Just want to say that even a year later this video really help me wrap my head around physical port mappings for virtualized FW/virtualization hosts. Something even nearly all the "tutorial" videos simply gloss over. I really appreciate this!
Wonderful to see a video on this, got a J4125 4x i225 to pick up next week and N6005 4x i225 is a few weeks away "reviews seems to be dropping in on the mobile site", both from Topton. Feel somewhat secure in the purchase now.
@@ServeTheHomeVideo mine just departed country of origin today according to tracking so about a 16 day lead time to get it shipped and another 30 to arrive with standard shipping on aliexpress for the 5105 model is what it looks like rn for USA.
I set up the firewall protecting my Proxmox VM cluster as a VM running on that cluster. I was having second thoughts about that decision because it seemed like I'd run into an issue where I wouldn't be able to manage the cluster remotely if something happened to it because the firewall was one of the VMs on that cluster. However, that decision was reaffirmed a few weeks back when something happened to the host the firewall was living on. I couldn't get into my cluster remotely, and I was like "oh no ... this eventual nightmare has finally come true". But then, about 5 minutes later the firewall came back up because Proxmox migrated it to another host for me. I was pretty impressed and I was happy with my decision to have made it a VM after that.
WAN port selection really needs to take failure modes into account. If there is some kind of "factory" reset, or if file system corruption deletes your port config file, you don't want your WAN cable going to the port that will ask for a DHCP address and allow logins.
I bought that one after the first video, installed pfSense on it, but I feel it's under utilised. I've been thinking of installing Proxmox on it, so this video is very pertinent
To be or not to be [virtual], that is the question. While an older video now, regardless I find myself here. Excellent video👍, awesome channel, thank you. 17:10 -- STH _unblocked_ on my pihole. Testing on N100 C[heap]PU, by which I mean fooling/playing around. Kindest regards, neighbours and friends.
Do you know any issues when running multiple VLANs in that scenario? I'm testing pfSense at my home lab, running into a VM over Proxmox and even though I have, initially, set firewall rules allowing full communication between the VLANs, I'm not even able to ping between the networks.
Awesome videos, buddy i love all of them. Just to say, snapshots are not backups every snapshot will decrease performance, so we use them before changes/upgrades...etc after we know everything works and you can keep them for day / week then we delete them.
@@ServeTheHomeVideo Patrick, thanks for the video. I've been searching for a good small low power computer to run pfsense on for quite a while. These boxes are really nice just a bit pricey when you're on a tight budget. Time to save my pennies! 😉
Tiny computers can be addicting, be careful. soon you may have 5 to 6 of the things; justifying your habit by the price/value of small size and power consumption. That said, I have a few. My latest has 6 ETH ports, the N5105 CPU (outperforms the j4125 by a good ways)., and DOES have 2 so-dimm slots. They exist! Shipping seems to be better now... but anything that crosses an ocean is a miracle of tech and you should be happy to get it at all. Nice review and some good information, many thanks.
Very impressive video review,actually this model is our first generation which is stable but big.We have developped this router to the third generation,pocket size with 3*2.5Bge+ dual 10.0Gbe port
FYI- the reason pfsense/opnsense appear to consume all the ram you get it is because BSD doesn't have the qemu-guest-agent driver that reports memory usage back to the hypervisor like most Linux instances do. Proxmox just sees that the OS has reserved all that memory even though it may just be being used for caches or unused inside the instance. Trust what the pfsense ui tells you, not proxmox. It'll run fine on 2-4gb for most use cases
I run OPNsense virtualized under Proxmox, and personally I like it. I went the "one big server that serves all the things" route. Of course, if I need to do maintenance on the machine, all of it goes down during that. It's a reliable machine, though, and while I'm doing maintenance I don't need to be online. I appreciate being able to manage OPNsense as just another VM. These are interesting little boxes! Within these limitations, many people's needs for a server appliance could be met.
Been virtualizing my firewall (OPNsense) on my "main" homelab server for about a year now. I'm pretty happy with it, and the box overall has enough horsepower that I can pretty much dedicate as many resources as I want to the firewall should performance be an issue. My worry is that if anything happens to that server--it is basically a pile of used enterprise parts I got off ebay--all my internet connectivity goes away.
I'm planning moving my homelab to virtualized pfsense too, my plan to counter that is to run the VM with proxmox HA + replication, and internet vlaned to 2 hosts, allowing relatively transparent failover if any of my gear fails when I'm not home
@@MatthewHill Just remember to have at least 3 nodes, or add a qdevice for reliable quorum in the HA cluster and it seems to fail over fine in my limited testing
I'm about to purchase the n100 version of this box. Now that a year has passed since your comment, how's the virtualized firewall been working out? If you could do it again, would you go baremetal?
Bought a machine that looks physically similar to this a couple of years back with a Celeron J1900. It's a great little firewall for home which was very cheap uses hardly any power - but like you, I find the RAM and SSD a bit of a worry (they're branded "Kston"). My decision to put the LAN on interface 0 and the WAN on interface 3 will from now on keep me awake at night.
it always depends.... as long as your virtualization is performant enough, there is no problem with running virtual. but you need to consider, your infrastructure should be solid enough to avoid problems (like multiple hypervisors, vMotion enabled or better yet - a virtual HA with both vFirewalls on different Hypervisors)
My N6005 unit was also taking like a month to be shipped. So I contacted them and they said they couldn't get n6005 atm because of Shanghai lock down. They said they have n5105 in stock. So I changed my order and it shipped same day.
Where can I learn about the use of management port (and how to actually use it in real life situation)? Also, can the lan port for Proxmox be a virtula connection to pfsense rather than using a physical port?
I did buy the barebones version of this on Aliexpress in Black and got Black! It did turn up quite quicky! I did have a 8Gb stick of Memory hanging around and i did purchase a named brand of SSD for install of pfSense for bare metal install. It does seem to be performing well for me, a home user. Does seem to be nice and cool as well. I never even thought of VM the pfsense. I may look into this in the future. Thanks P 🙂
I bought the same, barebones. I installed brand name ram and SSD. However, my unit seems to be a dud. Can't even boot into the BIOS reliably, sometimes yes and sometimes no (mostly no). After about 6 hours of messing with it, I gave up.
I am curious about the memory slot. On the aliexpress website, all the specs (and even the picture of the motherboard) indicate 2 slots running in dual channel. So is it true that these devices have just one slot?
Just some stupid idea: I would really love to see a blog post of running a small kolla-ansible deployed OpenStack deployment on TinyMiniMicro. That would be sooo cool and really shouldn't be hard at all, one controller node (no ha to keep it simple), one network node with 2 ports (one port needs to be given to a ovs bridge if you don't want to tinker with Linux bridges and veth pairs) and a couple hypervisors. Oh my I know I'm dreaming but that would be siick
I love to see that! When Project TinyMiniMicro started, I thought they were going to do more with it. Instead it's become "here we are looking at a slightly different node. It has the same features as XYZ and XYA".
@@handspiker1994 yeah sadly I got to agree on that... I also wished they would explore some options you could do, like HCI with oVirt, Proxmox, XCP-ng, Kubernetes or even Cloudstack. The possibilities are endless
Been using this for this exact purpose for a few years now. Got a i3-4030U w/ 8GB ram, threw in a good ssd and run pfsense + a few containers. Never had an issue and get great performance. Also got the unit on amazon for around $250-300
@@RobertoCarlos-tn1iq pretty sure the model that has the 4030u only has gigabit ports. I think he was just saying this is what he did with that box, not thst he has a box with 2.5gb ports
I have a spare 10G Mellanox card and I've been tempted to use a mini-PCIe to PCIe adapter on mine. It sounds like a horrible Frankenstein's Monster, but could be fun.
Or you could run vlans and have a host with a single nic. ;) In my opinion, its better to have two physical units for failover. If something goes wrong, and you aren't there to fix it, you can always get your SO to pull the power cord on the broken unit. I like to keep the absolutely critical systems isolated from nice-to-have services. I don't want to bring down my internet, DNS or DHCP because I was playing with my docker server and hit the wrong button. In this firewall's case, you might use virtualisation to isolate your firewall config from the hardware so you can swap hardware without updating the firewall config, rather than for adding more services. Or as mentioned, to have a quick failback without having to find a usb stick and a keyboard / screen to plug into the unit, which is located up in a cupboard...
Thanks for your reply. On 18:46 you list all of the VMs you run inside of proxmox. How are they able to communicate with each other? Is the virtual bridge also part of the pfsense interface?
Man and I was stressing over going unraid or proxmox/ Truenas for a new board I bought then being like is 2.5 gig going to work since there both 2.5 gig glad this video tells me yes no prob but now I may not have enough 2.5 although this new board was more for doing data log for my fanless pfsense play with vms and serve video backups. And possibly Learn new stuff to get a job I could grow more in.
@@wudchk Can I ask which specific modem you used? Any extra steps? I'm totally new to Proxmox and I can't get it to see my intel ax210 wifi card. I wanna create additional wireless wan in pfsense.
Is there a guide on how to set this all up from the beginning? I have just managed to install proxmox, and enable VT-d on a 4 port Intel i-226 N100 PC. Patrick mentioned how he prefers the 4 ports to be setup in a virtual environment, but how to actually set these up? I am new to all this. Any input would be splendid. Thank you.
I had a problem using proxmox + pfSense and suricata with it. I don't know why but using ESXi solved that issue. Also CPU utalz. is 10% lower when assigning 4 instead of 2 cores.
Patrick, have you come across any mini pc's that have SFP+ or dual 10gbe nics ? I'm looking to buy one for a VERY powerful firewall. Dream would be Xeon-D but the Higher end Atom's or i3's are good too.
I'd love to see at least a basic security assessment - at least it's a *HEAP* unit from *CHINA* supposed to be used as your *FIREWALL* . Other than that - I'm sold to this idea of a virtualised FW.
After few years of usage similar router on Celeron J1900, im switching to Dell mini-PC with old i7. No enough power for running few virtual machines working properly.
I am working on a virtualized firewall too. I want to virtualize so I can also run my docker swarm manager, reverse proxy and home assistant on that same machine. This will allow me to take all other machines up or down as I wish and know the workloads will remain up. Ran into a few issues: 1) IOMMU on E3-1200 V3 is a disaster, probably will virtualize ports from the i350T4s I installed. 2) I have an early 320GB SLC Fusion IO drive to park my web cache on, but recompiling the drivers for Proxmox 7.1 is proving difficult. 3) I realized four of the SATA ports on my Supermicro X9SCM-F are 3gb after I bought it... and the SSDs for the bulk storage. Fail. I would love to see more details about configuring a virtualized firewall with other VMs on a virtual switch in Proxmox.
Got my n5105 version on April 1st after your j4125 video and arrival estimates were 17th of May or later. It seemed like the sweet spot to me as it was going for ~215 usd after tax with no ram or ssd. Glad to see you did a review on the 4125 version. I wonder if the 6005 version will be powerful enough to run both a firewall and use the igpu to transcode for services like plex?
I am hosting Plex on a n5105 based system and with PlexPass enabling hardware transcoding, I have successfully hardware transcoded two 4k streams of this test file: jellyfish-400-mbps-4k-uhd-hevc-10bit.mkv and it did it just fine. (google the file name for the web site with many versions of test files available) Totally amazing from such a cheap and power efficient CPU. I wasn't doing that while the Plex server was virtualized though, my Plex transcode testing was done via Ubuntu server installed directly on the hardware.
Hi! Great video, BTW, very high quality content! Do you have any thoughts on power-failure safety of a bare-metal pfSense vs a virtualized one? UPS-es can only hold up as much and once the power goes off, you want your router to boot up again all the time and every time. With a physical router that's a none-issue. What about pfSense on a bare metal or OPNSense on Proxmox?
@@ServeTheHomeVideo Yep, once Proxmox boots it's easy. My concern is that while routers tend do have no issues with powering them off/on/off/on, Proxmox's ext4 filesystem might get corrupt if not shut down correctly. I think that probably a read-only fs mount would help, but I'm not sure if that even possible.
@@RambozoClown Yep, I just don't like to rely on UPS signals to go through. But I understand your point. With a regular router, you can usually pull the plug as often as you want and the OS won't get corrupted. For example a read-only boot fs (the one that newer raspberry pi os supports) is a great solution, IMHO.
been virtualizing pfsense and for the past couple years opnsense on proxmox for the past 7 years pcie passthroughing an intel i350-T4v2 into the vm and it has been great much nicer than having a dedicated machine for the sole purpose
18:47 what is the "VM3 wifi controller"? does not pfSense do this already? I just bought a similar unit (shipping on the way) and was planning to add an M2 wifi board (it has two m2 slots both M-key)
I am testing out a similar system based on the N5105 processor. Heat is a concern. At idle, the chassis is about 50C (122F) and the CPU core temp is 60C (140F). I am not sure how long these system will last running at these temperature continuously. If you are interested in buy these, I'd look for ones that have extensive fins to keep the system cool or go for ones with a fan.
I'm in this dilemma too. I have a Proxmox already so I could do it. I am getting a new Internet service with just a modem and no router so I need a router. I want to save some money, at least for a month or two. So it looks like I will at least start with a virtual router and maybe get a physical one later.
Nice review. I have a "Parttaker" i5 8350u unit that works really nice. It looks the same but black and with 6 ethernet ports. It has just 1 gbit ethernet ports though. I connected a USB 2,5 gbit adapter as well. It reaches about full speed with a samba share. Also works really well with virtualisation in proxmox. With a 1 tb msata ssd and an option for say a large 2,5 inch ssd it is quite a nice box. The 8350u does get pretty warm when you put it to work. While not really needed I eventually strapped a Noctua fan on top to keep it a bit cooler (so it does not clock down as much)
There is a 6-port J4125 version now, but things are taking so long to ship these days that I did not prioritize it. Maybe when the N5105/ N6005 units start to ship. Those have a big generational performance bump.
@@ServeTheHomeVideo I was really lucky then. I order a 4 ports 2.5gbit N5105 unit (28th of March) after your first review video and have already received mine. Got the unit in less than 16 days from China to Germany with free shipping. I was really surprised how quick it went that I now have to wait on my locally order RAM and SSD.
Speaking of no name storage from China: I would be really hesitant to put ANY software that originated in that part of the world, (or better yet, that I didn't install myself) into production as the firewall in charge of securing and gatekeeping my entire network... I'd also be equally as cautious about checking over any NV storage hardware imported from Asia - simply because I have _personally_ ordered simple, basic, run-of-the-mill USB sticks on Ali, and when they arrived a couple of them were pre-loaded with what appeared to be legit rootkits - AKA free memberships for the whole family - welcome to the BotNet Club! 😅
Can you show us how to do these things? Im wanting to learn and setup my own home setup but it sounded like this could also be done for business? Im dreaming of running my websites from my own home server which is why im wanting to learn all of this
Maybe I'm just too inexperienced with Proxmox, or maybe I'm just too dim, but I don't see why one would want to use PCI passthrough for a pfsense or opnsense VM. I've done just fine with both ESXi and Hyper-V without passthrough, plus it allows for migration and HA. Is it for latency? Is there some hardware feature that just works way better with a physical NIC rather than a virtual NIC?
I think it's more for security reasons rather than a technical one. There might be some latency but I doubt it's significant. Think about it. Your virtual NICs have proxmox connected directly to the internet. You could potentially have proxmox hacked and have your server compromised without having opnsense hacked. Even if unlike, it's still a possibility.
@@joemann7971 The host would only be directly connected to the internet if it were configured for it. In both vSphere and Hyper-V, the NICs are generally configured where the host has separate connectivity from the VMs. (ESXi configures one IP and vswitch for host control access and all others have just their own connectivity. Hyper-V virtual switch configs have a check box of "Allow management operating system to share this network adapter" which is generally recommended to be unchecked.) So, using a VM for a firewall/router is perfectly secure, IF done right. On my hosts, I have dual port 10Gb NICs, and one port is for the host OS and one is for all the VMs, plus a 2.5Gb NIC specifically for the internet side, and only the router is connected to that, with no connection for the host OS. So, perfectly secure.
Hey Patrick, nice one as always ;) BTW have you checked out VyOS, I think it's great and I am pretty close to switching to it fully, but you know how it is to switch firewalls. It ain't done in a couple of minutes...
@@cyruschan5507 yeah that's the only annoying thing.... I'm not paying for the stable release, but if and when I'm moving to trying building stable images with docker from source
Hi! Is that right your box has a WLAN module and antennas? I have nearly the same setup as you do, Proxmox VE as hypervisor and a firewall/router VM running Linux, but for sure a different CPU, an Intel i5 (10th Gen). I hit an issue which the WLAN, without lossing signal with client (as seen from client side), but wouldn't able to have purposeful packet traffics (as evident by no ping response to either the VM's IP or external IPs). I have now renice-ed the hostapd to -20 (highest priority as the kernel) and also the VM process at PVE layer reniced to -20 and worked fine so far. I wonder whether you may able to have an experiment as well to verify process scheduling is the real issue? And do you have a better thought as to how to nicely tune it and be able to profile/debug the "dead period"? Thank you in advance!
I ended up buying one of these units from Protectli, I'd rather trust them than a no-name Chinese import. One other advantage, at least for me, is that it can come with Coreboot. Pay a bit more for the privilege though.
@@florianalbeck I just realised I mis-typed and should have said I'd wait ( I'll end instead of I ended) but give it a few months and they'll most likely have it. I'd rather wait till there's a company I can trust for core infrastructure. The price difference is negligible as well.
Funny enough: I got one of the exact same units that Protectli sells, directly from China. Protectli is basically just a reseller, and they add quite a bit of markup on top.
@@RobinCernyMitSuffix I never said they wasn't, the main difference is that you can get CoreBoot as part of the build and deal wtih a European team if anything goes wrong. In other words customer service is better. That and when you order they arrive quicker, horses for courses.
Hi I have been enjoying your videos. You mention a video that installing Proxmox and pfsense on the tiny 5105 router. I can’t seem to find it. Thank you. I order one through AliExpress.
Hi Pedro, We usually do guides more for the main site like: - www.servethehome.com/topton-intel-j4125-4x-i225-fanless-virtualized-firewall-appliance-review-pfsense-opnsense-proxmox-ve/3/ and - www.servethehome.com/how-to-pass-through-pcie-nics-with-proxmox-ve-on-intel-and-amd/
Hey Patrick, I hope your see this comment. I'm currently stuck in a purchasing decision between getting a Topton device like this or just spending the extra money and getting a UDM Pro. If you had to choose between the two, what would you do? I've never used pfsense before, but I have a little networking knowledge. I feel like I'm giving up a lot of performance by going with the UDMP.
I would use bare metal for the firewall and virtualize Pi_hole. I make an image of ther drive for DR. The image is small and quick to restore if needed.
I think I'm one of the few agreeing with you on bare metal firewall but how would you go about it? Like what Base OS would you use and does it have the ability to do a proxmox layer under the physical firewall and docker capabilities? I am leaning between openwrt and opnsense but want the downstream proxmox and docker functionality. Thanks kindly
I am virtually running sophos xg on proxmox on a dell R310. What type of limits would I see in using it. I am thinking of adding newer nic's. Right now on my 300 mb cable I generally get 360 mb or better. I have ids running and fiber is potentially coming soon to my address
I’m on an iPad and can’t see the notes for this video. I see them fine on my android phone and windows pc but what’s with the iPad RUclips app? Same thing happens when using RUclips app on Roku.
If you virtualise it in a home network and use it as your router, how do you deal with accessing it if the pfSense or whatever VM crashes or fails to boot/work/etc?
@@ServeTheHomeVideo But how do you get to it if your network is down? You would have to either do something like connect a laptop directly to the machine and setup the laptop as a gateway. Or you would have to connect a screen to the machine and fix the VM through the CLI.
@@lost4468yt Your "network" won't actually be down. You'll lose services like DHCP, DNS and internet (connections from outside), but the host port would always be accessible and would (should) have a static IP address. As long as some physical connection exists with a switch to the hypervisor itself, you'd only have to set a static IP on whatever device you're managing from.
Do you know if the N6005 version of your case from the same Aliexpress vendor also comes with a single memory slot? I ordered one but its been a month still hasn't shipped, so just wondering about the memory.
@@ServeTheHomeVideo You seem like me, cant wait to get it. I feel the N6005 is going to go rounds on the Netgates 6100 Atom 3358. If you want, can you do a yt short when either of your N6005 ships, i might cancel and move to where you placed your second order.
Hi, Im new with the proxmox. Do you have and step by step procedure to install proxmox then install the pfsense? Can I also access the promox gui thru the lan port of pfsense? Thank you.
We do not have a step-by-step. The Proxmox VE and pfSense installers are basically just download and click through the install wizards. The pfSense on Proxmox VE setup is documented here which is the potentially trickier part: docs.netgate.com/pfsense/en/latest/recipes/virtualize-proxmox-ve.html On the LAN port of pfSense, you can, but usually we just have a dedicated Proxmox VE port on these for management since there are four ports. Two dedicated to pfsense (WAN/ LAN) one Proxmox VE dedicated management port, one Proxmox VE LAN port for VMs. I know that is not what you are asking for, maybe we will have someone on the team do a guide later this month.
I saw they are selling the new model with Celeron N5105 and Pentium N6005 now. How would you think the performance difference compared to this unit with J4125? In terms of proxmox virtualization.
Likely better, but I have heard they are using more power. We have been waiting about a month for ours to ship and now have orders with multiple sellers
@@ServeTheHomeVideo It will be interesting to see a review of the N6005 once you get yours. I ordered mine yesterday with an ETA for delivery stateside of May 8, so we'll see. Worth the wait - I'm updating from an old, huge Juniper SSG firewall and decided I've suffered enough with a second hand unit that's many years out of date (running the "interesting" ScreenOS). I'm excited to jump into the pfSense or OPNSense world.
I am looking to replace my MicroTik cloud router pro because I can't get a ping time anywhere lower than 80ms when the 100M raw connection gets 20-30s ping to same places. I need it for competitive gaming and streaming, no inbound services, just a simple NAT overload out for 4-5 devices.
@@ServeTheHomeVideo nice! I played cs beta and now play cs2 lol that's where the cs suffix comes from in my 2 decade old name. What Base os would I need for openwrt or pfsense to be bare metal and can I layer proxmox and docker underneath it?
I saw on the pics it has it showed a sim card slot, can you confirm if that is actually there? I would love to get one of these as a pfsense box with a 4g sim for failover all in one neat bundle.
a better way to gain throughput is to divide up ports via bonding or bridging - 2 heads is better than 1 but really serious folk will be looking for fw devices with 10g (at least) - 100g potato routers are around the corner and only a couple hundred bucks more per port for 4x perf, the mikrotik 100g 800 buck switch looked sweet and prices on commodity small 100g routers should drop as well going forward #paper launches #paper tiger #sonic #software defined networks #lcd
I got the 4*2.5G ports, Celeron N5105 and tried installing ESXi 7.0.3 but there was an error - No Network Adapters were detected... Is there any solution for this issue?
What node are these network chips on? I know IO doesn't scale as well with smaller nodes, but I still think passive cooling would be more common if these are sub 12nm.
Feel ripped off. paid like $480 for a proctectli vault with a j4125 as well. And this seems to check all the same boxes with 2.5gig instead of 1 gig. Never though to look at aliexpress.
I've bought 2 of these MiniPCs. The first one (N5105, V1 motherboard) came with 12V 5A power supply and the second (N6005, V2 motherboard) with a 12V 3A one. I've checked the N5105 with 3 SSDs (!) using a wattage meter and the max I've seen it use was around 28W. I would highly suggest replacing the provided power supply with something more reliable. A good 12V 3A or 4A PSU would probably do fine.
good content here - opnsense fork ftw! running a couple of these in HA config makes sense for smb - good mkt opp for small builders! i think that going fwd the prices for these small boxes will plummet - zen4 derivatives and nascent arm devices will exert mkt pressure on intel solutions - these small pc will also present good options for smb sector for scaleable cluster nodes - fast network and nvme will help adoption #netfs #galera
How do they do with SQM (Cake) on OpenWRT? I'm currently using an HP T730 with an i350 NIC, but it uses something like 40 watts, so this might be better. Internet connection is 500 megabits; I doubt we'll get gigabit unless the price goes way down.
Just want to say that even a year later this video really help me wrap my head around physical port mappings for virtualized FW/virtualization hosts. Something even nearly all the "tutorial" videos simply gloss over. I really appreciate this!
Glad it helped!
Wonderful to see a video on this, got a J4125 4x i225 to pick up next week and N6005 4x i225 is a few weeks away "reviews seems to be dropping in on the mobile site", both from Topton. Feel somewhat secure in the purchase now.
I still have not gotten any of the newer N5105/ N6005 units at this point.
Do they do the 6x port version on the N6005?
@@ServeTheHomeVideo I've been waiting forever as well. But reviews probably means people are getting them.
I hear they are easier to get in China than to get shipped right now. Hopefully soon
@@ServeTheHomeVideo mine just departed country of origin today according to tracking so about a 16 day lead time to get it shipped and another 30 to arrive with standard shipping on aliexpress for the 5105 model is what it looks like rn for USA.
I set up the firewall protecting my Proxmox VM cluster as a VM running on that cluster. I was having second thoughts about that decision because it seemed like I'd run into an issue where I wouldn't be able to manage the cluster remotely if something happened to it because the firewall was one of the VMs on that cluster. However, that decision was reaffirmed a few weeks back when something happened to the host the firewall was living on. I couldn't get into my cluster remotely, and I was like "oh no ... this eventual nightmare has finally come true". But then, about 5 minutes later the firewall came back up because Proxmox migrated it to another host for me. I was pretty impressed and I was happy with my decision to have made it a VM after that.
I didn't know automatic migration was a thing in Proxmox. That's really cool!
WAN port selection really needs to take failure modes into account. If there is some kind of "factory" reset, or if file system corruption deletes your port config file, you don't want your WAN cable going to the port that will ask for a DHCP address and allow logins.
Totally true. The virtualized model helps with this as it uses the default ordering
I bought that one after the first video, installed pfSense on it, but I feel it's under utilised. I've been thinking of installing Proxmox on it, so this video is very pertinent
I bought one of the 1Gbps variants off of Alibaba, and the SSD died about a year in, so definitely a valid concern to call out.
To be or not to be [virtual], that is the question. While an older video now, regardless I find myself here.
Excellent video👍, awesome channel, thank you. 17:10 -- STH _unblocked_ on my pihole.
Testing on N100 C[heap]PU, by which I mean fooling/playing around.
Kindest regards, neighbours and friends.
Just bond all the NICs and use VLAN tags for LAN, WAN, etc. When you're virtualizing your firewall anyway, this just works.
@@sirsean1227 so informative.
Do you know any issues when running multiple VLANs in that scenario? I'm testing pfSense at my home lab, running into a VM over Proxmox and even though I have, initially, set firewall rules allowing full communication between the VLANs, I'm not even able to ping between the networks.
Awesome videos, buddy i love all of them. Just to say, snapshots are not backups every snapshot will decrease performance, so we use them before changes/upgrades...etc after we know everything works and you can keep them for day / week then we delete them.
What do you mean by "every snapshot will decrease performance"? I don't get it.
I won't go back from virtual... snapshots, simple remote console access, adjusting the hardware on the fly, so many benefits for me!
You lay in bed vexing over virtualizing your router or not too???? And here I thought it was just me! 😉
:-)
@@ServeTheHomeVideo Patrick, thanks for the video. I've been searching for a good small low power computer to run pfsense on for quite a while. These boxes are really nice just a bit pricey when you're on a tight budget. Time to save my pennies! 😉
Im doing it right now!
Tiny computers can be addicting, be careful. soon you may have 5 to 6 of the things; justifying your habit by the price/value of small size and power consumption. That said, I have a few. My latest has 6 ETH ports, the N5105 CPU (outperforms the j4125 by a good ways)., and DOES have 2 so-dimm slots. They exist! Shipping seems to be better now... but anything that crosses an ocean is a miracle of tech and you should be happy to get it at all.
Nice review and some good information, many thanks.
Very impressive video review,actually this model is our first generation which is stable but big.We have developped this router to the third generation,pocket size with 3*2.5Bge+ dual 10.0Gbe port
dual 10gbe ? Yes please !
FYI- the reason pfsense/opnsense appear to consume all the ram you get it is because BSD doesn't have the qemu-guest-agent driver that reports memory usage back to the hypervisor like most Linux instances do. Proxmox just sees that the OS has reserved all that memory even though it may just be being used for caches or unused inside the instance. Trust what the pfsense ui tells you, not proxmox. It'll run fine on 2-4gb for most use cases
I run pfSense in Proxmox with 512 MB for a few years now, no problem :)
Opnsense has a qemu-guest-agent driver. You have to install it. It's just not installed by default.
I run OPNsense virtualized under Proxmox, and personally I like it. I went the "one big server that serves all the things" route. Of course, if I need to do maintenance on the machine, all of it goes down during that. It's a reliable machine, though, and while I'm doing maintenance I don't need to be online. I appreciate being able to manage OPNsense as just another VM.
These are interesting little boxes! Within these limitations, many people's needs for a server appliance could be met.
Once you get a second server that problem goes away, just run your OPNsense vm on the server you're not currently doing maintenance on.
just found your channel, you have the exact approach to computer hardware I've been looking for. so, thanks!
Thank you and welcome
@@ServeTheHomeVideo I've subscribed and I'll probably work my way through your backlog this coming week, appreciate your good work and keep it up!
Been virtualizing my firewall (OPNsense) on my "main" homelab server for about a year now. I'm pretty happy with it, and the box overall has enough horsepower that I can pretty much dedicate as many resources as I want to the firewall should performance be an issue. My worry is that if anything happens to that server--it is basically a pile of used enterprise parts I got off ebay--all my internet connectivity goes away.
I'm planning moving my homelab to virtualized pfsense too, my plan to counter that is to run the VM with proxmox HA + replication, and internet vlaned to 2 hosts, allowing relatively transparent failover if any of my gear fails when I'm not home
@@HydrarDraconis Hmm that's an interesting idea. I may try that.
@@MatthewHill Just remember to have at least 3 nodes, or add a qdevice for reliable quorum in the HA cluster and it seems to fail over fine in my limited testing
@@HydrarDraconis it's a homelab. It hasn't got two nodes, let alone three. :-)
I'm about to purchase the n100 version of this box. Now that a year has passed since your comment, how's the virtualized firewall been working out? If you could do it again, would you go baremetal?
I would love a detailed guide for the network configuration in proxmox for a opnsence vm.
Nice piece of content! I had virtual servers for networking and always want to consolidate & upgrade them. This shed light on how the set up will go.
Bought a machine that looks physically similar to this a couple of years back with a Celeron J1900. It's a great little firewall for home which was very cheap uses hardly any power - but like you, I find the RAM and SSD a bit of a worry (they're branded "Kston"). My decision to put the LAN on interface 0 and the WAN on interface 3 will from now on keep me awake at night.
I am actually watching this vidéo in my bed!😅 Great guide! Thanks
it always depends.... as long as your virtualization is performant enough, there is no problem with running virtual. but you need to consider, your infrastructure should be solid enough to avoid problems (like multiple hypervisors, vMotion enabled or better yet - a virtual HA with both vFirewalls on different Hypervisors)
My N6005 unit was also taking like a month to be shipped. So I contacted them and they said they couldn't get n6005 atm because of Shanghai lock down. They said they have n5105 in stock. So I changed my order and it shipped same day.
Where can I learn about the use of management port (and how to actually use it in real life situation)? Also, can the lan port for Proxmox be a virtula connection to pfsense rather than using a physical port?
I did buy the barebones version of this on Aliexpress in Black and got Black! It did turn up quite quicky! I did have a 8Gb stick of Memory hanging around and i did purchase a named brand of SSD for install of pfSense for bare metal install. It does seem to be performing well for me, a home user. Does seem to be nice and cool as well. I never even thought of VM the pfsense. I may look into this in the future. Thanks P 🙂
Ditto. I love these boxes. All the lock downs over in china has really fk'd up shipping times.
I bought the same, barebones. I installed brand name ram and SSD. However, my unit seems to be a dud. Can't even boot into the BIOS reliably, sometimes yes and sometimes no (mostly no). After about 6 hours of messing with it, I gave up.
I am curious about the memory slot. On the aliexpress website, all the specs (and even the picture of the motherboard) indicate 2 slots running in dual channel. So is it true that these devices have just one slot?
@@gregglowery3452 Yes one slot only
Just some stupid idea: I would really love to see a blog post of running a small kolla-ansible deployed OpenStack deployment on TinyMiniMicro. That would be sooo cool and really shouldn't be hard at all, one controller node (no ha to keep it simple), one network node with 2 ports (one port needs to be given to a ovs bridge if you don't want to tinker with Linux bridges and veth pairs) and a couple hypervisors. Oh my I know I'm dreaming but that would be siick
I love to see that!
When Project TinyMiniMicro started, I thought they were going to do more with it. Instead it's become "here we are looking at a slightly different node. It has the same features as XYZ and XYA".
@@handspiker1994 yeah sadly I got to agree on that... I also wished they would explore some options you could do, like HCI with oVirt, Proxmox, XCP-ng, Kubernetes or even Cloudstack. The possibilities are endless
With a virtualzied firewall, PFSense can use USB based cellular modems, but it requires a virtual switch instead of direct hardware access.
I'm using an old android phone with USB tethering and direct hardware access. It works.
The cooling on this case would probably be able to cool the Intel Core U or AMD U series processors if limited to 15-20w average
Been using this for this exact purpose for a few years now. Got a i3-4030U w/ 8GB ram, threw in a good ssd and run pfsense + a few containers.
Never had an issue and get great performance. Also got the unit on amazon for around $250-300
really? care to share a link to your purchase so we can get the same unit with the 2.5gb ports?
@@RobertoCarlos-tn1iq pretty sure the model that has the 4030u only has gigabit ports. I think he was just saying this is what he did with that box, not thst he has a box with 2.5gb ports
sweet. another question in my mind answered. Thx.
For flexibility I use all ports in lagg and use vlans for WAN, LAN, DMZ etc
Waiting for 10G/SFP+ version ;)
I know a lot of folks knee jerk against this but it works nicely.
I have a spare 10G Mellanox card and I've been tempted to use a mini-PCIe to PCIe adapter on mine. It sounds like a horrible Frankenstein's Monster, but could be fun.
just make sure you really trust your switch to keep the traffic separate, and that you can actually disable the mgmt interface on the WAN ports.
bought one, let's see how well it actually works :)
Or you could run vlans and have a host with a single nic. ;) In my opinion, its better to have two physical units for failover. If something goes wrong, and you aren't there to fix it, you can always get your SO to pull the power cord on the broken unit. I like to keep the absolutely critical systems isolated from nice-to-have services. I don't want to bring down my internet, DNS or DHCP because I was playing with my docker server and hit the wrong button.
In this firewall's case, you might use virtualisation to isolate your firewall config from the hardware so you can swap hardware without updating the firewall config, rather than for adding more services. Or as mentioned, to have a quick failback without having to find a usb stick and a keyboard / screen to plug into the unit, which is located up in a cupboard...
What is PVE LAN port, how do you configure and use it later? Any video available?
I'm going to get an alarm clock that wakes me up with "Hey Guys, This is Patrick from STH". I guarantee I'll double my productivity. :)
Did I get this right?
Firewall as baremetal the WAN is on ETH0 while
Virtualize Firewall the WAN is on ETH3
You can set it to however you want.
Thanks for your reply.
On 18:46 you list all of the VMs you run inside of proxmox.
How are they able to communicate with each other?
Is the virtual bridge also part of the pfsense interface?
Man and I was stressing over going unraid or proxmox/ Truenas for a new board I bought then being like is 2.5 gig going to work since there both 2.5 gig glad this video tells me yes no prob but now I may not have enough 2.5 although this new board was more for doing data log for my fanless pfsense play with vms and serve video backups. And possibly Learn new stuff to get a job I could grow more in.
I want to mention that there is also a SIM card slot, I'm going to test to see if I can add my 5G/LTE modem.
Let us know, if it works
@@dreamer9393 Will do, I have been busy with work. I'll crack it open tonight.
@@wudchk I’m curious. does it work?
@@PeterZin it does! I forgot to update this comment, thanks for the reminder
@@wudchk Can I ask which specific modem you used? Any extra steps? I'm totally new to Proxmox and I can't get it to see my intel ax210 wifi card. I wanna create additional wireless wan in pfsense.
Those things are cheaper than ever :) N5105 bear bones box under 150€ I would get a reputable SSD localy.
Is there a guide on how to set this all up from the beginning?
I have just managed to install proxmox, and enable VT-d on a 4 port Intel i-226 N100 PC.
Patrick mentioned how he prefers the 4 ports to be setup in a virtual environment, but how to actually set these up?
I am new to all this. Any input would be splendid.
Thank you.
18+ days also waiting for the shipping of my n6005 box! XD
Ordered one a few days ago. Guess it will take a loooong time to arrive to Europe. Sad xD
I had a problem using proxmox + pfSense and suricata with it. I don't know why but using ESXi solved that issue. Also CPU utalz. is 10% lower when assigning 4 instead of 2 cores.
Very informative like it . Keep doing great videos
Hi Patrick. I have the same one running very well. Got mine faster 😂. Have a awesome 🐣
I am just unlucky with these :-)
Btw they are now selling it with the j5000 series.
Patrick, have you come across any mini pc's that have SFP+ or dual 10gbe nics ? I'm looking to buy one for a VERY powerful firewall. Dream would be Xeon-D but the Higher end Atom's or i3's are good too.
Maybe getting something this week that was supposed to be sent in August with SFP+
@@ServeTheHomeVideo ohhhhhhh now my interests are perked!
lol the intro is amazing.
“I’m in bed thinking: ‘Am I doing this right?’“ hehe
Tip: buy a 2TB ssd and use it for a virtual xpenology NAS. It will run like a beast
I'd love to see at least a basic security assessment - at least it's a *HEAP* unit from *CHINA* supposed to be used as your *FIREWALL* . Other than that - I'm sold to this idea of a virtualised FW.
You can't possibly expect a software stack to have the throughput of hardware, functionally though it sounds like a good plan.
^
After few years of usage similar router on Celeron J1900, im switching to Dell mini-PC with old i7. No enough power for running few virtual machines working properly.
I am working on a virtualized firewall too. I want to virtualize so I can also run my docker swarm manager, reverse proxy and home assistant on that same machine. This will allow me to take all other machines up or down as I wish and know the workloads will remain up. Ran into a few issues: 1) IOMMU on E3-1200 V3 is a disaster, probably will virtualize ports from the i350T4s I installed. 2) I have an early 320GB SLC Fusion IO drive to park my web cache on, but recompiling the drivers for Proxmox 7.1 is proving difficult. 3) I realized four of the SATA ports on my Supermicro X9SCM-F are 3gb after I bought it... and the SSDs for the bulk storage. Fail. I would love to see more details about configuring a virtualized firewall with other VMs on a virtual switch in Proxmox.
Got my n5105 version on April 1st after your j4125 video and arrival estimates were 17th of May or later. It seemed like the sweet spot to me as it was going for ~215 usd after tax with no ram or ssd. Glad to see you did a review on the 4125 version. I wonder if the 6005 version will be powerful enough to run both a firewall and use the igpu to transcode for services like plex?
You are lucky!
I am hosting Plex on a n5105 based system and with PlexPass enabling hardware transcoding, I have successfully hardware transcoded two 4k streams of this test file: jellyfish-400-mbps-4k-uhd-hevc-10bit.mkv and it did it just fine. (google the file name for the web site with many versions of test files available) Totally amazing from such a cheap and power efficient CPU. I wasn't doing that while the Plex server was virtualized though, my Plex transcode testing was done via Ubuntu server installed directly on the hardware.
I've got an n6005 unit coming, ordered in March, but still not sent yet :(
Just got mine today and am installing ram and storage now and I can confirm it has two ram slots on the n5015 version.
I virtualized pfsense on my 5950x on esxi, it auto starts on boot so no downtime! Setting up the VLANs was kinda pain but everything is set
Very cool!
Hi! Great video, BTW, very high quality content! Do you have any thoughts on power-failure safety of a bare-metal pfSense vs a virtualized one? UPS-es can only hold up as much and once the power goes off, you want your router to boot up again all the time and every time. With a physical router that's a none-issue. What about pfSense on a bare metal or OPNSense on Proxmox?
There is a box to check "Start at boot" or something similar in all hypervisors that you need to check if virtualizing a firewall.
@@ServeTheHomeVideo Yep, once Proxmox boots it's easy. My concern is that while routers tend do have no issues with powering them off/on/off/on, Proxmox's ext4 filesystem might get corrupt if not shut down correctly. I think that probably a read-only fs mount would help, but I'm not sure if that even possible.
@@adam-user Thats why your UPS sends out a shutdown signal before it keels over.
@@RambozoClown Yep, I just don't like to rely on UPS signals to go through. But I understand your point. With a regular router, you can usually pull the plug as often as you want and the OS won't get corrupted. For example a read-only boot fs (the one that newer raspberry pi os supports) is a great solution, IMHO.
been virtualizing pfsense and for the past couple years opnsense on proxmox for the past 7 years pcie passthroughing an intel i350-T4v2 into the vm and it has been great much nicer than having a dedicated machine for the sole purpose
18:47
what is the "VM3 wifi controller"?
does not pfSense do this already? I just bought a similar unit (shipping on the way) and was planning to add an M2 wifi board (it has two m2 slots both M-key)
Paying attention. About to replace an Edgerouter. A switch of the product line literally melted.
Wow! Melted!?!
I am testing out a similar system based on the N5105 processor. Heat is a concern. At idle, the chassis is about 50C (122F) and the CPU core temp is 60C (140F). I am not sure how long these system will last running at these temperature continuously. If you are interested in buy these, I'd look for ones that have extensive fins to keep the system cool or go for ones with a fan.
These CPUs have a Tjunction temp of 105C because they are more embedded not consumer parts
I'm in this dilemma too. I have a Proxmox already so I could do it. I am getting a new Internet service with just a modem and no router so I need a router. I want to save some money, at least for a month or two. So it looks like I will at least start with a virtual router and maybe get a physical one later.
Nice review. I have a "Parttaker" i5 8350u unit that works really nice. It looks the same but black and with 6 ethernet ports. It has just 1 gbit ethernet ports though. I connected a USB 2,5 gbit adapter as well. It reaches about full speed with a samba share. Also works really well with virtualisation in proxmox. With a 1 tb msata ssd and an option for say a large 2,5 inch ssd it is quite a nice box. The 8350u does get pretty warm when you put it to work. While not really needed I eventually strapped a Noctua fan on top to keep it a bit cooler (so it does not clock down as much)
There is a 6-port J4125 version now, but things are taking so long to ship these days that I did not prioritize it. Maybe when the N5105/ N6005 units start to ship. Those have a big generational performance bump.
@@ServeTheHomeVideo I was really lucky then. I order a 4 ports 2.5gbit N5105 unit (28th of March) after your first review video and have already received mine.
Got the unit in less than 16 days from China to Germany with free shipping.
I was really surprised how quick it went that I now have to wait on my locally order RAM and SSD.
Speaking of no name storage from China: I would be really hesitant to put ANY software that originated in that part of the world, (or better yet, that I didn't install myself) into production as the firewall in charge of securing and gatekeeping my entire network... I'd also be equally as cautious about checking over any NV storage hardware imported from Asia - simply because I have _personally_ ordered simple, basic, run-of-the-mill USB sticks on Ali, and when they arrived a couple of them were pre-loaded with what appeared to be legit rootkits - AKA free memberships for the whole family - welcome to the BotNet Club! 😅
Can you show us how to do these things? Im wanting to learn and setup my own home setup but it sounded like this could also be done for business? Im dreaming of running my websites from my own home server which is why im wanting to learn all of this
you can add one of those fans we put on a wood stove works with heat ? maybe would improve the cooling ?
Maybe I'm just too inexperienced with Proxmox, or maybe I'm just too dim, but I don't see why one would want to use PCI passthrough for a pfsense or opnsense VM. I've done just fine with both ESXi and Hyper-V without passthrough, plus it allows for migration and HA. Is it for latency? Is there some hardware feature that just works way better with a physical NIC rather than a virtual NIC?
I think it's more for security reasons rather than a technical one. There might be some latency but I doubt it's significant.
Think about it. Your virtual NICs have proxmox connected directly to the internet. You could potentially have proxmox hacked and have your server compromised without having opnsense hacked. Even if unlike, it's still a possibility.
@@joemann7971 The host would only be directly connected to the internet if it were configured for it. In both vSphere and Hyper-V, the NICs are generally configured where the host has separate connectivity from the VMs. (ESXi configures one IP and vswitch for host control access and all others have just their own connectivity. Hyper-V virtual switch configs have a check box of "Allow management operating system to share this network adapter" which is generally recommended to be unchecked.) So, using a VM for a firewall/router is perfectly secure, IF done right.
On my hosts, I have dual port 10Gb NICs, and one port is for the host OS and one is for all the VMs, plus a 2.5Gb NIC specifically for the internet side, and only the router is connected to that, with no connection for the host OS. So, perfectly secure.
Hey Patrick, nice one as always ;) BTW have you checked out VyOS, I think it's great and I am pretty close to switching to it fully, but you know how it is to switch firewalls. It ain't done in a couple of minutes...
I looked at it some time ago. Perhaps it is time to have Rohit take a look at it this year.
@@ServeTheHomeVideo oh yes that would be nice! It's gotten really good, been using it for wireguard and BGP for some time now!
Curious on your experience with VyOS. How do you feel about the rolling release on the free tier on VyOS? Or are you paying and using LTS versions?
@@cyruschan5507 yeah that's the only annoying thing.... I'm not paying for the stable release, but if and when I'm moving to trying building stable images with docker from source
Hi! Is that right your box has a WLAN module and antennas? I have nearly the same setup as you do, Proxmox VE as hypervisor and a firewall/router VM running Linux, but for sure a different CPU, an Intel i5 (10th Gen). I hit an issue which the WLAN, without lossing signal with client (as seen from client side), but wouldn't able to have purposeful packet traffics (as evident by no ping response to either the VM's IP or external IPs). I have now renice-ed the hostapd to -20 (highest priority as the kernel) and also the VM process at PVE layer reniced to -20 and worked fine so far. I wonder whether you may able to have an experiment as well to verify process scheduling is the real issue? And do you have a better thought as to how to nicely tune it and be able to profile/debug the "dead period"? Thank you in advance!
I ended up buying one of these units from Protectli, I'd rather trust them than a no-name Chinese import. One other advantage, at least for me, is that it can come with Coreboot. Pay a bit more for the privilege though.
But the Protectli don’t have 2,5 Gbit Nic
@@florianalbeck I just realised I mis-typed and should have said I'd wait ( I'll end instead of I ended) but give it a few months and they'll most likely have it. I'd rather wait till there's a company I can trust for core infrastructure. The price difference is negligible as well.
Funny enough: I got one of the exact same units that Protectli sells, directly from China. Protectli is basically just a reseller, and they add quite a bit of markup on top.
@@RobinCernyMitSuffix I never said they wasn't, the main difference is that you can get CoreBoot as part of the build and deal wtih a European team if anything goes wrong. In other words customer service is better. That and when you order they arrive quicker, horses for courses.
@ServeTheHome Can you please share how you set up the storage of the server for all the vm? thank you very much
Good review!
What do you think of the similar Celeron N5095 devices with the i225v3 ports? 15W TDP instead of 10W.
The Topton M6 we just did a video on with the N5105 used much more power
Is Adguard better than pi hole?
what is the maximum routing throughput of the device if all port use to route network packages?
There's also a version with, 2xUSB, 2xUSB3, 1xUSB-C (with 4kx60hz), HDMI2.0, DP1.4, TF-Card reader.
Hi I have been enjoying your videos. You mention a video that installing Proxmox and pfsense on the tiny 5105 router. I can’t seem to find it.
Thank you. I order one through AliExpress.
Hi Pedro,
We usually do guides more for the main site like:
- www.servethehome.com/topton-intel-j4125-4x-i225-fanless-virtualized-firewall-appliance-review-pfsense-opnsense-proxmox-ve/3/
and
- www.servethehome.com/how-to-pass-through-pcie-nics-with-proxmox-ve-on-intel-and-amd/
Hey Patrick, I hope your see this comment. I'm currently stuck in a purchasing decision between getting a Topton device like this or just spending the extra money and getting a UDM Pro.
If you had to choose between the two, what would you do? I've never used pfsense before, but I have a little networking knowledge. I feel like I'm giving up a lot of performance by going with the UDMP.
I'm on the same question actually. I have an USG and intend to upgrade to due incoming FTTH.
@@recalion nice. I'm using a Netgear Nighthawk for routing and have a ubiquiti U6LR for my access point. I just need better routing now.
I would use pfsense/opnsense more if there is better cloud-init support. Being able to spin them up through terraform would be handy
I get most of the way with Ansible
I would use bare metal for the firewall and virtualize Pi_hole. I make an image of ther drive for DR. The image is small and quick to restore if needed.
I think I'm one of the few agreeing with you on bare metal firewall but how would you go about it? Like what Base OS would you use and does it have the ability to do a proxmox layer under the physical firewall and docker capabilities? I am leaning between openwrt and opnsense but want the downstream proxmox and docker functionality. Thanks kindly
I am virtually running sophos xg on proxmox on a dell R310. What type of limits would I see in using it. I am thinking of adding newer nic's. Right now on my 300 mb cable I generally get 360 mb or better. I have ids running and fiber is potentially coming soon to my address
At 18:49 I think you mean for the graphic to say that you're using ETH2 as your pfSense LAN and ETH3 as WAN. You've reversed them in the graphic.
I’m on an iPad and can’t see the notes for this video. I see them fine on my android phone and windows pc but what’s with the iPad RUclips app? Same thing happens when using RUclips app on Roku.
Can we directions (or an RPZ file) for unblocking ads on the STH mainsite?
If you virtualise it in a home network and use it as your router, how do you deal with accessing it if the pfSense or whatever VM crashes or fails to boot/work/etc?
First you can rollback snapshots/ backups. Second, you can get the VM console
@@ServeTheHomeVideo But how do you get to it if your network is down? You would have to either do something like connect a laptop directly to the machine and setup the laptop as a gateway. Or you would have to connect a screen to the machine and fix the VM through the CLI.
@@lost4468yt Your "network" won't actually be down. You'll lose services like DHCP, DNS and internet (connections from outside), but the host port would always be accessible and would (should) have a static IP address. As long as some physical connection exists with a switch to the hypervisor itself, you'd only have to set a static IP on whatever device you're managing from.
Do you know if the N6005 version of your case from the same Aliexpress vendor also comes with a single memory slot? I ordered one but its been a month still hasn't shipped, so just wondering about the memory.
I ordered a second last night. Hoping one ships so I can tell you for sure
@@ServeTheHomeVideo You seem like me, cant wait to get it. I feel the N6005 is going to go rounds on the Netgates 6100 Atom 3358. If you want, can you do a yt short when either of your N6005 ships, i might cancel and move to where you placed your second order.
@@ServeTheHomeVideo Mine just shipped today =), hope yours ships soon.
Hi, Im new with the proxmox. Do you have and step by step procedure to install proxmox then install the pfsense?
Can I also access the promox gui thru the lan port of pfsense?
Thank you.
We do not have a step-by-step. The Proxmox VE and pfSense installers are basically just download and click through the install wizards. The pfSense on Proxmox VE setup is documented here which is the potentially trickier part: docs.netgate.com/pfsense/en/latest/recipes/virtualize-proxmox-ve.html
On the LAN port of pfSense, you can, but usually we just have a dedicated Proxmox VE port on these for management since there are four ports. Two dedicated to pfsense (WAN/ LAN) one Proxmox VE dedicated management port, one Proxmox VE LAN port for VMs.
I know that is not what you are asking for, maybe we will have someone on the team do a guide later this month.
Does this work with a 32GB DIMM installed?
I saw they are selling the new model with Celeron N5105 and Pentium N6005 now. How would you think the performance difference compared to this unit with J4125? In terms of proxmox virtualization.
Likely better, but I have heard they are using more power. We have been waiting about a month for ours to ship and now have orders with multiple sellers
Thanks for replying and have a nice holiday weekend!!
I'm looking forward to the next review.
@@ServeTheHomeVideo It will be interesting to see a review of the N6005 once you get yours. I ordered mine yesterday with an ETA for delivery stateside of May 8, so we'll see. Worth the wait - I'm updating from an old, huge Juniper SSG firewall and decided I've suffered enough with a second hand unit that's many years out of date (running the "interesting" ScreenOS). I'm excited to jump into the pfSense or OPNSense world.
Can you provide a link please?
I am looking to replace my MicroTik cloud router pro because I can't get a ping time anywhere lower than 80ms when the 100M raw connection gets 20-30s ping to same places. I need it for competitive gaming and streaming, no inbound services, just a simple NAT overload out for 4-5 devices.
I made CS:Go Global Elite on my main and smurf account using a pfSense firewall
@@ServeTheHomeVideo nice! I played cs beta and now play cs2 lol that's where the cs suffix comes from in my 2 decade old name.
What Base os would I need for openwrt or pfsense to be bare metal and can I layer proxmox and docker underneath it?
I'm curious, is there a rackmount version of something like this?
Usually those follow a few months later
@14:29 , is there is guide to help configure in this way?
I saw on the pics it has it showed a sim card slot, can you confirm if that is actually there? I would love to get one of these as a pfsense box with a 4g sim for failover all in one neat bundle.
4:25 IT usually takes ~3 months for my batteries to get here from AliExpress
a better way to gain throughput is to divide up ports via bonding or bridging - 2 heads is better than 1 but really serious folk will be looking for fw devices with 10g (at least) - 100g potato routers are around the corner and only a couple hundred bucks more per port for 4x perf, the mikrotik 100g 800 buck switch looked sweet and prices on commodity small 100g routers should drop as well going forward #paper launches #paper tiger #sonic #software defined networks #lcd
Supply is a challenge right now.
I got the 4*2.5G ports, Celeron N5105 and tried installing ESXi 7.0.3 but there was an error - No Network Adapters were detected... Is there any solution for this issue?
Usually VMware has poor support for hardware. I have not tried that combo, but in the old days you would sideload drivers
What node are these network chips on? I know IO doesn't scale as well with smaller nodes, but I still think passive cooling would be more common if these are sub 12nm.
The J4125 is 14nm. The next-gen is 10nm. The i225's are 28nm.
@@ServeTheHomeVideo Thanks for the easy knowledge! The future is looking cool lol.
Feel ripped off. paid like $480 for a proctectli vault with a j4125 as well. And this seems to check all the same boxes with 2.5gig instead of 1 gig. Never though to look at aliexpress.
12V but how much Amp? I hate it when it's not written on the device.
I've bought 2 of these MiniPCs. The first one (N5105, V1 motherboard) came with 12V 5A power supply and the second (N6005, V2 motherboard) with a 12V 3A one. I've checked the N5105 with 3 SSDs (!) using a wattage meter and the max I've seen it use was around 28W.
I would highly suggest replacing the provided power supply with something more reliable. A good 12V 3A or 4A PSU would probably do fine.
good content here - opnsense fork ftw! running a couple of these in HA config makes sense for smb - good mkt opp for small builders! i think that going fwd the prices for these small boxes will plummet - zen4 derivatives and nascent arm devices will exert mkt pressure on intel solutions - these small pc will also present good options for smb sector for scaleable cluster nodes - fast network and nvme will help adoption #netfs #galera
How well do these boxes do with IDS? Usually a lot slow down with everything running.
If it feels cooler to touch it is dissipating less heat...
How do they do with SQM (Cake) on OpenWRT? I'm currently using an HP T730 with an i350 NIC, but it uses something like 40 watts, so this might be better.
Internet connection is 500 megabits; I doubt we'll get gigabit unless the price goes way down.