Step By Step Guide | Build A 10GbE Router! PfSense 10Gbps 2U Network Appliance Dual 10GBase-T +SSD 🚀

Поделиться
HTML-код
  • Опубликовано: 11 сен 2024
  • A 4K60 HDR tutorial to build a robust 10Gbps router using affordable components with long life expectancy.
    I built this security appliance at the end of November 2017 and was always told that it is "overkill." The appliance and Hoffman EWMW242425 rack have proven to be future proof and extremely reliable, all at an affordable cost. The 2U standard ATX case utilizing standard sized ATX motherboards and power supplies enables this appliance to always have replacement parts available at an affordable price.
    I used a Razer Blade 15 Advanced 2021 model with Thunderbolt in order to have a bus speed capable of true 10Gbps speeds. The QNAP's SFP+ port accepts many different types of modules for fiber optic and copper testing at higher speeds.
    Components Used For pfSense:
    Intel X550 PCI-E X4 Dual 10GBase-T Network Card (X550T2)
    Intel i3-8100 8th Gen LGA1151 Quad Core CPU
    ASROCK LGA 1151 H310M-HDV Motherboard
    Corsair DDR4 2400MHz 8GB Kit (2x 4GB)
    Samsung EVO 850 250Gb Solid State Drive (SATA)
    Noctua NH-L9i Low-Profile CPU Fan
    Corsair ATX Power Supply
    Rosewill 2U Rackmount ATX Case (RSV-2600)
    Rack:
    Hoffman EWMW242425 Rack Enclosure
    Startech 2U Vented Shelf
    Netgear CM-2000 2.5Gbps Multi-Gig Cable Modem (Cox 1Gig Service)
    CyberPower 1500va PR1500RT2UC Smart App Sinewave UPS System
    Netgear XS712T Managed Layer-3 10Gig Switch
    ANNKE (Hikvision) 12MP 4K NVR 8CH & 4K HDMI Splitter
    Network Tested With:
    QNAP QNA-T310G1S Thunderbolt 3 SFP+ Adapter
    Razer Blade 15 Advanced 2021 model w/i9 & Thunderbolt 3, Windows 11
    Speedtest.net on Chrome browser to the "Fastest Server" closest to my location.

Комментарии • 87

  • @Arco3254
    @Arco3254 7 месяцев назад +12

    Nice clean build. I myself choose a old Dell optiplex SFF with a 6700k and an Intell x520 dual spf+. I run a full 10g network in my house with a 10g fiber wan capped at 3.5gb. I can push all 3.5gb with this pfsense build.

  • @kapel1742
    @kapel1742 7 месяцев назад +4

    Nice build. I'd personally swap the chasis fans for something like Noctua. Also Velcro strips / cable ties instead of zipties is a good choice too. No risk of damaging the cabling. Nice job overall!

  • @JayJr.
    @JayJr. 2 месяца назад

    I am about to build my first PsSense machine and was researching the parts when I found this video. Great build! Thank you!

  • @TheDillio187
    @TheDillio187 3 месяца назад

    I used that same case for my TrueNAS build. It's still working great!

  • @JasonsLabVideos
    @JasonsLabVideos 7 месяцев назад +7

    Couple suggestions. Don't use that style of Power supply, use the style that have fans on the rear, when you put the case top on you are going to suffocate the intake fan. Second, I would have bought a motherboard with a m.2 slot on it for a 2456g ssd.

    • @KamotzII
      @KamotzII 7 месяцев назад +6

      That case has a cutout specifically for the PSU fan on the lid. I have a very similar design case. It works fine.

    • @JasonsLabVideos
      @JasonsLabVideos 7 месяцев назад

      Sweet, Some of the previous ones didn't.@@KamotzII

  • @aricbrown3683
    @aricbrown3683 7 месяцев назад +2

    Nice build, I personally would replace the case face with some better motherboard controlled noctua fans for just noise control

  • @blakecasimir
    @blakecasimir 7 месяцев назад +3

    I used an SFF HP Prodesk wiith a Core i3.6100T as an opnsense build. It idles at 13W. It was crazy inexpensive, these old office systems are all over used sites and are ideal for server builds.

  • @jfkastner
    @jfkastner 7 месяцев назад

    For Airflow I'd route the Cables away from the MB first, then bundle them up with a Velcro Tie. The MB itself works as a Heatsink and Radiates. You created a 'Cable Blob' right next to your RAM. Besides that I like the Project.

  • @xcleaner15
    @xcleaner15 19 дней назад

    great video, but I would install a fan on your external network card to get even more performance and to extend the lifespan.
    because these network cards are not optimized to be passively cooled they are rather designed to have a very strong airflow in the case and the server should very probably also be quiet therefore an additional fan on the network card

  • @OsX86H3AvY
    @OsX86H3AvY 7 месяцев назад +3

    i have a build now with pfsense and an hp elitedesk 800 g3 with an i7 7700 and 32gb of junk 2400 ddr4 memory along with an X710-DA4 quad port 10G SFP+ card, two single realtek 2.5G cards (will upgrade to dual intels at some point here I think) and a quad port realtek 8125 2.5G card - have to install the realtek drivers which is a pain but you can just use the intel for WAN and 10G for LAN for the install and then changeover to the 2.5G for WAN once installed....surprisingly the realteks have been ROCK SOLID and get 2.35Gbps line rate all day long....and the SFP+ cards are DIRT cheap.....nice content I dig it, keep it up!

  • @deadlymarsupial1236
    @deadlymarsupial1236 7 месяцев назад +2

    BIOS setting:
    (Intel): After Power Failure setting to Power On
    (Gigabyte): Restore (on) AC Power Loss to Power On
    (ASUS): “Restore on AC/Power Loss” or “AC Power Recovery” or "After Power Loss"
    I use the intel dual sfp++ nic & intel 4 x 1GBE nic
    One sfp++ 10GBE is vlan trunk from switch to pfsense using DAC and use pfsense to do firewall between vlans and internet connection/s.
    Eventually I will link aggregate the two sfp++ ports and vlan the aggregated virtual ports at both ends however that introduces some technical considerations when upgrading as to do so is a o/s driver config hack. One way around that may be to virtualise and use the hypervisor to fan out the vlans to logical interfacess passed through to pfsense vm.

  • @wallyhare8616
    @wallyhare8616 7 месяцев назад +1

    I have the exact same case but have an old old Xeon with similar intel 10 g card for truenas and unraid, a 4 port gigabit nic to supply the rest of the house. I also used 2 64 gig intel ssd in ZFS “raid 1”. I was using pfsense but shortly swapped to OPNSense. It’s on a UPS along with the switches and WAP so no dropped internet in the evening of a power outage

  • @batemanjo9
    @batemanjo9 23 дня назад

    You had to force the 2.5 Gb/s because of the Nic you are using. Its the Intel x550 chipset and technically NBASE-T was originally not supported (2.5 Gb/s and 5 Gb/s) because those speeds are not used in an enterprise environment. If you want full auto negotiation (100/1000/2.5/5/10) go with the intel x710 cards they have full support of NBASE-T & BASE-T

  • @project2501
    @project2501 7 месяцев назад +1

    Don't do a circle with thermal paste, or you might trap air bubbles. Just one dollop, or X, not a circle.

  • @bartgrefte
    @bartgrefte 7 месяцев назад

    Also using an i3-8100(T) here, but with Debian because I like to config everything myself. This is router-pc v4, the first two were Atom based (N270 -> N2800), the 3rd i3-8100T where the MB died after 3 years possibly due to passive cooling (Akasa Galileo TU3 case) and then I reused that CPU/RAM/SSD in a Shuttle barebone that's been running like a charm since. Even the old Atom-systems could handle 1Gbps symmetric fiber without a drop of sweat :) , this with DPI/etc off. Unfortunately going 10Gb isn't possible with the current system, no room for expansion cards plus faster than 1Gb isn't available yet.

  • @eric-seastrand
    @eric-seastrand 7 месяцев назад +3

    I am skeptical that this hardware can actually NAT masquerade packets at line rate. So I’m excited for the follow up once you get multi gig fiber WAN.
    You could also test this in a lab setting with iperf if you have two 10g capable devices.

    • @GhostieXV
      @GhostieXV 7 месяцев назад

      @@wojtek-33 Good to know someone tested 10Gb on the wyzse 5070. I currently rock one with OPNsense and dual 2.5GB intel 226. Glad to know I can upgrade it later down the line.

    • @GhostieXV
      @GhostieXV 7 месяцев назад

      @@wojtek-33 Out of curiosity which 10Gb card are you running in it?

    • @GhostieXV
      @GhostieXV 7 месяцев назад

      @@wojtek-33 nice I have a few of those and a connectx4. Good to know they work

  • @VTOLfreak
    @VTOLfreak 7 месяцев назад

    Good build but I would have swapped the fans out for models with 4-pin PWM connectors. Also, as others suggested: Don't cover the opening for the PSU fan. a PSU with a rear fan might have been a better choice.

  • @chrislewis2262
    @chrislewis2262 7 месяцев назад

    It looks good but for a secure rack I would close up the back side of the rack mount because what good does a locking front panel do if the whole back side of it is open.

  • @michaelgleason4791
    @michaelgleason4791 7 месяцев назад

    If you're so worried about "wires trapping air" (whatever that means) why on earth wouldn't you use a modular SFF power supply? For those in the back of the class, this doesn't matter one bit.

  • @EDG3PC
    @EDG3PC Месяц назад

    How the energy consumption? Asking cuz i saw you put a 600W power supply. A Qnap 10g router is 37w max.

  • @lukasibanda6730
    @lukasibanda6730 5 месяцев назад

    Nice pfsense router build

  • @gimmegaming5345
    @gimmegaming5345 7 месяцев назад

    Just as an fyi, the thermal paste that comes with the noctua cooler would be as good as what you used if not better.

  • @666Maeglin
    @666Maeglin 7 месяцев назад +1

    I was wondering are their ventilation slits on topcover above the powersupply or is the cover closed. I never saw that in your video..
    never mind it was visible in the beginning upon rewatching.🙂

  • @kaushikwavhal3403
    @kaushikwavhal3403 3 месяца назад

    Great build! I was looking for a multi gig build since a long time but everything I found was a sub gig pf sense build.
    Curious to know what the average power draw from this thing is?

  • @704Productions
    @704Productions 7 месяцев назад +2

    Do you have a total drive out cost for this?

  • @marinsnb
    @marinsnb 3 месяца назад

    To clarify is this a 2u Startech or Rosewill case? The video states Startech but the the parts list incudes Rosewill. Thank you!

  • @mlcs
    @mlcs 2 месяца назад

    What's the power draw? I saw some Chinese computers with Intel N100 that only draw 10-15w, and I'm curious about the i3-8100.

  • @slow_Jo
    @slow_Jo 7 месяцев назад

    I'd like to know how you set up pfsense with Quantum Fiber when you do make that change. I'm on Quantum Fiber's 1gig service and am thinking about building a pfsense machine as well. Pros and cons vs something like a Dream Machine Pro SE ($499) because the cost will most certainly be higher if building with new parts?

  • @johnrobertelardo7154
    @johnrobertelardo7154 5 месяцев назад

    Question, do I need a graphics card adapter if I'm using an AMD CPU instead of an INTEL? I heard that AMD doesn't have an integrated graphics but I also don't want to spend money investing an intel CPU.

  • @chinesepopsongs00
    @chinesepopsongs00 7 месяцев назад +1

    i would have gone with more overkill specially on the cpu side. Like a i3 of the 12th gen or newer since they are also cheap and low power but the single core performance has gone up a lot which can help some things in pfsense.

    • @BenState
      @BenState 7 месяцев назад +1

      Have you seen what pfsense uses? Fall.

  • @LtdJorge
    @LtdJorge 7 месяцев назад

    $160 a month? Damn, internet in the US is tough

  • @AymericPutin
    @AymericPutin Месяц назад

    yoooooo if youhave the toyota pickup i give you a great offer.

  • @paulmaydaynight9925
    @paulmaydaynight9925 7 месяцев назад

    in 2024 at least put a cheap dual 2.5Gbit/s card in that spare x1 slot for the wan so you can at least have 2 useable 10Gbit/s lan ports today, better yet get a new 4 slot motherboard [MSI PRO B550M-VC WiFi ProSeries Motherboard (AMD AM4] & populate that with more dual ports for lan use.

    • @LtdJorge
      @LtdJorge 7 месяцев назад +1

      Are you talking about a switch? A router only needs 2 ports.

  • @crandall903
    @crandall903 7 месяцев назад

    i would like to asked 1 question if possible. would the 2.5 ssd limit the bandwidth of the fiber

    • @johnnyvvlog
      @johnnyvvlog 7 месяцев назад +2

      The SSD has nothing to do with the network speed. It's just there to store and boot the OS.

    • @crandall903
      @crandall903 7 месяцев назад

      ​@@johnnyvvlog Please explain, because I would think the SSD would be a bottleneck of some type, wouldn't it? I'm still confused. I'm just confused, and I want to understand/learn

    • @johnnyvvlog
      @johnnyvvlog 7 месяцев назад

      @@crandall903 the bandwidth never goes through the ssd. It's only there to boot from. Everything else happens in working memory which the SSD is not.

    • @crandall903
      @crandall903 7 месяцев назад +1

      @@johnnyvvlog so its based off ram like cacheing?

    • @crandall903
      @crandall903 7 месяцев назад

      @@johnnyvvlog dose size matter like is 4gb good for fiber or 8 gb enough

  • @intercity125
    @intercity125 7 месяцев назад +1

    Taken any power measurements?

  • @BryanSeitz
    @BryanSeitz 7 месяцев назад +12

    Opnsense > Pfsense

  • @Ex_impius
    @Ex_impius 7 месяцев назад

    That was ALOT of thermal paste...

    • @intercity125
      @intercity125 7 месяцев назад

      And drew an air bubble in - yack!

  • @BenState
    @BenState 7 месяцев назад +2

    Running a 600W PSU on a a machine that'll pull 100W max. Not good for efficiency. Such a weird build.

    • @aRandomHomelabber
      @aRandomHomelabber 5 месяцев назад

      What

    • @BenState
      @BenState 5 месяцев назад

      @@aRandomHomelabber what dont you understand?

    • @aRandomHomelabber
      @aRandomHomelabber 5 месяцев назад

      ​@BenState your commend is not true. The system only uses what it need so to put a higher watt psu (witch most of are better optimized then cheaper low wattage plus) does not exactly mean that the system is using more watt than if you put in a 200 watt psu for example. Putting a higher watt psu in will probably be better for efficiency

    • @BenState
      @BenState 5 месяцев назад +6

      @@aRandomHomelabber Incorrect. Look at a switch mode power supply efficiency curve, and you'll see that efficiency drops off precipitously below 50% load. Please update your knowledge accordingly.

  • @shephusted2714
    @shephusted2714 7 месяцев назад +3

    opnsense has better driver support and much better licensing - the only thing wrong with this build essentially - using the mini mb is also abit questionable since std atx is about same price and gives you more pci slot options - molex was also a big mistake and who cares about aesthetics - nobody is ever going to appreciate the aesthetics, a few cables are not going to affect airflow appreciably #forks

    • @BenState
      @BenState 7 месяцев назад

      citation on the driver support? whats wrong with teh CE ?

    • @ledoynier3694
      @ledoynier3694 7 месяцев назад

      @@BenState OPNsense is updated way more frequently. they don't lag behind as much as PFsense does. But eventually they get there.
      tbh the main reason i switched to OPN is the UI and ease of use :p

    • @BenState
      @BenState 7 месяцев назад

      @@ledoynier3694 nothing to do with the the claim of drier support. define lag behimd? lag behind what?

    • @tedsanft7420
      @tedsanft7420 7 месяцев назад +1

      OPN isn’t even on FreeBSD 14 yet. Unless you are adding needed features or security patches, why do you want your security platform updated frequently?

    • @shephusted2714
      @shephusted2714 7 месяцев назад

      @@tedsanft7420 opnsense is just better fork - better licensing is big, better driver support is big and updates are critical for a security platform - that should go without saying

  • @BenState
    @BenState 7 месяцев назад

    What on earth are you doing to need a 10Gb pfsense?

    • @tab8k
      @tab8k 7 месяцев назад +6

      Are you some kind of 10Gb gatekeeper?

    • @BenState
      @BenState 7 месяцев назад

      @@tab8k not an answer

    • @RyzoTM
      @RyzoTM 7 месяцев назад

      10Gbe NIC for future proofing, i would assume. I am doing what this guy is doing right now, LAN side that is. It is nice to have a NAS that runs data transfers up to that speed.
      1Gbe is too slow, or going to be too slow eventually. Price differences of 2.5/5Gbe and 10gbe isn't all that huge anymore; opting for a much higher theoretical data transfer is best.
      And to further say more things here;
      >WAN -> Whatever Plan he will be going to, past 1gbe, his pfsense machine will have likely no bottlenecks with throughput going this route for a very long time.
      >LAN -> Machines communicating with each other, also no throughput issues.
      For how much 10gbe nics are now, throwing a few more $ won't hurt anything.

    • @BenState
      @BenState 7 месяцев назад +1

      @@RyzoTM I understand that, if it were the switch. But for pfsense, that is a firewall to the WAN, which, 10Gb is a future proofing exercise in the ridiculous. The other machines aren't even connected to the pfsense. And to put a 600W PSU??? Come on man.

    • @ledoynier3694
      @ledoynier3694 7 месяцев назад

      when you have >1gig internet, 10GbE is nice so you can use what you pay for..
      He's getting 8gbit internet access so why stick to 1 or 2,5gbe?
      Also, even if he did stick to using 1 or 2,5gbe devices in the network, the firewall can be 10gbe so it doesn't behave like a bottleneck when multiple users get through at the same time.
      10Gbe is not as expensive as it used to be. Most people would be fine with regular 2,5 but if you have a NAS or faster internet, why limit yourself?

  • @bitemykrank1970
    @bitemykrank1970 7 месяцев назад

    Being a Firewall, and being an SSD as your primary drive, enjoy it when it fails in 6 months due to SSD failure, constant writing to it is going to make it's lifespan much LESS than a platter drive would give.....my firewall with a HDD lasted 10 years before I needed to replace it's drive, the SSD I tried gave out after 12 months. More modern does NOT always mean BETTER.

    • @aRandomHomelabber
      @aRandomHomelabber 5 месяцев назад +1

      This is bs. I run my router with an ssd for almost 2 years now

    • @kiddor3
      @kiddor3 5 месяцев назад +1

      I have had my ssd for 8 yrs on my router and 12 on my server, and both are perfectly fine. I think you might have many of the standard problems people forget about and store on ssd. I use ramdisk for logs, disable recording access times on fs and it works beautifully.

    • @empedance1933
      @empedance1933 3 месяца назад

      Could put in 2, as most motherboards will have at least 2 slots, and set them as a mirrored/raid1 array