I have been thinking about setting up ipFire, because of better HW compatibility over pfSense or opnSense. I have a mini-ITX board (17 by 17cm) with an AMD 5350 (4-core, 1.833 GHz, 8 GB RAM, 100% passive cooled). I have one PCI-e x16 slot, and a 10/100/1000 onboard LAN port. Should I get an Intel x520 PCI-E board with 2 ethernet ports and a WAP, or should I use the onboard LAN chip with a spare PCI-E TP-Link N900 (Atheros 5380 chip, dual radios)? Can the TP-Link use both radios at once? I use this same wifi card in my main computer, and both Win7 AND Linux use one radio at a time. Any suggestions?
In my opinion this CPU is old and slow: https://www.cpu-monkey.com/en/compare_cpu-intel_processor_n100-vs-amd_athlon_5350
As long as you just use a couple of filter lists and don’t have a fast internet connection and don’t use VPN you will be fine. However the system will be still weak.
You may run several hostapd instances via console to manage to run several networks, but always with different wifi cards. You won’t be able to run different ratios with a single card.
Does the board have a x16 PCIe3.0 slot? yes. If its a PCIe2.0 slot then you are better off getting a four port 2.5Gb or 1Gb card.
The CPU has no PCIe 3.0: AMD Athlon 5350 Specs | TechPowerUp CPU Database
That fits with here: ASRock > AM1H-ITX
Intel x520 has 8 lanes @ PCIe 2.0: https://www.intel.de/content/www/de/de/products/sku/55353/intel-ethernet-server-adapter-x520da2/specifications.html
The board has only 4 lanes at the extension port.
PCIe 2.0 transfers 5 billion data packets (gigatransfers/s, GT/s) per lane per second, which ideally hold almost 500 MB of data per second (MByte/s). With PCIe 2.0 x4, almost 2 GB/s are possible.
For this card at least 40 Gbit/sec == 5GB/s will be needed. The CPU/board can’t handle that.
1 Like
You need to state what WAN speed you have/intend plus examine the specs of your ITX mainboard closely.
I have an ITX mainboard with Athlon 5350 APU. Although the PCIe x16 slot is PCIe 2.0 it will run PCIe 1.0 x4 in the 4 lane mode that most Ethernet cards will use. Definitely use the onboard LAN port.
FWIW, I run IPF on an even slower ITX board having A8-5545 APU and that easily copes with my maximum available WAN of 33 Mb/s
biggest card that can go in it is a 4 port 1Gb Base-T or Base-X
Change my first post to read 16 GB RAM.
I’m pretty frustrated here. Someone suggested running “adblock” on OpenWRT on my Linksys WRT-AC1200, but I think the last official firmware upgrade removed my ability to switch to open source firmware. I ran DD-WRT on my WRT-54GL for years. Now it looks like Linksys is giving me the middle finger. Networking is difficult for me. And when I “upgrade” and still run factory firmware, I think I did something wrong. This does not exactly build confidence.
N100 chip? Would BSD run on it? I bought the X520 because I thought the X540 was not offered as a PCI-E form factor. Are there other chips I might also consider? I am not opposed, I just want to check the total cost first (home user, Roku, Youtube, maybe D/L a linux distro once in a while).
The pfSense hardware appliance is a “fall-back” solution, since it costs the most. But I’m always open to suggestions !
I don’t know about BSD (but it should work because it is an X86_64)
IPFire works on Intel N100 but im not so pleased because my System draw more power than i had expected. (more than 10W idle)
N100 wold run in BSD in x86 compatibility mode, but I don’t run BSD because its generally about 9 months behind keeping up with Linux.
That is one of the reasons why I picked IPFire because it runs a Linux core.
The difference between running a gateway server, which what I call using a server as a router, and a store bought router is you get better functionality with VPN, Intrusion Protection and better throughput on the firewall side with a server.
But since I’m more of a traditionalist, I use a gateway server motherboard. I put together one at a reasonable price. Granted, my X10 server pulls more power than a modern server motherboard. But It only cost me $60 for the board and another $50 for processor compared $700 new server board + processor. Supermicro X10SLH-N6-ST031 router boards builds
It should be about 70-80% all the time because of the continuous duty cycle of a cpu used in this application. This is even constant inside consumer routers, but with lower end, lower power processors.
I’m about to get around to focusing on helping IPFire develop more. On my list I am going to address is the font config. I should switch back to main core and submit the banana pi cpu, however, since its special purpose, I’m thinking on submitting that here instead of Linux Main. That chip would perform better than a N100 for this purpose because its designed similar to an Intel Atom with a ARM Cortex core. Intel Atoms, Some Core-I and Xeon Intel series are the processors that are designed for this application of a gateway server. Primarily because they are generally lower power with built in ethernet on chip. Everything else is going to eat more power because of assembly of interface chips regardless if its on board or added in on a PCIe card.
Did you disable all the by default enabled integrated overclocking stuff (turbo boost etc.)? My system doesn’t draw much more than 4 Watts in Idle (lowest measurement of my meter). I also run a N305 with Proxmox and IPfire that’s even doing a better job with the power management.
If you are looking for power and efficiency you better run the AMD AM5 platform. You won’t get any better performance/efficiency ratio. I have the 8700G and 8300G APU, also 7950X3D and 7900X and (with disabled overclocking functionality) they run awesome cool and have lots of power. The 9000 series should even be better (but I don’t have any yet to test → waiting for the 9950X3D :D).
Wow. I just found the adapter I need for the special “rack-mount” cable to allow the X520 to be used with a “regular” plug on my Zyxel NWA90XA Pro. I could get an adapter for my name-brand Intel X520, but I think I’ll just buy an Intel I350-T2 PCI-E card that uses “regular” plugs.
This would be like converting my rear brakes (02 Saturn) from drums to discs (like some of the 95-98 models) and dealing with several different lengths of parking brake cables that were used.