Modernizing pfSenpai: My pfSense box

[CerealExperimentsLain]

Once upon a time I got Gigabit internet and the my venerable Asus AC66U proved to be no match for that many packets going through NAT.  I assembled an old recycled ITX mobo with a Sandy Bridge i5 in it to run pfSense, but over the years it had problems with running hot due to the limited ventilation in the case I went with.  Today I got an J4005 board from ASRock as an 'Upgrade'.  This is less an 'Upgrade' of course, as it's not really faster, possibly a bit slower than the i5 2510E it replaced, but far less power demanding and 7 years newer in design.

 

The original build, it's an iStar USA thing, ITX and with a riser cable you can fit a PCIE expansion card.  Perfect for a little networking box without being too large.

 

The old interior with a recycled board and the Intel dual 1gbit NIC above it.  This is a mobile i5 so it's not that hot but this case isn't great.  If you'll notice I had to saw into the frame of the Noctua fan, the HDD 'rack' that goes on the lid otherwise didn't close cause they bumped into each other.  I cut away just enough space.    It's dual 1gig now, but since it's a PCIE card I can drop in upgrades without replacing the entire system.

 

New hotness vs old hotness.  The only downside is the new board's PCIE slot is only x2, but that's still 1000MB/s full duplex bandwidth, so if I ever have internet faster than 1000MB/s or 8000mbps, well, I'll be pleased to have that problem.

 

Just a shot of the NIC, I forget what this even is, it was cheap on eBay.

 

The 'upgraded' unit with it's 'new' rear IO.  You'll also notice the 200w FlexATX PSU has a 40mm noctua fan swapped in, the fan it came with 'buzzy' and rattled, this is near silent.

 

The big deal is this is much cooler, the old system idled around 24 watts out the wall and pulled 37 watts when downloading at about 1gbit.  The new J4005 board idles at 13.5 watts and with the same 1gbit download it only reaches 16.5.  So under a 1gbit load it's nearly half the power consumption.  It runs far cooler as a result too.  Pretty pleased and this, minus the NIC, will be in service until 2030 is I have my way.  I can just swap NICs as my internet gets faster.  I would like to switch to SFP+ at some point, it's how I connect to the internet anyway, I'm just using a media converter to convert the incoming fiber to copper before it goes into pfSense.

 

Oh I guess I should add, this hardware has entirely bypassed everything from my ISP other than the ISP supplied SFP+ transceiver, this box is doing the PPPoE and everything all on it's own. 

[CerealExperimentsLain]

This is the complete stack of network gear at the center of my home for those who are curious.  Some day I'll upgrade to 10Gbps switching, some day.

 

 

[Alex Atkin UK]

Why not switch to a dual-port SFP NIC instead so you can do away with the media converter?

[CerealExperimentsLain]

1 hour ago, Alex Atkin UK said:

Why not switch to a dual-port SFP NIC instead so you can do away with the media converter?

That is the eventual plan, but I'd rather keep using the Intel enterprise NIC rather than the Realtek onboard one on the board (It's disabled in BIOS right now).  Once 'More than 1gig' is an option, is when I'll probs look at doing away with the copper NIC all together.  That is the main reason I went with the networking on PCIE, it allows me to swap out as I move.

 

I'm not sure if my future will be SFP+ then an SFP+ to RJ45 10gig adapter for output, or SFP out as well.  One of the 10 gig switches I've eyed from Netgear does have one shared RJ45/SFP+ port.  Cross that bridge when we get there basically.

[CerealExperimentsLain]

Tragically, last night the SSD in pfSenpai died.  This of course lead to the fun of 'Why doesn't the internet work?  Is it the network?  The internet?  ISP?  Oh god, I rebooted pfSenapi and it just booted straight to BIOS.  It sees no bootable devices'..

 

Since I had two other 120GB SSDs collecting dust, the fix was a ZFS RAID1 in hopes that any future failure survives in the face of redundancy.

 

...I wonder if pfSense is capable of warning the user if one of the drives dies?