lazybones, May 29, 2022, 05:27:05 PM

Previous topic - Next topic

Lazybones

I have started looking int refreshing my network and my aging Edgerouter lite is high on the list.. I want to replace it with something that can support 1.5 Mbit Fibre (need SFP+ port), and support local 2.5/5gig network working.

I also do not want to spend over $1000 canadian on this.

From the look of it the top recommendation is an Ebay HP T620 with a network card added to it however not sure if it will have 1Gig+ routing performance.

There are a number of Supermicro boards / setups that will do it but most are well over $1000 CAD.

I would LIKE something smaller than a minitower IE something in the size range of the T620.

Looks like the hp-t740 might be another option but too expensive.


Melbosa

Your speeds are going to push you into corporate network equipment if you are looking for a black box, or some expensive Pfsense hw as you have already found.

You are probably looking at used or using a computer with the right parts.  I am not sure if you can do it for under $1000 without going used.
Sometimes I Think Before I Type... Sometimes!

Lazybones

Quote from: Melbosa on May 30, 2022, 10:26:43 AMYour speeds are going to push you into corporate network equipment if you are looking for a black box, or some expensive Pfsense hw as you have already found.

You are probably looking at used or using a computer with the right parts.  I am not sure if you can do it for under $1000 without going used.

Well as per my post I was already looking at used hardware was curious if anyone had some interesting solutions.

The Netgate 6100 appears to be the lowest official appliance that fits the requirements at $1149 CAD.

I figure if I am going to spend that much on hardware it should be more flexible IE the used HP T620 or T740 with a used intel card from Ebay. At least then I could change my distro, or even run it under proxmox / EXi or something for more server services for the cost.

This goes back to Tom's discussion on faster home networking.. I am a bit concerned my ERL might die due its age and Telus / ISPs always just push you up in speed when you try to negotiate discounts. So I am kind of topped out HW wise at the moment.

Unifi has GWs but the functionality is so limited I am not that interested and the Edgerouter line has been slow to get updates in HW or SW lately.. TP-Link Omada is looking interesting but their GW/Firewalls have the same limitations as Unifi and they will not have an SFP+ unit till maybe Q4 this year.

Side note I am considering Omada switches and APs as well when I move to 2.5G+ internally at home, they are cheaper and possibly have less firmware issues than Unifi.

Lazybones

IF I was going to spend over $1000 I would probably go with something like the SUPERMIRO super servers.. Physically still small but basically has everything out of the box and is super flexible.

For example SUPERMICRO SYS-E300-9D-4CN8TP


Edit: with part shortages USED / EBAY may be the only option anyway lol.

Lazybones

Hmm looks like if I am willing to drop to a small desktop PC with a 6th gen CPU ($200) and I am able to find a cheap card (found one on facebook market place for $40) I can get under the $600 mark but it will be more chunky and power hungry.

Mr. Analog

You can't beat that price though wow

Sent from my Pixel 2 XL using Tapatalk

By Grabthar's Hammer

Lazybones

Ok more like $300 for the used desktop but even the used computer shop around the corner has piles of them https://forums.rwoc.ca/index.php?topic=12381.msg104203;topicseen#new

Need a 6th gen Intel CPU or newer to have encryption acceleration on the CPU however.

Melbosa

I've had issues with the CPU 6th Gens and PFSense under load in my experience. I would recommend 8th or higher (Intel talking here).
Sometimes I Think Before I Type... Sometimes!

Lazybones

Quote from: Melbosa on May 31, 2022, 10:09:54 AMI've had issues with the CPU 6th Gens and PFSense under load in my experience. I would recommend 8th or higher (Intel talking here).

Hmm that isn't good.


Lazybones


Tom

If you don't mind media adapters I've seen some mini pcs with 2.5Gbit ethernet/RJ45 ports. Small afordable boxes with SFP seem to be few and far between.

eg: https://www.amazon.com/MOGINSOK-Ethernet-Firewall-Appliance-Celeron/dp/B09WYQZMYB

That OpnSense box looks awesome though.
<Zapata Prime> I smell Stanley... And he smells good!!!

Lazybones

Quote from: Tom on August 21, 2022, 07:18:58 AMIf you don't mind media adapters I've seen some mini pcs with 2.5Gbit ethernet/RJ45 ports. Small afordable boxes with SFP seem to be few and far between.

eg: https://www.amazon.com/MOGINSOK-Ethernet-Firewall-Appliance-Celeron/dp/B09WYQZMYB

That OpnSense box looks awesome though.
I specifically want something with SFP+ so I can plug a Telus SFP+ media converter directly into the unit and then do a 10GB trunk into a switch.

I want to reduce the number of devices that make my connection work.

Those 2.5Gig boxes look good and are priced better however.

Tom

The only regret I have with my "new" firewall box is that it is limited to 1Gb. wish I found something with 2.5G. :( ah well.
<Zapata Prime> I smell Stanley... And he smells good!!!

Lazybones

Quote from: Tom on August 24, 2022, 06:29:13 AMThe only regret I have with my "new" firewall box is that it is limited to 1Gb. wish I found something with 2.5G. :( ah well.

1Gbit is super fast.. I am only looking at 2.5Gbit since OTHER gear has shown up (Switches and WiFi 6E) and Telus offers speeds greater than 1Gbit now (probably will only be offered faster speed at the same price next negotiation)

I am in no hurry to upgrade.. I barely use 1Gibt now. I just want to build my setup out part by part with a long future.

Melbosa

Telus is finally putting in Fiber in my area, probably into my house in the next month. My current NetGate PFSense is GB capable, so hoping that I can get the bi-directional 1g/1g. That should be more than enough for now if it works out.

I may be in your boat in the future though if the NetGate fails or if I wish to expand beyond a 1g plan.
Sometimes I Think Before I Type... Sometimes!