Hi IP-Fire Community,
iam sarching new Hardware for my IP Fire.
In the last years i used always some Mini-Computers but i want to invest in something more robust.
Price max 300€.
https://store.lightningwirelabs.com/ i can not find anything anymore.
Does someone have any suggestion / alternatives for me?
Thanks!
Best Regards
Wuslor
Does it have to be a mini ? you can have a basic x64 system with 4 nic (red,green,orange,blue).
I think this is the least expensive:
https://store.lightningwirelabs.com/products/IPFIRE-MINI-US-R1
https://store.lightningwirelabs.com/products/IPFIRE-MINI-EU-R1
https://store.lightningwirelabs.com/products/IPFIRE-MINI-GB-R1
Protectlii appliance are also an option. 2,4 and 6 port models. Coreboot. And support IPfire out if the box:
R
Also similar items listed in the thread:
Not sure I would call it “professional hardware” though…
Hi @wuslor ,
I think going with protectli is not the best option.
You set max 300 € but this requirement is not met with protectli.
If you want to have a better version you are above 450 € and there is no garantie at all.
On the other hand IPFire Mini IPFire Mini offers you excactly what you need. You do not have to look if it is “full” supported. It is and always will be. It am confident that new versions are testeted with these appliances so it will be more robust than everything other you now think of. And the price is still cheaper as the alternatives which are more powerful.
PC Engines APU4D4 or NRG Systems IPU450, if you know, what you do.
This is the correct URL. We only show the products that are available in your region. Generally we ship worldwide, but people in the US get a version of all appliances with a US power plug and so on.
If the shop is empty, then there is a problem with your geo location. I recommend getting in touch with sales@lightningwirelabs.com then. Sorry for the trouble.
Those 3 first ought to be within your demanded price range. You may find similar in your country wherever that is.
If you have a one GB line and use Snort, you must verify if HW is OK. I have the fiber version and before the last 3 updates, it wasn’t sufficient, but I suspect that has changed now. Ipfire is much better now. So I think this HW will do one GB.
Intel Celeron Baytrail is a platform that is approaching ten years. Intel has released something newer since then. I would not recommend investing in something that is that wasteful in power.
@florom @wuslor @rjschilt
You can order the hardware of the protectli series directly from china, because the retailer in the US is also just importing and selling with a premium. The manufacturer is YanLing Industrial Computer Technology (ShenZhen) CO.,Ltd. It’s way more affordable this way and subsequently one can install coreboot manually. The APU of PC engines is good, but if you want to use IDS, the max throughput is maxed out at about 10 MByte/s, so you will install a 1/10 bottleneck in case you have a Gbit connection, keep that in mind.
I thought this had changed with the recent core updates with IPS improvements. See:
https://blog.ipfire.org/post/ipfire-2-27-core-update-161-released#boosting-intrusion-prevention-system-performance
@redcon - have you tested this recently?
I see indeed a significant performance increase. If I interpret the data correctly, there is only a minor bottleneck, cpu is not maxed out anymore during IPS on red.
Test with 160 IPS ON & OFF and 161 IPS ON & OFF.
**IPFire 2.27 (x86_64) - Core Update 160
# IPS ON
Last login: Sun Dec 12 13:50:36 2021 from 192.168.4.6
[root@ipfire ~]# wget -O /dev/null http://speedtest.belwue.net/1G
--2021-12-17 14:03:34-- http://speedtest.belwue.net/1G
Resolving speedtest.belwue.net... 129.143.4.238
Connecting to speedtest.belwue.net|129.143.4.238|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1073741824 (1.0G)
Saving to: '/dev/null'
/dev/null 100%[===================>] 1.00G 11.0MB/s in 92s
2021-12-17 14:05:06 (11.1 MB/s) - '/dev/null' saved [1073741824/1073741824]
[root@ipfire ~]# speedtest-cli
Retrieving speedtest.net configuration...
Testing from Vodafone Germany Cable (91.65.188.145)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Deutsche Telekom: 42.13 ms
Testing download speed................................................................................
Download: 75.88 Mbit/s
Testing upload speed......................................................................................................
Upload: 10.56 Mbit/s
[root@ipfire ~]# wget -O /dev/null http://speedtest.belwue.net/1G
--2021-12-17 14:06:47-- http://speedtest.belwue.net/1G
Resolving speedtest.belwue.net... 129.143.4.238
Connecting to speedtest.belwue.net|129.143.4.238|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1073741824 (1.0G)
Saving to: '/dev/null'
/dev/null 100%[===================>] 1.00G 111MB/s in 12s
2021-12-17 14:06:59 (88.6 MB/s) - '/dev/null' saved [1073741824/1073741824]
[root@ipfire ~]# wget -O /dev/null http://speedtest.belwue.net/5G
--2021-12-17 14:07:05-- http://speedtest.belwue.net/5G
Resolving speedtest.belwue.net... 129.143.4.238
Connecting to speedtest.belwue.net|129.143.4.238|:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2021-12-17 14:07:05 ERROR 404: Not Found.
[root@ipfire ~]# wget -O /dev/null http://speedtest.belwue.net/10G
--2021-12-17 14:07:08-- http://speedtest.belwue.net/10G
Resolving speedtest.belwue.net... 129.143.4.238
Connecting to speedtest.belwue.net|129.143.4.238|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 10737418240 (10G)
Saving to: '/dev/null'
/dev/null 100%[===================>] 10.00G 98.3MB/s in 1m 42s
2021-12-17 14:08:50 (101 MB/s) - '/dev/null' saved [10737418240/10737418240]
````Preformatted text`
# **IPFire 2.27 (x86_64) - Core Update 160**
# IPS OFF
[root@ipfire ~]# wget -O /dev/null http://speedtest.belwue.net/5G
--2021-12-17 14:07:05-- http://speedtest.belwue.net/5G
Resolving speedtest.belwue.net... 129.143.4.238
Connecting to speedtest.belwue.net|129.143.4.238|:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2021-12-17 14:07:05 ERROR 404: Not Found.
[root@ipfire ~]# wget -O /dev/null http://speedtest.belwue.net/10G
--2021-12-17 14:07:08-- http://speedtest.belwue.net/10G
Resolving speedtest.belwue.net... 129.143.4.238
Connecting to speedtest.belwue.net|129.143.4.238|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 10737418240 (10G)
Saving to: '/dev/null'
/dev/null 100%[===================>] 10.00G 98.3MB/s in 1m 42s
2021-12-17 14:08:50 (101 MB/s) - '/dev/null' saved [10737418240/10737418240]
[root@ipfire ~]#
Broadcast message from root@ipfire.localdomain (Fri Dec 17 14:12:25 2021):
# **IPFire 2.27 (x86_64) - Core Update 161**
# IPS OF
[root@ipfire ~]# speedtest-cli
Retrieving speedtest.net configuration...
Testing from Vodafone Germany Cable (91.65.191.58)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Deutsche Telekom GmbH: 27.524 ms
Testing download speed................................................................................
Download: 320.71 Mbit/s
Testing upload speed......................................................................................................
Upload: 55.73 Mbit/s
[root@ipfire ~]# wget -O /dev/null http://speedtest.belwue.net/1G
--2021-12-17 15:11:19-- http://speedtest.belwue.net/1G
Resolving speedtest.belwue.net... 129.143.4.238
Connecting to speedtest.belwue.net|129.143.4.238|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1073741824 (1.0G)
Saving to: '/dev/null'
/dev/null 100%[=========================================================================================================================================>] 1.00G 112MB/s in 9.5s
2021-12-17 15:11:29 (107 MB/s) - '/dev/null' saved [1073741824/1073741824]
[root@ipfire ~]# wget -O /dev/null http://speedtest.belwue.net/10
--2021-12-17 15:11:33-- http://speedtest.belwue.net/10
Resolving speedtest.belwue.net... 129.143.4.238
Connecting to speedtest.belwue.net|129.143.4.238|:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2021-12-17 15:11:33 ERROR 404: Not Found.
[root@ipfire ~]# wget -O /dev/null http://speedtest.belwue.net/10G
--2021-12-17 15:11:37-- http://speedtest.belwue.net/10G
Resolving speedtest.belwue.net... 129.143.4.238
Connecting to speedtest.belwue.net|129.143.4.238|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 10737418240 (10G)
Saving to: '/dev/null'
/dev/null 100%[=========================================================================================================================================>] 10.00G 109MB/s in 1m 43s
2021-12-17 15:13:20 (99.1 MB/s) - '/dev/null' saved [10737418240/10737418240]
# **IPFire 2.27 (x86_64) - Core Update 161**
# IPS ON
[root@ipfire ~]# speedtest-cli
Retrieving speedtest.net configuration...
Testing from Vodafone Germany Cable (91.65.191.58)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Deutsche Telekom GmbH: 15.347 ms
Testing download speed................................................................................
Download: 233.95 Mbit/s
Testing upload speed......................................................................................................
Upload: 55.04 Mbit/s
[root@ipfire ~]# wget -O /dev/null http://speedtest.belwue.net/10G
--2021-12-17 15:14:48-- http://speedtest.belwue.net/10G
Resolving speedtest.belwue.net... 129.143.4.238
Connecting to speedtest.belwue.net|129.143.4.238|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 10737418240 (10G)
Saving to: '/dev/null'
/dev/null 100%[=========================================================================================================================================>] 10.00G 104MB/s in 1m 54s
2021-12-17 15:16:42 (90.0 MB/s) - '/dev/null' saved [10737418240/10737418240]
[root@ipfire ~]# wget -O /dev/null http://speedtest.belwue.net/1G
--2021-12-17 15:16:56-- http://speedtest.belwue.net/1G
Resolving speedtest.belwue.net... 129.143.4.238
Connecting to speedtest.belwue.net|129.143.4.238|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1073741824 (1.0G)
Saving to: '/dev/null'
/dev/null 100%[=========================================================================================================================================>] 1.00G 98.3MB/s in 11s
2021-12-17 15:17:07 (92.7 MB/s) - '/dev/null' saved [1073741824/1073741824]The speedtest / wget info is a little hard to read (and interpret!).
I am curious: what speeds do you pay for?
1 Gbit/s down, 50 Mbit/up.
This better then ?
The Xenon CPU here has a TDP of 100 W. You sure you want run this 24/7?
You also need to add the consumption of other host and peripherals…
That is a very large question you are asking. I am sure IPFire will boot on it, but does it check all the other boxes? I am not so sure.
For me, the perfect piece of hardware is stable, power-efficient, quiet and sized to exactly what I need. I would not want to buy a new one a few years later and so on. I also want a perfect network that just works and is never slow. Last but not least, the hardware should be auditable (or at least wherever this is possible).
That board is just a mainboard. All the rest is missing. And I would say that the stuff around it is more important. However, an i7 might be way too large. You would have to find a very small processor to make this thing cheap, quiet and power-efficient. I am not sure that is worth the effort.
Our appliances that we offer are not always perfect for every single user, but they are great for the vast majority of users. There is one for the data center and large organisations, there is one for a small branch office, and there are a few in-between. Whatever we could do, we did with those. We do all the benchmarks with them and we have figured out lots of quirks and other niggles that we solved. Therefore I consider them the best option for IPFire. Problems are easier to debug if they are hardware-related because we have access to one. Setups are easier to compare because we know the hardware. They are just so much more practical for us, and they are a great choice for the user.