I recently shared about my interest in building a standalone pfSense box. Well, I’ve been planning for that, the parts have arrived, and I’m currently putting together the box. I’ll share about the build over a couple of posts in the near future, which I think a number of people would be keen to know. For now, I just want to share some preliminary information as well as early testing results.
First, let’s go over a little bit about the design goals. It’s something that we need to talk about in order to put things in context. Remember this is for a pfSense firewall which I plan to use as an appliance. So here’s my condensed list of requirements:
- Small form factor
- At least 3 Gigabit Ethernet ports (4 would be much preferred)
- Low cost, budget friendly
- Quiet and fan-less
- Low power consumption
- Can run pfSense with decent performance
I ended up choosing to go with an Atom D2550 based mini-ITX system. Here’s the parts list:
- M350 universal mini-ITX enclosure
- Jetway NF9D-2550 motherboard with Intel Atom D2550 CPU (has two Realtek GE ports onboard)
- Jetway 3x Realtek GE ports on daughterboard
- 2 GB of SO-DIMM
- 80W PicoPSU and 60W AC-DC adapter
The network throughput of the box isn’t superb. I didn’t expect to push 1 Gbps speeds, but I had hoped to get 500 Mbps. My early tests found that the actual speeds vary somewhat depending on which ports are used (onboard or daughterboard). The best case so far seems to be using both onboard NICs, where the box managed about 405 Mbps. It’s not too shabby, but it’s certainly not stellar performance.
(405 Mbps suddenly feels slow after hearing today about MyRepublic’s new FTTH broadband plan. If you haven’t heard, they are now selling 1 Gbps fibre broadband for just $50. They will pay you up to $200 to break your current ISP contract, and some $235 if you missed your free OpenNet FTP installation. 1 Gbps now seems affordable and attractive.)
There are still some configuration options I’ll need to explore to conclude on the network throughput. I’ve heard some anecdotal comments about the Atom D2550 being able to push 600 Mbps. Of course, I want to be able to test and confirm this myself. Certainly, the performance could also be affected by the choice of NICs (e.g. Intel vs Realtek).
The other major test is about power consumption. I’m quite pleased that my early findings are good. Measuring the DC input, the box draws about 0.17 A on standby, about 1.07 A powered up and idle, and averaging 1.15 A in general use. The current maxed at 1.24 A during boot up. That’s approximately 15 W. However, I’ve not yet measured power consumption while actively pushing traffic through the box. Power seems to be good at this time.
Watch out for further posts and updates!
3 thoughts on “Building a pfSense Mini-ITX Box”
Its very rare to actually have a wire-speed 1Gbps router/firewall, even with pfSense 😛
Also, its a PCI daughterboard:
True 1Gbps multiport cards need pcie 4x.
View Comment Policy