Asked previously in NAS (and in less detail) with out much response

[kluckie13]

I started out planning on just building a NAS to run Jellyfin or Plex but as I kept looking into things and remembering some things I realized what I wanted was more akin to a homelab setup. I figured this would be the best place to come for help.

Things I want to accomplish (eventually) with my homelab/network setup:

• Media Storage/Streaming server (Jellyfin or Plex)

• Network Level Ad Blocking (Pi-hole or AdGuard)

• Network Level Firewall (pfSense or OPNsense)

• Local "Cloud" backup (Nextcloud or similar)

• Remote "Workstation" (offload some workloads from my laptop)

• Other common things I'm forgetting to mention or will learn about (DHCP, DNS, VPN, downloads, etc)

Will be located in an armoire (no rack mounting) in my bedroom so noise and heat are major considerations. The armoire's doors will be left cracked open to allow for airflow while keeping pets out (might cut holes in back and/or attach case fans if it gets too hot. I generally run hot so I have fan running almost year round to give example of acceptable noise threshold.

Another note, there would only be a max number 3 +/- 1 users at a time and plan on storing media at high quality (4K, high bit rate, etc) with lossless compression, preferring FOSS codecs like FLAC and AV1.

While my ISP sucks and has a local monopoly and provides sub gig speeds over copper coax, the network gear I already have and will include already has 2.5 Gb RJ45 ports so that's the minnimum connection speed I want to maintain.

• Modem: 1*coax in | 1*2.5 Gbps RJ45 out

• erro Pro 6E Router/Access Point: 1*2.5 Gbps RJ45 | 1*1 Gbps RJ45

• Brother Wi-fi Printer: Wifi and USB connectivity only (want to figure out how to network it via the USB if possible and turn off the wi-fi connection)

Things I need to get:

• UPS

  • Looking at CyberPower Mini Tower UPS systems but I don't know how to size it and what features I require. Live in Minnesota, USA with Xcel Energy so power is generaly pretty stable with the ocassional black/brown out that lasts no more than a minute or two to just annoy the microwave/oven clocks and my PS5. A storm will occasionally knock out power for a longer period of time in which case I'd like the homelab to power down before the UPS runs out of power. Just need the homelab, switch, modem, and router/access point to run on battery for those occasional short power outages. Would also like to have the coax surge protection also.

• Switch | Netgate 4200?

  • 2 Birds, 1 Stone? This is essentially a 2.5 gig (managed?) switch that is also a hardware firewall, right?

  • I read that its better to run the firewall on dedicated hardware instead of in a VM (not clear on why) and since if I'm correct that this is essentially a managed switch it's more or less in line price wise with 2.5 gig managed switches and if I'm wrong unmanaged 2.5 gig switches are $100+ and building a dedicated pc for the firewall would cost about as much.

• OS | Unraid Lifetime License

  • Started out planning on using Fedora Server because I run Fedora on my Framework 16 and have become quite comfortable with it and Fedora is officially supported by Pi-hole. Also considered TrueNAS because I'm a fan of the FOSS philosophy but Unraid looks very polished and can implement what I want to do fairly easily.

  • How well has Unraid been at honoring the perpetual licenses? Any drawbacks with deciding on going with Unraid?

• Case | Silverstone CS382

  • Like that it has plenty of room for expansion with robust I/O offerings including a slim ODD slot and a 5.25" bay allowing for easy media ingest and creation.

  • An all metal case shouldn't be significantly louder than any other case (save for something like a be quiet! case), correct?

• CPU | AMD Ryzen 7 8700G

  • Going to wait until after any Computex announcements before settling on a CPU

  • Is 8 cores, 16 threads adequate for my use case

  • iGPU is capable of AV1 encoding and decoding

  • AMD has significantly lower TDPs than Intel

  • This only supports PCIE 4.0 while others support 5.0. I read that correctly, right?

• Motherboard | Gigabyte B650M Aorus Elite AX

  • Going to wait until after any Computex announcements before settling on a motherboard

• Cooling

  • CPU Cooler | be quiet! Dark Rock Pro 5

    • Vastly overkill means easier and quieter cooling while ensuring greater build compatibility in the future

  • Case Fans

    • Add and/or upgrade to be quiet! and/or Noctua case fans

• Memory | DDR5

  • Should I look for DDR5 ECC memory?

  • How much should I get?

• Storage

  • USB Boot Drive

    • Since Unraid runs entirely in RAM, does the USB speed have a major effect on performance? If not I'll probably get an adapter to run it off an internal USB 2.0 header to avoid an accidental removal.

  • NVMe Cache

    • How much should I get?

    • Should the cache be mirrored, stripped, or pooled?

    • The motherboard I'm looking at has 2 M.2 slots; one is PCIe 5.0 x4/2 and the other is PCIe 4.0 x4/2. How does mixing and matching PCIe speeds and number of lanes effect caching?

  • HDDs | Seagate IronWolf Pro

    • Drives will be 12 TB or larger for helium drive design

    • Starting with a 3 drive array with 1 drive as parity. How easy/safe/fast is Unraid when it comes to adding drives to an existing array or increasing parity?

    • After how many drives should I add a 2nd parity drive?

    • HDDs will be primarily reserved for read only data (i.e. media library)

  • SATA SSD | Team Group Vulcan Z SATA SSD 2 TB

    • 2 drives, will be primarily used for frequently updated data (i.e "cloud" services and data back-ups)

    • Would these be included in the HDDs' parity array?

• Add-in Cards

  • GPU | Gigabyte Radeon RX 7600 XT Gaming OC 16G

    • Going to wait until after any Computex announcements before settling on a GPU and/or future upgrade if I go with a CPU with integrated graphics

    • 2x the VRAM of my laptop's GPU

    • AV1 and will be able to utilize AMD's Smart Technologies like SmartAccess Video with an AMD iGPU

    • Would performance take a major hit since it would only be running on a PCIe 4.0 x8 connection?

  • SATA add-in card

• PSU | be quiet! Dark Power 13 850W

  • Should be large enough

  • 80+ Titanium rated and Cybernetics Titanium and A++ efficiency and sound ratings so it will run cool and quiet

• Accessories and Miscellaneous

Answers and feed back are very much appreciated.

I know this build will end up being expensive so I plan on buying the components piecemeal over time with the core components (CPU, motherboard, GPU) being the last components to acquire since they are the parts that see the most frequent generational improvements.

Thanks again for looking through my massive post and taking the time to respond.

[emosun]

Alright you're going to need to shorten that up a lot , nobody is going to spend that much time reading that

[Electronics Wizardy]

4 minutes ago, kluckie13 said:

Switch | Netgate 4200?

• 2 Birds, 1 Stone? This is essentially a 2.5 gig (managed?) switch that is also a hardware firewall, right?

• I read that its better to run the firewall on dedicated hardware instead of in a VM (not clear on why) and since if I'm correct that this is essentially a managed switch it's more or less in line price wise with 2.5 gig managed switches and if I'm wrong unmanaged 2.5 gig switches are $100+ and building a dedicated pc for the firewall would cost about as much.

Yea its a pfsense box with multiple ports. Its not a switch, but can work as one. You can get a no name box for cheaper, but these have office pfsense support. Since there is no switch, your doing it all on the CPU for this box.

 

5 minutes ago, kluckie13 said:

NVMe Cache

• How much should I get?

• Should the cache be mirrored, stripped, or pooled?

• The motherboard I'm looking at has 2 M.2 slots; one is PCIe 5.0 x4/2 and the other is PCIe 4.0 x4/2. How does mixing and matching PCIe speeds and number of lanes effect caching?

I'd probalby just use the 'cache' drives for the vms and containers, and the disk IO will be fine for media. Unraid only uses cache drives for writes, so it only really helps if you need fast switch.

 

20 minutes ago, kluckie13 said:

HDDs | Seagate IronWolf Pro

• Drives will be 12 TB or larger for helium drive design

• Starting with a 3 drive array with 1 drive as parity. How easy/safe/fast is Unraid when it comes to adding drives to an existing array or increasing parity?

• After how many drives should I add a 2nd parity drive?

• HDDs will be primarily reserved for read only data (i.e. media library)

Yea bigger is better typically.

 

Unraid makes it very easy to add drives of different sizes, as long as the parity is the biggest.

 

21 minutes ago, kluckie13 said:

• • SATA SSD | Team Group Vulcan Z SATA SSD 2 TB

    • 2 drives, will be primarily used for frequently updated data (i.e "cloud" services and data back-ups)

    • Would these be included in the HDDs' parity array?

• Add-in Cards

I'd just use the nvme drive for frequent data here. 

 

21 minutes ago, kluckie13 said:

• GPU | Gigabyte Radeon RX 7600 XT Gaming OC 16G

  • Going to wait until after any Computex announcements before settling on a GPU and/or future upgrade if I go with a CPU with integrated graphics

  • 2x the VRAM of my laptop's GPU

  • AV1 and will be able to utilize AMD's Smart Technologies like SmartAccess Video with an AMD iGPU

  • Would performance take a major hit since it would only be running on a PCIe 4.0 x8 connection?

• SATA add-in card

What are you using the GPU for? For encoding the iGPU is fine and likely better. If your not using compute, use the iGPU here.

 

21 minutes ago, kluckie13 said:

• CPU | AMD Ryzen 7 8700G

  • Going to wait until after any Computex announcements before settling on a CPU

  • Is 8 cores, 16 threads adequate for my use case

  • iGPU is capable of AV1 encoding and decoding

  • AMD has significantly lower TDPs than Intel

  • This only supports PCIE 4.0 while others support 5.0. I read that correctly, right?

• Motherboard | Gigabyte B650M Aorus Elite AX

I'd probably go inter for better support of quicksync compared to amds encoders in programs like plex.

 

I'd aruge av1 hardware encoding doesn't matter here. Go cpu encoding if you want quality, h.265 is fine for streaming to clients.

 

 

[Electronics Wizardy]

1 minute ago, TheDarkCanuck said:

Wouldn't cpu transcoding load the living daylights out of the server? (Genuine question)

It seems like the plan here is to use the iGPU for transcoding which would work well. 

 

And even with cpu transcoding the CPU still has a lot of performance for this use case, and likely could handle many 1080p streams and 2 4k streams depending on codec and settings.

[kluckie13]

1 hour ago, TheDarkCanuck said:

I read it. It took just a minute or two.

 

To the OP: is there any reason to select the 8000 series over 7000 series cpu? I think you can still encode av1, limit is something like 8k30. You will get more pcie lanes this way which will probably make your happier down the road. Might save some money as well. 

The 7000 series CPUs have integrated graphics that are based on RDNA 2 which only supports AV1 decoding while 8000 series iGPUs have RDNA 3 which can encode and decode AV1.

42 minutes ago, TheDarkCanuck said:

Yeah looks like you are correct. Still I'd be interested in seeing if ryzen 7000 series wouldn't work for this. Would be sweet to have all those pcie lanes for other stuff. Or Intel as you say (all the performance data I could find seemed to be for intel-based systems). But I don't know about transcoding with AMD hardware on jellyfin, I think nvidia and Intel igpu is the developers preference. 

From what I could tell Jellyfin's documentation says that it supports AMD hardware acceleration, including AV1 support.

1 hour ago, Electronics Wizardy said:

Yea its a pfsense box with multiple ports. Its not a switch, but can work as one. You can get a no name box for cheaper, but these have office pfsense support. Since there is no switch, your doing it all on the CPU for this box.

What do you mean by doing all the work on the CPU? Don't all switches have some form of silicon directing packets? Do you think this is a good option for me since I'm looking for both a bare-metal network firewall as well as a network "switch"?

 

1 hour ago, Electronics Wizardy said:

What are you using the GPU for? For encoding the iGPU is fine and likely better. If your not using compute, use the iGPU here.

The GPU is more of a future "want," turning the server into a pseudo remote workstation to do more compute intensive tasks on freeing up the resources on my laptop or the iGPU.

[Electronics Wizardy]

6 minutes ago, kluckie13 said:

The 7000 series CPUs have integrated graphics that are based on RDNA 2 which only supports AV1 decoding while 8000 series iGPUs have RDNA 3 which can encode and decode AV1.

1 hour ago, TheDarkCanuck said:

I'd aruge av1 encoding isn't really needed here. Most devices don't support av1 decoding, so its better to use h.265/h.264 for jellyfin clients. And if quality if your mail goal, using a CPU encoder will be a good amount better than the hardware av1 encoder.

 

7 minutes ago, kluckie13 said:

What do you mean by doing all the work on the CPU? Don't all switches have some form of silicon directing packets? Do you think this is a good option for me since I'm looking for both a bare-metal network firewall as well as a network "switch"?

 

Switches have dedicated sillicon that does switching very efficiently. These systems will pass all the traffic through the main processor and have a lot more overhead doing it. Should be fine with just 2.5gbe, but if you don't need office pfsense support, there are cheaper boxes that will do the same. Most switches have a cpu for management, but it doesn't touch any of the traffic.

 

8 minutes ago, kluckie13 said:

The GPU is more of a future "want," turning the server into a pseudo remote workstation to do more compute intensive tasks on freeing up the resources on my laptop or the iGPU.

Just be aware that latency might be annoying depending on the workload, but this should be fine. 

[kluckie13]

25 minutes ago, Electronics Wizardy said:

I'd aruge av1 encoding isn't really needed here. Most devices don't support av1 decoding, so its better to use h.265/h.264 for jellyfin clients. And if quality if your mail goal, using a CPU encoder will be a good amount better than the hardware av1 encoder.

I'd say that 80+% of the potential devices that would be streamed to support AV1 with the primary ones definitely supporting it. Those that don't are not likely to be used for streaming and are frankly due for an upgrade sooner rather than later.

[Electronics Wizardy]

Just now, kluckie13 said:

I'd say that 80+% of the potential devices that would be streamed to support AV1 with the primary ones definitely supporting it. Those that don't are not likely to be used for streaming and are frankly due for an upgrade sooner rather than later.

Than might as well go 8700g here. Should work fine then. 

 

2 hours ago, kluckie13 said:

• Should I look for DDR5 ECC memory?

•  

I think the 8xxx series don't support ecc so thats one downside, but I'd argue ecc isn't needed for a media server.

[kluckie13]

1 hour ago, Electronics Wizardy said:

Switches have dedicated sillicon that does switching very efficiently. These systems will pass all the traffic through the main processor and have a lot more overhead doing it. Should be fine with just 2.5gbe, but if you don't need office pfsense support, there are cheaper boxes that will do the same. Most switches have a cpu for management, but it doesn't touch any of the traffic.

Is this more in line with what you'd recommend I install pfsense on? Then get a regular old unmanaged 2.5 gig switch.  Where in my network would I put it? I'm unclear on how to both physically connect everything I want as well as how everything will be routed digitaly (firewall, pi-hole, DNS, etc). Would it be physically be located between my modem and the switch? And digitally traffic would be routed something like modem, firewall, pi-hole/dns, then client device somewhere on my network?

 

Also, I really appreaciate your and Canuck's back and fort with me on these things.

[Electronics Wizardy]

12 minutes ago, kluckie13 said:

Is this more in line with what you'd recommend I install pfsense on? Then get a regular old unmanaged 2.5 gig switch.  Where in my network would I put it? I'm unclear on how to both physically connect everything I want as well as how everything will be routed digitaly (firewall, pi-hole, DNS, etc). Would it be physically be located between my modem and the switch? And digitally traffic would be routed something like modem, firewall, pi-hole/dns, then client device somewhere on my network?

 

Also, I really appreaciate your and Canuck's back and fort with me on these things.

Yea that miniPC will work fine.I'd be tempted to get something like this for a few more 2.5 ports, and the much faster n100 cpu https://www.amazon.com/Firewall-Appliance-Fanless-Celeron-Ethernet/dp/B0CMLBWKW9/ref=sr_1_4?crid=2KTITBZHEO4H4&dib=eyJ2IjoiMSJ9.ttIZPL80EPxpLe6UptbP4khYQ2HKKsSd3aBo4NhW2k4qbgChPDLQQq6ow84Y3Y4yOq3egcqKuMMojOSQUmdJPqeFNh2qIvP5-eVfeyfkyFe6M7lno7hcXGNfdTW2uzUvqHxaLILqjae4KA1oi6NDmTAPifvdwIFAmFBmdZGRQE2hdoAnb1gPNrse50-ZiHFePkTxSjoi9BI0M_3SKeZ6i0aY7o_nW2msvLPmJS3MlQ8.BcGX5bjLkx8sLvx3PISvGdq5i3d_J-RDuCxlPZS0SIc&dib_tag=se&keywords=n100%2Bdual%2B2.5g&qid=1715910350&sprefix=n100%2Bdual%2B%2Caps%2C172&sr=8-4&th=1

 

As far as wiring, it goes between the modem and your switch. The data never go through your dns server, devices will reach out to the pihole to get DNS requests, and you can setup the DHCP server to use the pihole as the default DNS server.