PFSense hardware help me decide

[Vengance_01]

I am looking for something small, low powered but with some room to grow to support high end fiber connections as my new house is served by Frontier aka Verizon Fios in the future. They only offer 150/150 max atm, but I can see them adding more speeds as charter rolls out the new 3.1 cable standard. I stumbled on this company who makes Atom based SOC boards the size of Raspberry-PI that use 5V power adapters.

Currently looking at the following:

z8350,2GB LPDDR3,16GB eMMC for 99$
http://up-shop.org/up-boards/2-up-board-2gb-16-gb-emmc-memory.html

Now the above setup only has 1GB Ethernet, so for the WAN side I was going to use a USB 3.0 gigabit Ethernet based on ASIX AX88179 chipset which is on the FreeBSD HWC list. Also the USB 3.0 has its on dedicated lane. Throw in a cheap 7$ case and 10$ 5V 4A power adapter and I got a pretty nice tiny PFsense firewall that can grow in performance for about 150$ ish shipped

The second setup is also from this company but they have a board that's about the same size but includes dual GBe Nics and has a Apollo Lake M Intel Celeron 2C 2.4 GHz N3350 2GB LPDDR4, 32GB eMMC and more USB 3.0 ports etc... for 149$
http://up-shop.org/up-boards/92-up-squared-celeron-duo-core-2gb-memory32gb-emmc.html

Add a case for 14$ and 15-20$ for a 6A 5V PSU for a total of close to 200$ish

I feel the first is a better deal despite being an atom chip you get 4 cores and since freeBSD is SMP aware, this processor would give overall performance for a PFsense router where as the Celeron would be better as a general PC or other device that's more dependent on memory bandwidth or single threaded performance.

I thought about getting this before I found these UP-Boards, but they seem to be older atom platforms and use 12V power bricks which will draw more power.

https://www.amazon.com/Firewall-Mic...rd_wg=RRNEd&psc=1&refRID=MWFDVJJENX6ADPB2P0XF


In closing just looking for some thoughts. I will not be doing any VLANs, I have my trendnet 8 port GB switch which will be my LAN side and my AP"s will be Unifi base A/C in wall units. I know I could just get a Unifi router-X but I have heard to many horror stories and I want to be able to do Snort, VPN, A/V scanning etc... plus I want something fun I can play with and tweak.


EDIT**
To throw a wrench into this, should I just get the Routerboard HeX POE which give me support to power my 2 in-wall POE based Unifi A/C AP's and based on a another thread here can handle a gigabit connection without issues.

 

[Cmustang87]

Funny how this post ended up as by the time I got to the end of your post, you led yourself close to my recommendation, hah.

I was reading your post and I was getting you a link for the new hEX Routerboard, with a PoE switch. - Which is a way better solution for less cash: https://mikrotik.com/product/RB750Gr3

Product specifications
Details
Product code RB750Gr3
10/100/1000 Ethernet ports 5
CPU MT7621A
CPU Threads count 4
CPU core count 2
CPU nominal frequency 880 MHz
Dimensions 113x89x28mm
License level 4
Max Power consumption 5W
Number of USB ports 1
Operating System RouterOS
PCB temperature monitor Yes
PoE in Yes
Power Jack 1
Size of RAM 256 MB
Storage size 16 MB
Storage type FLASH
Supported input voltage 8 V - 30 V
Tested ambient temperature -30 + 70 C
USB Power Reset Yes
USB slot type USB type A
Voltage Monitor Yes
Suggested price $59.95

You could go Ubiquiti for a PoE switch: https://www.amazon.com/Ubiquiti-Networks-US-8-60W-Unifi-Switch/dp/B01MU3WUX1

Or a comparable TP-Link or Netgear PoE switch.

ALTERNATIVELY, if you are in the industry, you can sign up for a Meraki promotion and get an 8 port PoE switch for free just for attending a webinar: https://meraki.cisco.com/webinars/signup/1267/introduction-to-cloud-managed-switches-americas/

While Cisco Meraki webinars are open to all audiences and while switches may be offered at live events, to be eligible for a free switch, participants must:

• Attend the live event or the live webinar in its entirety
• Enter a valid company name and website
• (i) Be an IT professional working in in one of the countries listed below, (ii) have an active role of managing, maintaining, or monitoring their organization’s network infrastructure, and (iii) be employed by the company
• Register with a shipping address (a post office box is not sufficient) in the US, Canada, the UK, Ireland, France, Germany, Australia, New Zealand, Sweden, the Netherlands, Singapore, Thailand, or Japan. At this time, we cannot ship free switches outside of these regions, and cannot ship to post office boxes.
• If from a European country, provide a valid VAT ID for shipment.
• Not be a partner, reseller, or consultant
• Register with their company’s email address
• Confirm eligibility and shipping address with a Cisco Meraki representative by phone

https://meraki.cisco.com/products/switches/ms220-8

 

[Vengance_01]

Wow I could be eligible for a free 8-port switch... How would the licensing work?

 

[Cmustang87]

It's valid for three years, but would be attached to your business account that you registered with. However, if you switch jobs or anything, your account still works just fine...it is only used as your login name for the dashboard and when they send out renewal notifications when you get near your expiration.

 

[Vengance_01]

I need to see the Telco box and see how feasible this will be. My ideal setup would be the free 8 port POE switch with the new v3 Hex Router and 2 in Wall Unifi A/C AP's as they need 802.3at PoE+ to enable the additional POE passive port and additional GBe port built into the AP. This would also give me room to mess with VLANs and add additional POE based units without fear of running out of power or ports.

 

[Cmustang87]

Hell yea, sounds like an awesome setup!

Let me know how it goes!