Hardware recommendation for pfSense install

[amrogers3]

I built a system about 15 years ago using a SuperMicro X7SPA-HF-D525. I am looking to upgrade my system and was looking for something to replace my old unit.
I am not familiar with the new tech and if these mobos have changed significantly from back in the day.
What would you guys recommend for a low profile unit that won't get too hot or be too loud?
I plan to run pfSense with VPN and pfBlocker for now.
Would SuperMicro be the way to go? I am looking for something that will last another 15 years if possible.
Also, I would like to get something with Nvme if possible.

 

[BlueLineSwinger]

What's the environment, # of clients, bandwidth to support, etc.?

WAG based on your existing system, it looks to me that this is for a typical home install. I'd say most anything based around a N100/300 CPU with 2+ NICs will work fine.

 

[amrogers3]

What's the environment, # of clients, bandwidth to support, etc.?

yep for a typical home setup. Trying to get something with 4" NICs though. You got any recommendations for specific hardware?

 

[Tsumi]

Any reason for 4 NICs? Typically for pfSense, you only need one in and one out.

 

[toast0]

From personal experience, avoid realtek 1g nics if possible. They often work most of the time, but some weird shit happens sometimes and it's not worth the hassle when it does.

I've heard good things about realtek 2.5g nics, but I haven't used them with FreeBSD yet. People say the intel 2.5g nics are bad too (i225?). I like intel 1g and 10g though.

Does your old system limit you, or is it just old? I think most people could use a modern potato to fill their firewall needs, if the D525 fits your needs, I don't know how you would find something new that doesn't. Other than if you still need six sata ports... 4 is more common these days

 

[Valnar]

Just buy a Netgate appliance. I got tired of playing the games and did just that. Netgate 4200 should hold you for a long time.

 

[amrogers3]

Just buy a Netgate appliance. I got tired of playing the games and did just that. Netgate 4200 should hold you for a long time.

This may be the way brother. What you think about the hardware on these, haven't these units not been updated for some time?

 

[Valnar]

This may be the way brother. What you think about the hardware on these, haven't these units not been updated for some time?

The 4200 came out 2 years ago. It supports multi-gig speeds and has 2.5Gb Intel Ethernet ports. It's their "lowest" model with Intel so you don't have to deal with ARM processors and you get PfSense Plus, so preferential updates over the community edition.

I went through the same thought exercise after I wanted to update my home grown pfSense box, but I couldn't build one better than this with 4 ports, low power usage, no noise, etc. Yeah, it's a slight upcharge in the bundle versus rolling your own, but if you started from scratch and needed a mini-itx case, PSU, RAM, SSD and equivalent Supermicro motherboard, it's not that bad.

 

[amrogers3]

The 4200 came out 2 years ago. It supports multi-gig speeds and has 2.5Gb Intel Ethernet ports. It's their "lowest" model with Intel so you don't have to deal with ARM processors and you get PfSense Plus, so preferential updates over the community edition.

I went through the same thought exercise after I wanted to update my home grown pfSense box, but I couldn't build one better than this with 4 ports, low power usage, no noise, etc. Yeah, it's a slight upcharge in the bundle versus rolling your own, but if you started from scratch and needed a mini-itx case, PSU, RAM, SSD and equivalent Supermicro motherboard, it's not that bad.

Those are some very good points. It even has Nvme which is nice. 4GB Ram seems small. Do you know if that is upgradable? I don't think it is, at least it doesn't say it is in the description.

 

[Valnar]

I haven't opened it up to check, but 4GB is plenty. I added some pretty big IP lists in pfBlockerNG and my memory usage is 39%. Before that it was negligible.

What's your current usage now?

 

[kirbyrj]

I had a N150 fanless 4x2.5GbE Topton computer I got from Aliexpress. Worked great until I moved to Firewalla.

 

[amrogers3]

What's your current usage now?

Here is a snapshot of my current usage

 

[LOCO LAPTOP]

I had a N150 fanless 4x2.5GbE Topton computer I got from Aliexpress. Worked great until I moved to Firewalla.

Same but I moved to a UDM Pro.

 

[Sycraft]

I will second the Netgate appliance thing. We've bought small ones at work for various uses and they work well. It's just convenient having a small unit that does it all. Like you can totally build a PC that'll do the same or better... but why bother? They are also fanless until you get to pretty large units so that's nice.

 

[MrGuvernment]

Buy a used Dell/HP SFF with an open PCie slot, i3 8th gen for longer term performance, with 4-8GB of ram and then buy a PCIe Intel NIC and off you go, more power than what a netgate device will give you for the prices they charge.

 

[kirbyrj]

Buy a used Dell/HP SFF with an open PCie slot, i3 8th gen for longer term performance, with 4-8GB of ram and then buy a PCIe Intel NIC and off you go, more power than what a netgate device will give you for the prices they charge.

That is true, however, you get the pfSense Plus for free with a Netgate device vs. $129/yr. with 3rd party hardware. From what I've seen Netgate certainly doesn't seem to care much about the CE version and rarely updates it. If you're going to go 3rd party hardware, I'd probably get opnsense instead. I used them both, and I kind of liked opnsense better.