Hardware / Re: Which CPU / Mobo for enthusiast home network
« on: February 12, 2018, 06:19:13 pm »
Don´t get me wrong, i´d totally squeeze out the money for the SG-4860. If it has enough power run the mentioned packages and doesn't require me to tweak/mess around with the settings to get it stable its worth it.
My issue is that, me living in Switzerland, the prices for these appliances are crazy. Saw an offer from one of the Netgate partners at 1200CHF. And for this price I can easily get a high end gaming rig CPU/MB/RAM combo ;) this is essentially why I was asking.
I didn't check offers in Germany or other European countries but shipping and importing (depending on the price of course) into Switzerland is always something to factor in.

On a side note: I saw that the XG-7100 is running a C3558 and will be ready for shipping in march from what I could gather from the website. Does this mean that a solution for this chip will be available soon as well or is this system equipped with extra NICs to work around this issue?
Or wait and see what new fun stuff they are going to announce..
Might be the best option in this case.

The Xeon D chips seem to be great as well but of course power consumption is way higher..

Hardware / Re: Which CPU / Mobo for enthusiast home network
« on: February 10, 2018, 05:51:47 am »
Yes i check the offers and they seem great but to me, prices seemed to be bit high for what you get. The sg-4860 you mentioned features the C2558.
Does it still make sense to buy the c2xxx chips in 2018 especially if you had to compare it to the c3xxx (which is not fully supported yet..) and the xeon d-5xxx?
Working as a system engineer i love to build stuff and tinker with it ;) So the question is not only if you save or spend more money if you DYI but would you get newer hardware that is maybe in the same range and has more power.
Do you have any details regarding new stuff coming to the market and when?

Budget wise it should be well within 400 - 600 bucks (there is some wiggle room of course).

Hardware / Re: Which CPU / Mobo for enthusiast home network
« on: February 10, 2018, 04:37:01 am »
Well when it comes to "spare" parts i only have my old desktop pc which is running on the  LGA1155 platform and features a i7-2600k so not the best solution when it comes to low power consumption :)
Another option would be to run it within a VM but this would serve testing and "playing around" needs. So in the end I would need to get dedicated hardware.

Hardware / Which CPU / Mobo for enthusiast home network
« on: February 09, 2018, 04:40:28 pm »
Hey Guys,

I know these kinds of questions are asked over and over again and I am sorry for bringing it up yet again BUT at this point i have no idea what is going on anymore.

For the last couple of years, building pfsense box came up my mind again and again but it always came down to the question "which CPU / mainboard or hardware configuration do i need". There are so many different possibilities to choose from and meanwhile it feels like I read every hardware recommendation post on these forums and even reddit like twice.

Some information of what i want to do or want to be able to do:
In general I want to build a proper network perimeter firewall, mostly because with the setup i have currently there is always something that seems off. So this project should help me in terms of security but of course for learning as well.
This is gonna be for my home network which is connected to a 400mbits/40mbits cable connection with only a few clients. Full fiber 1gbits/1gbits are more and more common where I live so the system that I build should be able to handle this kind of throughput as well. Based on what I read over and over again it seems to me that when it comes to routing gbits (routing only) it might not even matter and probably all CPU´s that came out in the last decade would be able to handle it. But of course this system wont do routing only.

I definitely want to use packages such as snort, clam-av and squid. (deep packet inspection would be cool but might not even be feasible with more and more sites featuring HTTPS and certificate pinning?)
So i guess it comes down to the packages installed and running and it seems like that the mentioned ones are especially hungry when it comes to hardware (might consider suricata instead of snort because of single/multi threading, maybe you can provide a recommendation on this as well

Up until now i never really felt the need to use VPN connections but of course I might in the future.

Hardware wise it should of course consume as little power as possible and this is why I was really interested in Intel Atom (c2xxxx and c3xxxx) or maybe even xeon d 15xx. So of course the question is which of those platforms would cut it? Id probably go for c3xxxx but with issues for support of these platforms it doesn´t make sense.

So in the end the questions, based on the information above and the listed packages, use cases, which platform would you propose or recommend. At this point I am open for everything, maybe there are chips that will get the job done easily and wont cost like 600 bucks. On the other hand I always love having some air to breath when it comes to hardware, making it just a little more future proof. So the main focus should be "bang for the watt" when it comes to power consumption and budget could be up until 700-800 for the whole system (is it really necessary to spend that much on a router, or rather "security appliance" that protects the assets in my network? ;).

I would really appreciate honest feedback and experience.


