Re: Hardware hunting
Maurice Janssen maur...@z74.net wrote: http://blog.bytemine.net/2012/08/15/bytemine-appliance-6a16e/ https://shop.bytemine.net/startseitenprodukte/bytemine-appliance-6a16e.html Does anyone know the dimensions of it? Can't find them on the website It's an Axiomtek NA-320FL, and according to the data sheet http://us.axiomtek.com/Download/Spec/na-320fl.pdf the dimensions are: 44 mm (1.73) (H) x 230 mm (9.00) (W) x 153.5 mm (6.04) (D) -- Christian naddy Weisgerber na...@mips.inka.de
Re: Hardware hunting
On 2012-11-17, Christian Weisgerber na...@mips.inka.de wrote: Maurice Janssen maur...@z74.net wrote: http://blog.bytemine.net/2012/08/15/bytemine-appliance-6a16e/ https://shop.bytemine.net/startseitenprodukte/bytemine-appliance-6a16e.html Does anyone know the dimensions of it? Can't find them on the website It's an Axiomtek NA-320FL, and according to the data sheet http://us.axiomtek.com/Download/Spec/na-320fl.pdf the dimensions are: 44 mm (1.73) (H) x 230 mm (9.00) (W) x 153.5 mm (6.04) (D) There is also a rackmount version, NA-320R, should only a little more expensive if you can find somewhere to buy it (the UK distributor for Axiomtek that I talked to can get them but the lead time is quite long).
Re: Hardware hunting
On Thu, Nov 15, 2012 at 04:47:53PM -0500, Chris McGee wrote: Hi guys- I am hunting for a low-power firewall for my home network. For at least 10 years, whenever my firewall hardware has started to die, I've grabbed a decommissioned game PC, added a few NIC's, and put OpenBSD on it. The firewall's current incarnation pulls about 160 watts 24/7; I'd like to lower that by a lot. Requirements are: 1) Low power (50w; I want it to pay for itself before the hardware dies) 2) 4 network interfaces (3 gigabit, one gigabit or 100mbps) 3) Cheaper is better (e.g., a $200 4-port PCIE NIC on a $75 motherboard is suboptimal) 4) Works with OpenBSD 5.2 5) Won't cause a hardware bottleneck when pushing 200mbps of multidirectional traffic through a moderately complex pf ruleset (this doesn't take a lot of CPU; a 1 GHz Athlon runs at about 2% under load, and most of that is from hardware interrupts). It looks like a lot of people use the Alix 2D13 for this, but I rejected it for poor throughput (it would be great for the internet connection, but it sounds like it might be a serious bottleneck between the internal networks). Jetway makes a number of promising-looking Atom boards, including the 4-interface NF38, but the NF38 and many other JetWays use the Realtek RTL8111EVL, which doesn't appear to be OpenBSD-friendly. You can add interfaces to Jetway boards via their daughterboards, but those are either Realtek RTL8111F or Intel 82574L; same problem. (Google turns up one report of the RTL8111 series sorta working with -current, but if you read the guy's dmesg, it doesn't look like he HAS an RTL8111 in the first place.) ...anyway, if you have a low-power OpenBSD network appliance with 3-4 interfaces that you're happy with, please give me a yell. I've been through a lot of boards without finding a winner so far! Hi, At work, i'm using a bytemine appliance: http://blog.bytemine.net/2012/08/15/bytemine-appliance-6a16e/ https://shop.bytemine.net/startseitenprodukte/bytemine-appliance-6a16e.html Works very fine. -- Pierre-Emmanuel André pea at raveland.org GPG key: 0x7AE329DC
Re: Hardware hunting
2012/11/16 Pierre-Emmanuel André p...@raveland.org: At work, i'm using a bytemine appliance: http://blog.bytemine.net/2012/08/15/bytemine-appliance-6a16e/ https://shop.bytemine.net/startseitenprodukte/bytemine-appliance-6a16e.html Very nice. What do you use for mass storage? The industrial compact flash options by bytemine are quite expensive... :-( Best Martin
Re: Hardware hunting
On Thu, Nov 15, 2012 at 10:30:26PM -0600, Axton wrote: The supermicro Atom based machines are nice. I am a fan of the remote management interface, which allows power cycle, KVM over IP, virtual media, etc. Really? KVM over IP on Supermicro doesn't work from OpenBSD. Serial console redirection to real serial port looks quite shitty. Or what do you have in BIOS for serial console redirection? jirib
Re: Hardware hunting
Chris McGee cmcge...@gmail.com wrote: The Soekris Net4x series uses an anonymous ethernet chip that you can't quite read in the photos and it's not listed in the spec sheet. I am pretty sure the Net4501-30 has a VM552RR chip, but I don't know who makes That's just the transformer. The net45xx and net48xx series use the National Semiconductor DP83816, supported by the sis(4) driver. -- Christian naddy Weisgerber na...@mips.inka.de
Re: Hardware hunting
On Fri, Nov 16, 2012 at 12:06:54PM +0100, Martin Schröder wrote: 2012/11/16 Pierre-Emmanuel André p...@raveland.org: At work, i'm using a bytemine appliance: http://blog.bytemine.net/2012/08/15/bytemine-appliance-6a16e/ https://shop.bytemine.net/startseitenprodukte/bytemine-appliance-6a16e.html Very nice. What do you use for mass storage? The industrial compact flash options by bytemine are quite expensive... :-( We use a ssd drive wd0: 16-sector PIO, LBA48, 61057MB, 125045424 sectors -- Pierre-Emmanuel André pea at raveland.org GPG key: 0x7AE329DC
Re: Hardware hunting
On Thu, Nov 15, 2012 at 5:06 PM, Michel Blais mic...@targointernet.comwrote: I now use Lanner FW-7535 instead. Cost a little more but like them better and Lanner service is great. Atom board with case + 6 Intel NIC. I think those are also 82574L so not the fastest intel NIC but for low budget firewall, those are fine. Also, the Atom is a desktop version so take more power than those in jetway I have use. Michel Like Michel, I went with a Lanner box as well, but I went with the FW-7565 [1]. I have upgraded from 4.9 on through 5.2 on this box, and have had nary a problem, nor do I hear this machine either. It runs pf, openvpn, bind, dhcpd, and other small daemons. I mainly bought the machine because I liked being able to throw a cheap huge PATA hard drive in there, and not be concerned with flash's supposed write-limit, or mucking about with read-only filesystem, among other things. Obligatory dmesg: OpenBSD 5.2 (GENERIC.MP) #368: Wed Aug 1 10:04:49 MDT 2012 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 2136604672 (2037MB) avail mem = 2057416704 (1962MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xfc120 (24 entries) bios0: vendor American Megatrends Inc. version 080015 date 11/23/2010 acpi0 at bios0: rev 0 acpi0: sleep states S0 S1 S4 S5 acpi0: tables DSDT FACP APIC MCFG OEMB HPET GSCI acpi0: wakeup devices P0P1(S4) PS2K(S4) PS2M(S4) USB0(S4) USB1(S4) USB2(S4) USB3(S4) EUSB(S4) P0P4(S4) P0P5(S4) P0P6(S4) P0P7(S4) P0P8(S4) P0P9(S4) HDAC(S4) USB4(S4) USB5(S4) USBE(S4) GBEC(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Atom(TM) CPU D510 @ 1.66GHz, 1666.89 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG,LAHF cpu0: 512KB 64b/line 8-way L2 cache cpu0: apic clock running at 166MHz cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Atom(TM) CPU D510 @ 1.66GHz, 1666.67 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG,LAHF cpu1: 512KB 64b/line 8-way L2 cache cpu2 at mainbus0: apid 1 (application processor) cpu2: Intel(R) Atom(TM) CPU D510 @ 1.66GHz, 1666.67 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG,LAHF cpu2: 512KB 64b/line 8-way L2 cache cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Atom(TM) CPU D510 @ 1.66GHz, 1666.67 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG,LAHF cpu3: 512KB 64b/line 8-way L2 cache ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 1, remapped to apid 4 acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 7 (P0P1) acpiprt2 at acpi0: bus 1 (P0P4) acpiprt3 at acpi0: bus 2 (P0P5) acpiprt4 at acpi0: bus 3 (P0P6) acpiprt5 at acpi0: bus 4 (P0P7) acpiprt6 at acpi0: bus 5 (P0P8) acpiprt7 at acpi0: bus 6 (P0P9) acpicpu0 at acpi0 acpicpu1 at acpi0 acpicpu2 at acpi0 acpicpu3 at acpi0 acpibtn0 at acpi0: PWRB pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel Pineview DMI rev 0x02 vga1 at pci0 dev 2 function 0 Intel Pineview Video rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 4 int 16 drm0 at inteldrm0 Intel Pineview Video rev 0x02 at pci0 dev 2 function 1 not configured ppb0 at pci0 dev 28 function 0 Intel 82801H PCIE rev 0x03: msi pci1 at ppb0 bus 1 em0 at pci1 dev 0 function 0 Intel PRO/1000 MT (82574L) rev 0x00: msi, address 00:90:0b:1f:95:ba ppb1 at pci0 dev 28 function 1 Intel 82801H PCIE rev 0x03: msi pci2 at ppb1 bus 2 em1 at pci2 dev 0 function 0 Intel PRO/1000 (82583V) rev 0x00: msi, address 00:90:0b:1f:95:bb ppb2 at pci0 dev 28 function 2 Intel 82801H PCIE rev 0x03: msi pci3 at ppb2 bus 3 em2 at pci3 dev 0 function 0 Intel PRO/1000 (82583V) rev 0x00: msi, address 00:90:0b:1f:95:bc ppb3 at pci0 dev 28 function 3 Intel 82801H PCIE rev 0x03: msi pci4 at ppb3 bus 4 em3 at pci4 dev 0 function 0 Intel PRO/1000 (82583V) rev 0x00: msi, address 00:90:0b:1f:95:bd ppb4 at pci0 dev 28 function 4 Intel 82801H PCIE rev 0x03: msi pci5 at ppb4 bus 5 em4 at pci5 dev 0 function 0 Intel PRO/1000 (82583V) rev 0x00: msi, address 00:90:0b:1f:95:be ppb5 at pci0 dev 28 function 5 Intel 82801H PCIE rev 0x03: msi pci6 at ppb5 bus 6 em5 at pci6 dev 0 function 0 Intel
Re: Hardware hunting
Forman, Jeffrey li...@jeffreyforman.net wrote: I mainly bought the machine because I liked being able to throw a cheap huge PATA hard drive in there, and not be concerned with flash's supposed write-limit, or mucking about with read-only filesystem, among other things. Funny. I'd rather throw in a flash than a fragile hard drive. -- Christian naddy Weisgerber na...@mips.inka.de
Re: Hardware hunting
Am 16.11.2012 um 20:11 schrieb Russell Garrison russell.garri...@gmail.com: I can also vouch for the Lanner, but make sure you get the fanless model. I bought the ones with fans to go into a noisy server room, but they spent a week or two in testing on my desk. People walking by kept thinking that a faucet was running full blast in my cubicle, so you probably don't want that in a home-based scenario. I got my Lanner from bytemine. Here is some photos: http://emea.centroid.eu/blog/index.php?article=1294095600 That's the previous model, they are offering the 'e' model now I think. Anyhow I got the Intel SSD separately for it. Yesterday I upgraded it to OpenBSD 5.2, it's been really stable since I bought it. One thing that is weird that I found out was that no matter what load is on the CPU I registered 20 Watts on my electricity meter. I still use apmd -C on it so that it conserves on heat, not that it gets hot, but it gets warm. You can put your hand on the top and it would be about 40 degrees, so bareable. Regards, -peter
Re: Hardware hunting
On 2012-11-16, Forman, Jeffrey li...@jeffreyforman.net wrote: I mainly bought the machine because I liked being able to throw a cheap huge PATA hard drive in there, and not be concerned with flash's supposed write-limit, or mucking about with read-only filesystem, among other things. I've used flash quite a lot in the last 10 years (CF, disk-on-module, and more recently SSD), they do fail sometimes of course, but the majority of failures I had were in the first month or two of use and not anything I can attribute to wear. Only time I mess around with read-only FS etc is for things where I want to avoid automatic fsck failing if the power gets pulled etc. Sometimes I do use syslog memory buffers for things (e.g. debug logging) which don't need to go to permanent storage, but mainly that's just because it can be a bit slow on some of these devices..
Re: Hardware hunting
On Fri, Nov 16, 2012 at 11:33:28AM +0100, Pierre-Emmanuel Andr? wrote: At work, i'm using a bytemine appliance: http://blog.bytemine.net/2012/08/15/bytemine-appliance-6a16e/ https://shop.bytemine.net/startseitenprodukte/bytemine-appliance-6a16e.html Works very fine. Does anyone know the dimensions of it? Can't find them on the website of Bytemine and I was wondering if it would fit in 1U when placed on a rack shelf. Thanks, Maurice
Re: Hardware hunting
Check out http://soekris.com/. I have a low end one and it works great. Little costly though. Justin Mayes -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Chris McGee Sent: Thursday, November 15, 2012 3:48 PM To: misc@openbsd.org Subject: Hardware hunting Hi guys- I am hunting for a low-power firewall for my home network. For at least 10 years, whenever my firewall hardware has started to die, I've grabbed a decommissioned game PC, added a few NIC's, and put OpenBSD on it. The firewall's current incarnation pulls about 160 watts 24/7; I'd like to lower that by a lot. Requirements are: 1) Low power (50w; I want it to pay for itself before the hardware dies) 2) 4 network interfaces (3 gigabit, one gigabit or 100mbps) 3) Cheaper is better (e.g., a $200 4-port PCIE NIC on a $75 motherboard is suboptimal) 4) Works with OpenBSD 5.2 5) Won't cause a hardware bottleneck when pushing 200mbps of multidirectional traffic through a moderately complex pf ruleset (this doesn't take a lot of CPU; a 1 GHz Athlon runs at about 2% under load, and most of that is from hardware interrupts). It looks like a lot of people use the Alix 2D13 for this, but I rejected it for poor throughput (it would be great for the internet connection, but it sounds like it might be a serious bottleneck between the internal networks). Jetway makes a number of promising-looking Atom boards, including the 4-interface NF38, but the NF38 and many other JetWays use the Realtek RTL8111EVL, which doesn't appear to be OpenBSD-friendly. You can add interfaces to Jetway boards via their daughterboards, but those are either Realtek RTL8111F or Intel 82574L; same problem. (Google turns up one report of the RTL8111 series sorta working with -current, but if you read the guy's dmesg, it doesn't look like he HAS an RTL8111 in the first place.) ...anyway, if you have a low-power OpenBSD network appliance with 3-4 interfaces that you're happy with, please give me a yell. I've been through a lot of boards without finding a winner so far! [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: Hardware hunting
I have one Jetway board in production with 5.0 with intel daughterboard work fine but it's only 3 intel NIC so would have to use one realtek. I didn't try realtek NIC with lot of traffic. I now use Lanner FW-7535 instead. Cost a little more but like them better and Lanner service is great. Atom board with case + 6 Intel NIC. I think those are also 82574L so not the fastest intel NIC but for low budget firewall, those are fine. Also, the Atom is a desktop version so take more power than those in jetway I have use. Michel
Re: Hardware hunting
Have Soekris put out a Gbit NIC platform yet? I stopped using them because of this reason. -Joel On 16 November 2012 11:02, Justin Mayes jma...@careered.com wrote: Check out http://soekris.com/. I have a low end one and it works great. Little costly though. Justin Mayes -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Chris McGee Sent: Thursday, November 15, 2012 3:48 PM To: misc@openbsd.org Subject: Hardware hunting Hi guys- I am hunting for a low-power firewall for my home network. For at least 10 years, whenever my firewall hardware has started to die, I've grabbed a decommissioned game PC, added a few NIC's, and put OpenBSD on it. The firewall's current incarnation pulls about 160 watts 24/7; I'd like to lower that by a lot. Requirements are: 1) Low power (50w; I want it to pay for itself before the hardware dies) 2) 4 network interfaces (3 gigabit, one gigabit or 100mbps) 3) Cheaper is better (e.g., a $200 4-port PCIE NIC on a $75 motherboard is suboptimal) 4) Works with OpenBSD 5.2 5) Won't cause a hardware bottleneck when pushing 200mbps of multidirectional traffic through a moderately complex pf ruleset (this doesn't take a lot of CPU; a 1 GHz Athlon runs at about 2% under load, and most of that is from hardware interrupts). It looks like a lot of people use the Alix 2D13 for this, but I rejected it for poor throughput (it would be great for the internet connection, but it sounds like it might be a serious bottleneck between the internal networks). Jetway makes a number of promising-looking Atom boards, including the 4-interface NF38, but the NF38 and many other JetWays use the Realtek RTL8111EVL, which doesn't appear to be OpenBSD-friendly. You can add interfaces to Jetway boards via their daughterboards, but those are either Realtek RTL8111F or Intel 82574L; same problem. (Google turns up one report of the RTL8111 series sorta working with -current, but if you read the guy's dmesg, it doesn't look like he HAS an RTL8111 in the first place.) ...anyway, if you have a low-power OpenBSD network appliance with 3-4 interfaces that you're happy with, please give me a yell. I've been through a lot of boards without finding a winner so far! [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: Hardware hunting
On 11/15/12 4:06 PM, Joel WirÄmu Pauling wrote: Have Soekris put out a Gbit NIC platform yet? I stopped using them because of this reason. -Joel Yeah, the 6501 series is awesome. A bit pricy, but definitely something I recommend. On another note, I use some old Wyse WT941GL machines I bought of Ebay for my test lab. They're VIA 1Ghz/ 256MB RAM machines that I shoved some cheap HP dual (you could probably find quad) port NICs (also from Ebay) into. I think I have about $100 into each one of them, and they would be great for a non-mission critical environment where you don't mind throwing some used hardware into. -- James Shupe [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: Hardware hunting
On Thu, Nov 15, 2012 at 2:47 PM, Chris McGee cmcge...@gmail.com wrote: I am hunting for a low-power firewall for my home network. For at least 10 years, whenever my firewall hardware has started to die, I've grabbed a decommissioned game PC, added a few NIC's, and put OpenBSD on it. The firewall's current incarnation pulls about 160 watts 24/7; I'd like to lower that by a lot. Requirements are: 1) Low power (50w; I want it to pay for itself before the hardware dies) 2) 4 network interfaces (3 gigabit, one gigabit or 100mbps) 3) Cheaper is better (e.g., a $200 4-port PCIE NIC on a $75 motherboard is suboptimal) 4) Works with OpenBSD 5.2 5) Won't cause a hardware bottleneck when pushing 200mbps of multidirectional traffic through a moderately complex pf ruleset (this doesn't take a lot of CPU; a 1 GHz Athlon runs at about 2% under load, and most of that is from hardware interrupts). It looks like a lot of people use the Alix 2D13 for this, but I rejected it for poor throughput (it would be great for the internet connection, but it sounds like it might be a serious bottleneck between the internal networks). Are you open to purchasing a VLAN-capable switch for home use? While this might be considered overkill for home use, if you like data networks, VLANs tend to be invaluable. I did this years ago and I'm quite pleased with the flexibility of my home network as a result--that and my OpenBSD firewall at home is a used low-power legacy notebook with a single GigE em NIC that I picked up for 75USD. Cheers.
Re: Hardware hunting
Thanks for all the feedback! I really like the look of the Soekris boards. The Soekris website isn't that helpful, but I jotted down all my research in case someone else wanted to look at it: https://docs.google.com/spreadsheet/ccc?key=0AqjAAj_-IRQkdEs3TWNkZnZrUGs0S0FjYnRYQjFJZlE (That's not meant to be comprehensive; I stopped researching a model when it failed one of my requirements.) The text-only version (for those reading this in elm or pine :P) is: The Soekris Net6x series is an Intel Atom E6 with an EG20T, and 4 82574L 10/100/1000 chips, which are supported by the em driver. $299 - $456 for the board. The Soekris Net5x series is an AMD Geode LX with a CS5536, and 4 VT6105m 10/100 chips, which are supported by the vr driver. $254 - $222 for the board. The Soekris Net4x series uses an anonymous ethernet chip that you can't quite read in the photos and it's not listed in the spec sheet. I am pretty sure the Net4501-30 has a VM552RR chip, but I don't know who makes that. It does have a logo that looks a bit like an old Via logo. $135 - $178 for the board, but my current guess is that that mystery ethernet chip is not gonna have a driver. I think I will probably spring for the 6501-50 with their custom enclosure and external power. That lists at $380, plus $50 for a cheapo SSD, and I should be running at less than 30 watts for $480- which is a savings of 1,227 KWh per year (or about $283 at my local power rates), so it'll pay for itself in around 19 months. (Since I want to go to bed, I'm not going to attempt to figure in the change in heat loading's effect on heating and AC bills... they'll balance each other out, dammit. ;) ) Thanks again! On Thu, Nov 15, 2012 at 4:47 PM, Chris McGee cmcge...@gmail.com wrote: Hi guys- I am hunting for a low-power firewall for my home network. For at least 10 years, whenever my firewall hardware has started to die, I've grabbed a decommissioned game PC, added a few NIC's, and put OpenBSD on it. The firewall's current incarnation pulls about 160 watts 24/7; I'd like to lower that by a lot. Requirements are: 1) Low power (50w; I want it to pay for itself before the hardware dies) 2) 4 network interfaces (3 gigabit, one gigabit or 100mbps) 3) Cheaper is better (e.g., a $200 4-port PCIE NIC on a $75 motherboard is suboptimal) 4) Works with OpenBSD 5.2 5) Won't cause a hardware bottleneck when pushing 200mbps of multidirectional traffic through a moderately complex pf ruleset (this doesn't take a lot of CPU; a 1 GHz Athlon runs at about 2% under load, and most of that is from hardware interrupts). It looks like a lot of people use the Alix 2D13 for this, but I rejected it for poor throughput (it would be great for the internet connection, but it sounds like it might be a serious bottleneck between the internal networks). Jetway makes a number of promising-looking Atom boards, including the 4-interface NF38, but the NF38 and many other JetWays use the Realtek RTL8111EVL, which doesn't appear to be OpenBSD-friendly. You can add interfaces to Jetway boards via their daughterboards, but those are either Realtek RTL8111F or Intel 82574L; same problem. (Google turns up one report of the RTL8111 series sorta working with -current, but if you read the guy's dmesg, it doesn't look like he HAS an RTL8111 in the first place.) ...anyway, if you have a low-power OpenBSD network appliance with 3-4 interfaces that you're happy with, please give me a yell. I've been through a lot of boards without finding a winner so far!
Re: Hardware hunting
On Thu, Nov 15, 2012 at 3:47 PM, Chris McGee cmcge...@gmail.com wrote: Hi guys- I am hunting for a low-power firewall for my home network. For at least 10 years, whenever my firewall hardware has started to die, I've grabbed a decommissioned game PC, added a few NIC's, and put OpenBSD on it. The firewall's current incarnation pulls about 160 watts 24/7; I'd like to lower that by a lot. Requirements are: 1) Low power (50w; I want it to pay for itself before the hardware dies) 2) 4 network interfaces (3 gigabit, one gigabit or 100mbps) 3) Cheaper is better (e.g., a $200 4-port PCIE NIC on a $75 motherboard is suboptimal) 4) Works with OpenBSD 5.2 5) Won't cause a hardware bottleneck when pushing 200mbps of multidirectional traffic through a moderately complex pf ruleset (this doesn't take a lot of CPU; a 1 GHz Athlon runs at about 2% under load, and most of that is from hardware interrupts). It looks like a lot of people use the Alix 2D13 for this, but I rejected it for poor throughput (it would be great for the internet connection, but it sounds like it might be a serious bottleneck between the internal networks). Jetway makes a number of promising-looking Atom boards, including the 4-interface NF38, but the NF38 and many other JetWays use the Realtek RTL8111EVL, which doesn't appear to be OpenBSD-friendly. You can add interfaces to Jetway boards via their daughterboards, but those are either Realtek RTL8111F or Intel 82574L; same problem. (Google turns up one report of the RTL8111 series sorta working with -current, but if you read the guy's dmesg, it doesn't look like he HAS an RTL8111 in the first place.) ...anyway, if you have a low-power OpenBSD network appliance with 3-4 interfaces that you're happy with, please give me a yell. I've been through a lot of boards without finding a winner so far! The supermicro Atom based machines are nice. I am a fan of the remote management interface, which allows power cycle, KVM over IP, virtual media, etc. It comes with 2 network interfaces, but has a PCI-E x4 that you could use for additional network ports. As another user posted, if you can spring for a layer 2 managed switch, you could get by with just 1 NIC. http://www.supermicro.com/products/system/1U/5015/SYS-5015A-EHF-D525.cfm Here is a dmesg if you are interested in the chipsets (note this is an older model with a D510 CPU): OpenBSD 5.0 (GENERIC.MP) #59: Wed Aug 17 10:19:44 MDT 2011 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Atom(TM) CPU D510 @ 1.66GHz (GenuineIntel 686-class) 1.67 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT ,DS-CPL,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE real mem = 3220283392 (3071MB) avail mem = 3157540864 (3011MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 05/26/10, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.6 @ 0x9ac00 (19 entries) bios0: vendor American Megatrends Inc. version 1.0c date 05/26/2010 bios0: Supermicro X7SPA-HF acpi0 at bios0: rev 2 acpi0: sleep states S0 S1 S4 S5 acpi0: tables DSDT FACP APIC MCFG SLIC OEMB HPET acpi0: wakeup devices P0P1(S4) PS2K(S4) PS2M(S4) USB0(S4) USB1(S4) USB2(S4) USB5(S4) EUSB(S4) USB3(S4) USB4(S4) USB6(S4) USBE(S4) P0P4( S4) P0P5(S4) P0P6(S4) P0P7(S4) P0P8(S4) P0P9(S4) GBE_(S4) SLPB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 166MHz cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Atom(TM) CPU D510 @ 1.66GHz (GenuineIntel 686-class) 1.67 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT ,DS-CPL,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE ioapic0 at mainbus0: apid 3 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 1, remapped to apid 3 acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 4 (P0P1) acpiprt2 at acpi0: bus 1 (P0P4) acpiprt3 at acpi0: bus -1 (P0P5) acpiprt4 at acpi0: bus -1 (P0P6) acpiprt5 at acpi0: bus -1 (P0P7) acpiprt6 at acpi0: bus 2 (P0P8) acpiprt7 at acpi0: bus 3 (P0P9) acpicpu0 at acpi0 acpicpu1 at acpi0 acpibtn0 at acpi0: SLPB acpibtn1 at acpi0: PWRB bios0: ROM list: 0xc/0x8000 ipmi at mainbus0 not configured pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel Pineview DMI rev 0x02 uhci0 at pci0 dev 26 function 0 Intel 82801I USB rev 0x02: apic 3 int 16 uhci1 at pci0 dev 26 function 1 Intel 82801I USB rev 0x02: apic 3 int 21 uhci2 at pci0 dev 26 function 2 Intel 82801I USB rev 0x02: apic 3 int 19 ehci0 at pci0 dev 26 function 7 Intel 82801I USB rev 0x02: apic 3 int 18 usb0 at ehci0: USB revision 2.0 uhub0 at usb0
