Buy from AliExpress (Affiliate): geni.us/3pUQBn5

@rajilsaraswat9763

Жыл бұрын

pfblocker blocked the url for me, can you give a direct link?

@JosephHarry

Жыл бұрын

@@rajilsaraswat9763 I second this one. Direct link please

@marcogenovesi8570

11 ай бұрын

@@rajilsaraswat9763 there is nothing wrong with the link, it's just an affiliate link to aliexpress

@ui4lh

11 ай бұрын

@@marcogenovesi8570 Pfblockerng blocks the redirect and we only get the 1x1 tracking pixel

@csparty11

11 ай бұрын

@@marcogenovesi8570 doesn't work with pihole either.

So glad to have clicked on this video. I run OpenWRT on similar and wasn't pleased with the CPU's in the "newer" generations of these boxes that I was looking at to upgrade my 1Gbe ports to 2.5Gbe or 10Gbe. This and the Atom C3558 and/or C3758 SoC's sound awesome and perfect for my next upgrade! Thanks for the detailed explanation of SoC w/integrated ports vs. adding the adapters to an older model CPU. Awesome walkthrough, especially dealing with the serial console.

I agree that the replacement fans somehow sound "better" and give the impression of a higher-end bit of networking gear. The fans it came with sound like fans. The replacement fans sound like they belong in an impressive computer set-up in a movie. The control room in Jurassic Park comes to mind, or some gleaming, glass-walled server room in a skyscraper belonging to a slightly malevolent megacorporation.

my Synology DS415+ died as a result of the atom bug. Managed fix it and use it as a backup by installing a 100ohm resistor. Intel should have been made to reimburse people for the hassle THEIR issue caused.

@Geoffbell01

Жыл бұрын

I thought you use unifi ??

@hongtanke

Жыл бұрын

They replaced mine and revoked my warranty. I had time left on mine, they RMA'd it, it's the same hardware, but without the warranty. Basically a ticking timebomb.

@MrPontus

Жыл бұрын

I bought a defective already 100 Ohm modded (probably done by Synology on warranty), the degrading continues, and then a 100 Ohm resistor isn't enough. I managed to start it sometimes, I don't remember which resistor I ended up using, the unit was a nightmare, every time I fixed it and it booted every time then I moved it to position to where I wanted it and it refused to boot. also if the clock battery is dead it refused to boot

@spookmeoz

Жыл бұрын

I've picked up 3 "dead" Synologies with this big that were being thrown out. So far, the resistor is holding up...

@nds6767

Жыл бұрын

Had the same issue. Caught it in the LAST day of my NAS system. Symbology covered me and sent a unit that was repaired.

This was incredibly valuable information. I have a similar device I wish to install pfSense. I also appreciate the "Framework in the wild" assisting you in the installation process! Thanks again!

Definitely subscribed. It's amazing the detail you packed into under an hour!

Looks like a fantastic piece of hardware. Thanks for sharing!

Cool and in (very) depth review.. Love it.. Keep em comming 🙂

I wasn't expecting the A. Megatrends BIOS screen. Cool device.

Brilliant in depth video, Really helped me make the decision to upgrade from my pc old router

"Cheap"... Not in the EU in my opinion. For 450€ plus Customs and shipping I could build a much more powerful server with 8 cores/threads and throw pfsense in a VM on 4 dedicated cores plus a dual sfp+ and a Quad Gigabit card. 🤔 alongside with other stuff in parallel.

very well made vid, actually sat through it! SUBBED

That board is really interesting. It even has a PCIe Port and a lot of connectivity. There also is a slightly different model with HDMI and VGA connectivity. But I think you can add a cheap mPCIe to VGA card (A server GPU on a really small board) to it. The VGA port can be screwed on to the back where there are cutouts for a VGA port.

You are very professional, thanks for your introduction, i get a lot from it~

I haven't seen a serial BIOS in a long time. Very useful for machines shoved in closets or ceilings.

really good vid - good amount of detail

If all computers and other systems were SFP enabled then you could use fiber optic connections plus the appropriate SFP modules throughout your network.

@camerongray1515

Жыл бұрын

I could although that is only really suitable for connections within a rack - most of my network cabling runs through the walls where CAT6 is much more practical. Most of the devices connected are also only ever going to support a copper connection (TVs, ames consoles, printers.etc) so there would be limited places where I could actually deploy fibre. Thankfully the CAT6 runs I have are all well under 55m long so can easily run 10 Gigabit connections so fibre isn't required.

Did you ever try using an NVMe drive in the m.2 slot? I don't see why they would make it SATA only on such a new board and I'm really curious if it is able to run NVme.

Excellent video from the server and I read a lot of negative comments compared to mikrotik advantages of the BKHD Intel Atom C3558 you can install Bind dns squid cache vanish among others to improve the performance of your local network without having to install another external server.

I'm a fan of the ex Sophos XG/SG appliances that you can pick up from time to time cheap. Then run XG Home / pfsense / untangle on them etc. Any reason pfsense over opnsense?

Isnt the fan on the older rig the same layout as older gt1030 gpu fans?

Cameron, do you know if that little SSD caddy could handle 2x 3.5" mechanical HDDs? I could see using something like this as a firewall/router AND as a mini-NAS. Since i have some high capacity HDDs but i don't have more NAS slots.

I spotted when I worked somewhere on enterprise support after the move to USB that we still needed serial devices for some command and control systems and switch/router config. They had a habit of powering down through being subject to power management. It was hard to find the right ones that either didn't have their own power management or it was configurable so we could turn it off.

Seavo motherboard - they contract manufacture for MANY OEMs - generally really good quality. I am sure there will be documentation somewhere detailing the connectors

The RF insertion loss and isolation of the relays likely isn’t good enough to support 2.5Gbps.

@friedrich1277

11 ай бұрын

Would be nice if at least the first two RJ45 ports then support 2.5 Gbase-T

Excellent 🎉

I wonder if you could make a NAS out of this. Use the pci-e slot on the side for an nvme raid card...?

Thats fantastic that you got such a new CPU. The older C2000 Atom chips had serious failure issues - something about silicon breakdown after enough running hours. It plagued a pile of standalone NAS units (like various QNAP models). It seems like they got the issue sorted out for the C3000 series though! :)

I just got a surplus Dell Optiplex SFF desktop, swapped out the Core i5 with a Xeon & upgraded the ram to 16GB, put an SSD in it, used the onboard 1Gbps nic & added a PCIe 1Gbps nic. Running Pfsense. I think the total cost was $300 USD.

@mipmipmipmipmip

Жыл бұрын

At current electricity prices though...

@NetrunnerAT

Жыл бұрын

Raspberry Pi CM4 with Router Board. Two 1gb NIC's on pci-e Bus. 2-4 Watt.

Do you know of similar devices that can achieve 10Gbps NAT throughput?

$220 shipping. It better come in proper wooden crate. I was looking at their motherboards a few days ago and I remember that 4x2.5G + 6 SATA board with N5105. That looked like a good deal but in the end I went with a 8x2.5G+10G switch for $120 and kept my old atom with a network card.

@camerongray1515

Жыл бұрын

Strange, my shipping was only around £35 and looking at the US it seems to be around $32 - suspect it might be something to do with shipping to certain locations unfortunately.

@BenCos2018

11 ай бұрын

@@camerongray1515 195 euro shipping for me, Ireland

Hell fire, no way has it been 6 years! Pretty nice machine great to see a Mean Well PSU on it.

@camerongray1515

Жыл бұрын

It was strange when I realised how long it had been since I bough that last machine!

@Nevexo287

Жыл бұрын

@@camerongray1515 I'm fairly sure it was that video that you mentioned VyOS, and I use it daily at work because of that!

And... subscribed !

It's quite good to see a meanwell power supply in one of these things. I have a few of these devices and the one thing I really hate is that Proxmox doesn't support console terminal for instalation. So I end up having to install Debian first then Proxmox.

@Darkk6969

Жыл бұрын

ProxMox 8 now supports text based install.

@foureight84

Жыл бұрын

@@Darkk6969 Text based but not over serial console. They said they couldn't fit it into the release schedule. That's coming in a future release.

@unicodefox

8 ай бұрын

To be fair, I've always installed Debian first then Proxmox, Proxmox' official installer gives you a weird partition layout that cause ugly issues in the future.

I like the fact that you can run a pair of SSDs and Mirror them in setup.

@frankfix247

6 ай бұрын

One should really do that if using ZFS.

Thank God for subtitles

I don't know why but I just found that boot and then BIOS over serial really cool! 😂🤓 BTW not sure if you're planning any upgrades but a mobile M.2 module and SIM would be cool to see.

@camerongray1515

Жыл бұрын

I was definitely pretty surprised, last time I used a machine that required a serial console was some old SunFire SPARC servers so this was my first time using an x86 machine without a video output. I almost wish it was more common - so much easier to just hook up a laptop rather than needing to dig out a monitor and keyboard!

I believe you were running a Unifi Dream Machine previously. Is it your intention for this unit to replace that?

@camerongray1515

Жыл бұрын

Eventually yes, don't get me wrong - I love UniFi kit and will still heavily recommend it, but for my home setup, I just fancy something a bit more configurable and flexible. I've had a long enough time with a fully UniFi setup to evaluate it and UniFi will still be my go-to recommendation for where someone who's not a networking expert wants a decent, easy to manage deployment. So stand by for a few more videos coming up on this topic over the next few months!

i now use xiaomi router 10000 router with mesh system, i got 2 of this and 1 xiaomi 3000 on my network, with voda ONT 916 what different if i use FPsense or my xiaomi.

There is a common plastic sheet material that can be formed to cover open frame PSUs and IEC connectors to protect you from exactly this sort of error.

@NaoPb

Жыл бұрын

Are you talking about electrical tape or is there something that I do not know about yet?

@MrRacerhacker

Жыл бұрын

@@NaoPb Mylar sheets works well, unsure if totally right, know another brand but dont recall the name

@ernestgalvan9037

7 ай бұрын

Kapton tape

@frankfix247

6 ай бұрын

All those kinds of Meanwell PSU's I've bought up through the years all came with a transparent plastic protective cover...

I just got mine, running on 1gig ports for now until I upgrade my switches too. In mine all the screws were tight and it came with PFSense 2.7 already installed. Still reinstalled it myself, but nice to have something working out of the box to make sure it survived the trip. Very happy with it. Is the Intel processor inside picky about only using Intel sfp+ modules?

@camerongray1515

11 ай бұрын

I haven't tested loads of SFP modules but I don't think the DAC cables I'm using are Intel coded, if anything they'd be Cisco coded. If you're buying new modules then may as well get Intel ones (as in, generic modules that are coded for Intel, no point spending a fortune on official Intel ones) but if you already have some non-Intel ones, I can't see them being an issue.

@joee7452

11 ай бұрын

Intel, Dell, HPE are usually very open for SFP use. Cisco, Juniper, Arista, Mellanox tend to be more strict in wanting their own supported SFPs and require you to turn the SFP verification off if you want to run "unsupported" SFPs. If you are really worried you can look at companies like FS. There are a bunch that offer compatible SFPs that are coded to vendors and are usually much cheaper then official parts.

@b87b84

3 ай бұрын

Guys plesse not tight the screws are were leaved like that for a reason. 😂

The port bridging works with a bunch of relays on the motherboard. It is controlled by the BIOS, but the OEM might not expose it.

Do the relays just switch to bypass mode when power is removed?

@camerongray1515

Жыл бұрын

They switch when the power is cut or when the machine is shut down. Usually with this sort of hardware there would also be some sort of configurable watchdog timer where the relays would also switch to bypass mode if the software were to crash, however I haven't been able to figure this out due to the lack of documentation.

Quick question is an isp router good enough with it's inbuilt firewall and save your money for else where or should you throw it away and get like pf sense etc im not hugely experienced but as its the first step in your network i think it shoulf be taken seriously is there a great jumpn in security or other advantages ?

@camerongray1515

4 ай бұрын

Realistically, if you don't really care about networking or advanced features, the ISP's router will be absolutely fine. Now, if you want to start tinkering with more complex features such as VPNs and separating out devices onto isolated VLANs then you'd probably need something more but if all you care about is having a working internet connection, then the ISP's router will be fine. You may of course want to expand this by adding a switch and hardwiring devices where possible or adding some additional access points for better wireless coverage and eventually in the future you may decide you want to tinker and learn and try something more advanced for a router, but as much as people on KZread bang on about super powerful routers, it's not something you necessarily *NEED*. It's also worth bearing in mind that if you have an issue with your internet connection and need to contact your ISP's support - if you're using your own router, they'll likely try and blame that first so it's always worth keeping your ISP's router around so that you can plug it in when you are troubleshooting any issues with ISP support.

@The-Hydroponic-Garden

4 ай бұрын

@@camerongray1515 good points just out of interest what qualifications do you have if you don't mind sharing ?

What were your "sysctl -a" settings during the throughput testing?

@camerongray1515

Жыл бұрын

All settings were left as the PFSense defaults, I could have probably performed some further tuning but I wanted to show the "out of the box" performance with a clean install.

will this handle 10gb bandwidth on a home connection? what if you enabled aes-ni functionality?

@camerongray1515

10 ай бұрын

From my testing it maxed out at around 6.5gbps with the firewall enabled. This is also with several parallel streams, a single stream will max out at around 2.5gbps. AES-NI isn't going to make a difference here as it only accelerates encryption performance which will benefit things like VPNs, but not general routing/firewalling.

If you weren't awake, you were after you plugged that in.

"serial can't send color-information" That's really easy. Putty uses a Terminal-Emulation that understands ANSI-Sequences starting with the Escape-Character 27. There are more chanters added to a sequence to realize not only colors. These technique is used in nearly any Linux Distribution when showing terminal emulation.

31:09 What is this little transparent thing on the right side of the laptop?

@NearCry91

11 ай бұрын

Network adapter. It's a Framework laptop.

Great in-depth video, and interesting product! Can Proxmox be run (and well) on that board?

@camerongray1515

Жыл бұрын

I haven't tested it although I can't see any reason why it wouldn't be possible. HOWEVER, someone else commented pointing out that Proxmox VE doesn't natively support installation over a serial console, so you'd either need to connect some sort of GPU temporarily to do the install, or install Debian first over a serial console and then install Proxmox VE inside of that.

@jeremyjedynak

Жыл бұрын

@@camerongray1515 If you haven't already put this router into production, I think you would get a lot of views on a video about installing Proxmox onto it with a pfsense VM while being able to run other VMs, as well.

@camerongray1515

Жыл бұрын

It's an interesting idea however I personally prefer to keep a device like this running the OS bare metal then run VMs on another server. If I was happy to virtualise my router I'd have probably just stuck it on my existing server which acts as VM host along with being a NAS.

@jeremyjedynak

Жыл бұрын

@@camerongray1515 It could be done on either of your systems given the network connectivity available but I think this device would make a unique video as the switch complex is built into the motherboard.

I have no preference, but is there a reason you use pfSense over OPNsense? People seem to have strong opinions about which is better. I don't use and have not used either, so I have no skin in the game as it were, I'm just curious.

@camerongray1515

Жыл бұрын

I went with PFSense for this video since I was already experienced with it and it's generally pretty well known amongst people who would be watching this video. I last used OPNSense around 5 years ago so I'd really need to evaluate it properly before I can decide whether to use it over PFSense. It'll be a while before I actually deploy this machine so I'm open to evaluating all manner of different OSs before deciding which to deploy on it long term.

@knackrack615

Жыл бұрын

@@camerongray1515 As someone who has used both for many years, I can say OPNSense is much more stable in the long run with updates not breaking things and has a more active community when it comes to plugins (for example Zenarmor).

@klassebip2934

Жыл бұрын

​@@camerongray1515in my opinion OPNsense is more stable. Releasing more improvement updates then Pfsense. Of course both are based on freeBSD. But still.

If you want ti compare airflow you can use paper to see how much it bends it.

Look like you could buy almost the Cheapest one. and then add additional memory or storage, and get the 8 core I wonder if it would be faster.

A plastic shield over those exposed leads would be an effective solution.

how is the CPU underload?

I can't help but think that the Old M1 Mac Mini would be a great deal to use as a router/ Switch / Wifi 6 device. You use the $30 Gigabit adaptor for your ISP. Then the 10 GiG port for your home Network. It sips power, you already got on board storage. And PLENTY of CPU power to get just about anything done along with 8GB of ram. You can also use a thunderbolt to SFP/ Optical interface adaptor to a full ~ 40-GBPS speeds each Thunderbolt port is capable of. (~5000 MB/ Sec. - More then what the RAM can do on board) Plus you get to use any length of cable you need since its single mode optical fiber. So reaching your Main managed or unmanaged switch is a Breeze. If you have any troubles? Having a complete Backup Mac Mini is cheap and easy to implement or have as live redundant back up. So you are not really locked into any hardware.

@camerongray1515

Жыл бұрын

It's an option but I'm not sure why this would be better than using an x86 PC. As far as I'm aware, Linux and BSD support on Apple Silicon is still in its early stages and while Thunderbolt is great, you'd be paying an absolute fortune more for Thunderbolt NICs when compared to PCIe NICs and end up with a machine with several different adapters hanging off of it. By contrast, you could get a sufficiently cheap small form factor Intel PC for much less than a Mac Mini and chuck a cheap, second hand PCIe NIC in to get whichever high speed ethernet interface you require. I've previously deployed Mac Minis in a datacentre setting and they really aren't ideal for it - there's no way to force it to power up whenever mains power is applied. All you can do is have it restore it's previous power state so if it was on when the power was pulled, it will turn back on. However, if it was manually shut down, there would be no way to turn it back on without physically pressing the a power button. The most you can do is use a setting in MacOS to power the machine on at a certain time every day but then you could be waiting up to 24 hours for it to power on again. By contrast, most PCs can be set up to power on as soon as mains is supplied allowing it to be powered on by simply cycling the power supply through a remote switch. Then if you went down the server route you'd have full out of band management controllers to give full remote access to the machine.

The USB header, looks to be a standard USB two single port header. Normally they are double port headers, but ive had accessories that only plug into half of the double, and that looks about the same

I cannot find a reseller with a desktop version of this board -- I would love to have the smaller form factor to use in a kit for events... While the board is small (203mm*178mm) it's not a standard size as far as I can tell. I can fit a full 19" rack device in my pack but I'd rather not use so much of the space with dead storage (the empty space in the 1U).

If I may ask. What would be the consideration of buying this over a Ubiquity dream machine. As far as i can find the dream machine is far cheaper. Atleast where I live. I won't go into the price details further but to me it doesn't seem like that good of a deal. Is it that you really want a PfSense instead of proprietary software?

@camerongray1515

11 ай бұрын

I actually replaced a UDM-Pro with this. The UDM is great for certain situations and worked well for me, I just fancied a change. However, the UDM isn't some sort of "gold standard" for routers, it's use is very much limited to relatively simple home networks and very small businesses, beyond that it's easy to run into feature limitations at which point you have no option other than to replace it with something else. On the other hand with something like this it's easy to install whichever software works best for a given application and change it in the future if needed

I'm running a Supermicro C2758 for pfSense that's not affected by the hardware bug, runs fantastic for symmetrical gigabit Internet. I also have a Supermicro C3558 ready to deploy if needed, it's just overkill and uses slightly more power vs the C2758.

@camerongray1515

9 ай бұрын

Yeah, I still have some C2000 Atom based Supermicros in service that were RMAed due to the bug and were returned with a "platform fix" and have been running fine since. The machines had never failed by the time we RMAed them but wanted to do it to be on the safe side rather than risking them failing in service. It's my understanding that the bug can be worked around by reworking the motherboard which is what I suspect they have done. That said, I'd still generally avoid purchasing a C2000 based system second hand unless you know for sure that it has the platform fix in place to be on the safe side.

@jeffm2787

9 ай бұрын

@@camerongray1515 I agree with playing it safe. I happen to have two other identical 'spare' SM C2758's that had the fix from day one. So if it fails, will just swap out the MB.

Really nice but at $434 usd .....i am sticking with my cobbled together AMD Athlon 5350 from junk parts.....but this is nice if you have the coin

By any chance, did you used to work for a company called Othello, perhaps spent some time around Meridian Gate during the late 00's and early 2010's?

@camerongray1515

Жыл бұрын

Nope, not me sadly!

Any reason why you didn't go with OP Sense?

@camerongray1515

6 ай бұрын

I actually installed OPNSense on this when deploying it so that I could try it out and I'm running it now, but to be honest, I'm not overly impressed and doubt I'll roll it out elsewhere. The UI does have some nice improvements over PFSense, but I've had a few issues such as the Unbound service stopping itself after saving config changes and needing manually restarted. I also found a few bugs such as pressing enter in the interface name box when adding a new interface on the assignments page actually triggers one of the "Delete Interface" buttons which could go very badly wrong if configuring a production router while not quite paying attention. Not necessarily huge disastrous issues, but enough for me to not be confident enough in it to deploy it in any sort of critical environment. Additionally, the super frequent updates that some people push as a benefit of OPNSense aren't necessarily ideal for mission critical production applications where I'd much rather have a slower, more predictable update schedule like PFSense has.

I'm a little confused about the specs. Is it 2 x 10 GB ports question? Or are all the ports 10 GB?

@camerongray1515

Жыл бұрын

The SFP+ ports are both 10 Gigabit, the RJ45 ports are regular gigabit.

@zparihar

Жыл бұрын

@@camerongray1515 Thanks Cameron! Looks super cool!

For the performance, I am surprised that simple firewall rules or NAT make it drop perf so much. You should try Linux, just for fun and see how it goes. I can recommend just normal Debian Linux, (Vyos would work too), or anything really for a test. Also on Linux even single stream will be able to take advantage of multiple cores when doing fingerling, NATing is still a little bit limited, but from my testing still uses multiple cores and can run multiple packets in parallel for same stream without issues.

Hey cameron, how much was the import fees on this one?

@Subgunman

2 ай бұрын

If he lives in the UK, probably half the price of the unit. The UK must have taken lessons from Greece. They are total crooks when it comes to importing equipment. Prior to the EU approving taxation of goods over 25 euro as well as taxing shipping costs. That is a total ripoff. It is illegal to charge tax on postage from the states. They signed agreements many years ago and the agreement has not been canceled.

What price?

What made you ditch the UDM pro?

@camerongray1515

Жыл бұрын

Don't get me wrong, I love the UDM Pro, but I wanted something that was a bit more configurable and had more potential for tinkering. The UDM is ideal as an easy to manage solution and hides a lot of the complexity but the downside of that is that it can sometimes be a bit limited when it comes to more advanced configuration.

Why not try the full size pcie port and m.2 (for nvme compatibility)? Otherwise you're just talking through what we can see on the product page already...

Did you came across a similar device for NAS (I.e. a few more disk bays and ports)

@camerongray1515

11 ай бұрын

Not recently - when I last bought one of these back in 2017 I have vague memories of ones with super deep cases that had a bunch of spaces to install hard drives behind the motherboard, although they seem to have disappeared from the market. Although, to be honest, the main benefit of these devices is being able to build a router with everything on a single board in a short depth case. When you're looking at installing a bunch of drives, I'd be looking at a second hand enterprise server or building something DIY.

@berndeckenfels

11 ай бұрын

@@camerongray1515 yes thanks, the skylake Dell t330 (8bay) look like a decent option, it’s just 2xGE so you need extra cards

Is the C3558 Socketed or Soldered on the board? I’m gonna guess Soldered but figured I’d ask anyway

@camerongray1515

11 ай бұрын

It's a soldered SoC

Don't know which app you're using for the noise level, but the spectrum graph looks as if the 2-4 kHz band is a bit lower with the new fans. That band is very important for hearing human speech, so if it is lower, that would probably be why it 'sounds better;.

@tammybambini1096

11 ай бұрын

it´s so nice seeing @camerongray1515 trying to justify a 6dB increase of noise - sounds a lot like a sunken cost fallacy to me ;)

You have 2 of them then connect them directly and test a bandwitch via vpn tunnels on them to discover a limitation of speed. Many devices at lt2p&ipsec have ~70Mbps, at IPSec ~800Mbps, at WireGuard/OpenVPN etc. between previouse. Please check a internal limits for package size 50B/500B/1400Bytes - then we will know all about PFsense limit on this devices !.

MikroTik RouterOS might run on it too

Whats's the white cable? Ethernet to usb-c?

@camerongray1515

6 ай бұрын

The white one plugged into the laptop? That's just a USB-C charging cable to power the laptop.

@nikoskatsenis8218

5 ай бұрын

@@camerongray1515 do you have a product link for the ethernet cable(the white with red)?

@camerongray1515

5 ай бұрын

@@nikoskatsenis8218 No idea, it's just a generic CAT5e cable that probably came bundled with something over the years, nothing special at all.

That mean well power supply is a nice touch. 😀

Followed your lead and grabbed one of these, it's my first dive in to soft routers after years of frustration with off the shelf routers. After a week or so of learning pfsense, i flashed OPNsense, and found it a seamless install. I swapped the 40mm fans for noctua PWMs and have them pretty well optimised to balance rpm with temperature. This is in a rack in a cupboard and I can still hear some fan noise, I'm guessing from the CPU fan. I'd be interested in a suitable 50mm fan, perhaps even PWM to manage cooling actively. Any suggestions? The clearance from the CPU fan to the case is very tight, I think that may increase the fan noise too.

'Tis no longer available on that link...

Link is not opening

While the i225V chips are rated for 2.5G, the GSC-2401-R transformer (line driver) chips next to them are only rated for 1G.

@frankfix247

6 ай бұрын

Curious why a transformer should limit the frequency. Guess they do have a limit, or there're some other suppressing component(s) in there.

@markbooth3066

6 ай бұрын

Transformers use coils, so they have different characteristics at different frequencies, so run them at a higher frequency than they are designed for and the losses and cross talk could be significantly higher.

For about half that price I picked up a mini pc with a Ryzen chip, room for NVME and SATA hard drives, USB 3.2, 2.5g networking, etc. It's doing a great job as a NAS, no need for a router.

@makkapacca

11 ай бұрын

For £20 I bought a toaster, it does a great job of toasting bread and crumpets, no need for a NAS.

a better idea would be to make your own fw box - diy has many advantages - upgradeability, expansion, ease of use, additionally opnsense has better licensing and better drivers

@camerongray1515

Жыл бұрын

As much as I enjoy building machines - it would have been near impossible to build something comparable to this for anywhere close to the price. In particular, building in a 1u rackmount form factor makes things difficult as most coolers and even a standard I/O shield are too tall to fit in the case. As for OPNSense, I'm actually downloading it right now to try it out since I last tried it shortly after it came out, I demonstrated PFSense in this video since it's what I'm more familiar with and use elsewhere however I'm planning on trying out various different OSs on this machine before I deploy it.

@shephusted2714

Жыл бұрын

@@camerongray1515 come on now - atom is not all that great - depending on the model it may lock up on you and break permanently - yes this was an atom 'feature' - i feel your pain on price but just use a refurb build like z420/z440 - you can get parts cheap and then you have many more options - cheap ram and ability to run 25g cards also cheap - diy is cheaper in the end really for the value proposition, much more powerful processors available, expandability etc - it is really no contest but props to you for going to 10g and trying at least - you can build a diy router with faster networking for half the price

@camerongray1515

Жыл бұрын

The Atom C2000 issue was bad assuming that's what you were referring to in terms of reliability, however the C3000 models aren't affected by this, I run several of them in production commercial settings as routers and they have worked flawlessly for years. Even some C2000s with "fixed" motherboards after RMAing them due to the bug are still working fine. They are also widely used in many commercial network appliances. This machine is used purely as a firewall/router and is due to be installed in a small wall mounted comms cabinet, a refurbished HP Z420/Z440 workstation would be completely impractical in such a setting and the power consumption would be unjustifiable. I simply don't see myself going beyond 10 gigabit during the lifespan of this machine - the internet connection is 300mbit and at most would potentially be upgraded to gigabit years down the line. I have a 10 Gigabit capable NAS however most of the traffic to it is going to come from the same subnet so won't need to pass through the router, even 10 Gigabit at the router is completely excessive for my needs.

@cheerbeerification

11 ай бұрын

I installed OPNSense on my office firewall and I found that PFSense is much more intuitive to use. PFSense does have a path for better drivers and more recent updates but the licensing does leave much to be desired. I'm going to stick with OPNSense for a while to see if I can get used to it.

@joee7452

11 ай бұрын

@@cheerbeerification Opnsense is a bit better in compatibility and functions. But that comes at the price of not being as easy to work with as pfsense. You can twist opnsense into a pretzel to run exactly how you want but that does require a lot more knowledge. Pfsense can be more drop in and use easily. I admin a bunch of both along with the "big boys: like Cisco FPs and fortinet. I still have custom Linux FW/IDS/IPS deploys running in places. For home or simple office deploys I would say pfsense > opnsense for the ease of setup and it will do what you need simply. For business deploys I would say opnsense > pfsense because it can be more robust and offer additional configuration options for you to customize once you are confident with it. Just my 2 cents from working with both of them for a while now.

Surely those ports are useful if the power goes out as you could have a NAS on one and your primary pc on another, then if your power goes out you would still have (worst case) access to your servers files.

@camerongray1515

8 ай бұрын

Which ports are you referring to? Would have to be a weird power cut where you wouldn't be able to power a switch but could still power a PC, NAS and this firewall.

At that price point, it's not very competitive against something like Mikrotik CCR2116 or CCR2004. Mikrotik devices also support Linux containers and can throw Pi-hole or the Ubiquiti Controller on it, to integrate with Ubiquiti hardware. 47:18 just to give an apples to apples comparison, CCR2116 is routing(L3HW) at ~50Gbps, ~40Gbps with 25 firewall rules. IPsec ~4.1Gbps Edit: I just realized that even the cheaper Mikrotik RB5009(the non-PoE version can be found for ~170-180 USD), fanless router, which has PoE out on 8 ethernet ports(maybe powering Ubiquiti hardware) does better throughput: routing ~9.8Gbps, 25 firewall rules ~9.3Gbps, IPsec ~1.4Gbps.

@camerongray1515

11 ай бұрын

Don't get me wrong, MikroTik devices are great and I already use them a fair bit elsewhere. However, they aren't directly comparable since you're tied in to using RouterOS vs an x86 machine which has a worse price/performance ratio but has the benefit of giving total software/OS flexibility. My goal with my home network is to try all manner of different equipment running each option for a period of time to try it out fully, it's likely that I will end up trying a MikroTik router in the future, but they aren't suitable for every situation so I wanted to try an x86 option first.

Ahhh a Cameron Gray video - sets playback speed to 0.75x

I am back was just wanting to see if I was on 1000bits/s

AMD has a Ryzen embedded CPU with two 10Gbe ports on the thing, supposedly sub 15W which i want for these types of devices real bad.

@NavySeal2k

11 ай бұрын

Yeah, nobody uses them for devices with affordable prices...

Im not sure if I head you right, but there is 50mm Noctua fans

@RWL2012

Жыл бұрын

if that's the case, where can they be bought?

@camerongray1515

Жыл бұрын

Do you have a link? As far as I can tell Noctua do 40mm and 60mm fans but not 50mm.

@MrPontus

Жыл бұрын

@@RWL2012 now I feel stupid, I got lots of results when I searched for it before, but it seems like it can't be bought right now, Noctua sells 50mm fan grilles and they have shown a 50mm prototype fan at Computex in 2017 and 2019

... def be keen if they made this machine/package but with those 1GbE ports changed to 2.5GbE ports...

The cpu, can it handle 10 Gig?

@camerongray1515

Жыл бұрын

I did some performance tests in this video - when it comes to raw routing with no firewall between interfaces it can handle a 10 Gigabit multi-stream iperf test fine. With the firewall enabled it'll handle around 6.5 Gigabit of traffic. Of course this is testing with multiple streams which can be split over multiple cores, a single stream will top out at around 2.5 Gigabit with the firewall enabled. So not full 10 Gigabit, but still significantly beyond gigabit. Of course these tests are only under PFSense, you may be able to get even better performance under a different OS such as VyOS or Netgate's TNSR.

A 5G Mobile Data Module for 5G might give a failover ability for the PFSense.

@nickharvey5149

Жыл бұрын

Havent got that far in the vid yet, but do you mean internally? I am looking for a 4/5G interface for a Netgate 2100 atm. All I can find at the lower price point is routers.

Its a good board but with the cpu i doubt it could keep up with a fully loaded system as it would have massive bottleneck but if that board had better cpu it would be perfect.

Atom C3xxx CPUs is still quite ancient. Would be nice to see something with an actually current CPU and an i226 NIC.

@rajilsaraswat9763

Жыл бұрын

what cpu do you recommend?

@camerongray1515

Жыл бұрын

While the C3000 series has been out a while, it's still a very widely used chip - it's what Netgate use in many of their own PFSense appliances and still seems to be Intel's current model of low power consumption server/network appliance chip. They have released a few Atoms since then (The C5000 models and the P series) however both of these have much higher power consumption. You can definitely get these types of devices with more recent chips (generally up to 12th gen Intel Core), however while this CPU would be "newer" you'd lose the SoC integrated 10 GbE NICs so just because the CPU is newer, doesn't necessarily make them a better option.

@rajilsaraswat9763

Жыл бұрын

@@camerongray1515 Is there a Supermicro ITX board with C3000 chip, and both RJ45/SFP+ ports?

@camerongray1515

Жыл бұрын

@@rajilsaraswat9763 They do a few such as the A2SDi-TP8F although they tend to only offer the higher end C3000 chips on the boards that offer 10 GbE networking.

Oh the fun of getting a 230V shock :') I've had around 4 in my life so far!

@NavySeal2k

11 ай бұрын

Only? Those are rookie numbers!

@johnhaller5851

6 ай бұрын

There's no way this has any sort of safety certification. I doubt there is a CE Mark for Europe or UL for US. There's a reason power cords go into power supplies in PCs, and most smaller devices have external transformers. I discovered a similar problem when using a IMSAI computer, the huge transformer in it made it unbalanced, so the fingers needed to go under where the transformer was, and the fuse was right where the thumb would go. This was before there were many required locations for current leakage disconnect (GFCI in the US), and of course the case was grounded. Luckily, with "only" 120V on a dry day, I only got a tickle.

Just worry these devices phone home to china. Did you wire shark it by any chance?

@camerongray1515

10 ай бұрын

I didn't see anything suspicious while testing. I'm running my OS on this and there is no IPMI/network stack in the firmware so any sort of exploit/backdoor would have to be extremely low level, I haven't seen any evidence of devices such as this having these types of exploits. My logic is that this isn't really any higher risk than any other Chinese motherboard, if a company wants to produce a compromised device, surely they'll focus their efforts on complete routers/smart home devices where the device will end up running the supplied firmware which could be loaded with exploits rather than something like this that will run the user's own OS.

Mmmil I think the TP-link ER8411 is a way better option, descend brand with warrant, no psfense but supported in omada.

@camerongray1515

Жыл бұрын

The TP-Link looks like an interesting device but isn't really comparable to something like this. As a low cost device that runs the included firmware, that device would be more comparable to devices such as the Ubiquiti EdgeRouters, the UniFi UXG-Pro, various MikroTik options and tonnes of other brands (Draytek, Zyxel.etc). With a device such as the one here I'm not tied into any sort of firmware - with my previous AliExpress box I started off on PFSense before later moving to OPNSense and then finally onto many years of it running VyOS.

This seems very expensive, I think Mikrotik products are better value e.g. the RB5009 which has a 10gb interface for £240 ish. Obviously it's a different proposition not running pfsense but the mikrotik os should have more than enough features to do what you need and the cpu has less raw horsepower but I think the performance will be way more than enough for home enthusiast applications. Personally I use a mikrotik routerboard hex which is dirt cheap I think approx £50 but it consumes very little power and has every feature imaginable. It handles my 1gbit connection without problems but I wouldn't be able to do any traffic shaping etc due to the CPU.

@camerongray1515

Жыл бұрын

I absolutely love MikroTik kit and use it extensively. I actually strongly considered the RB5009 for this project. Ultimately I decided that I'd rather have a bit more choice when it comes to the software side of things, hence going down the x86 route. When compared to other rackmount x86 options, this device is actually pretty cheap - my go-to, similarly specced Supermicro machine that I'd use for this sort of machine in commercial setups costs close to £1000 and doesn't even have the 10 GbE NICs.

Not shipping to germany unfortunately

Brand new Atom? Then what about tthe x3, x5, x7 , x6000, c5000 and p5000 Atoms that all launched after the c3000 series? O_o

@camerongray1515

11 ай бұрын

I was referring to the fact that the chip in this is still currently sold, not that it's the absolutely latest offering. This is in contrast to many similar machines that use extremely outdated chips such as the D525/D2550. The X series Atoms aren't really directly comparable as they're designed for the likes of thin clients/embedded applications where a video output is required and networking is less important. The C5000 and P5000 series are an interesting one, they are part of the same line as the C3000 chips however have much higher TDPs so I'm not sure if they're expected to be a direct replacement for the C3000 line or not. They also aren't really widely available yet with most devices still being sold with C3000 chips.

6 years ago isn’t that long ago. Technology has largely stalled out in basically everything except very high end stuff. This isn’t the 90s.