In a recent post I detailed my current saga of server trouble. This time around I was having router trouble causing this website, and others, to fall offline. Not that much fun…
When life hands you lemons though, one needs to try to make lemonade. Since I needed to replace hardware I wanted to make sure I put in place some hardware I could trust to last another 5 years and hardware that would sip power… not guzzle it down like the now dead antique desktop tower computer had. My needs are pretty low performance-wise and I don’t need to have a super high performance setup. I just need a powerful feature set.
I left off on the other post basically trying out pfSense to see if it would fit my needs, and a few weeks later I can comfortably say that yes, it does. It’s much more pleasant to use then IPCop was and though it’s more powerful, and thus more complex to use, it still remains simple enough to setup without have to dig through piles of documentation. The interesting part of the swap though is the hardware.
I bought one of these from Netgate. I bought it as a kit for simplicity sake and am happy I did. The picture on that page is a little misleading but if you read the description about the product it would be clear that the board and case are of the two port variety.
It came in a small box and unassembled, though I think they also offer an assembled version. Everything fit together pretty easily (remember to take off the nuts on the serial port!) and they include all the screws you will need to get it setup correctly. The only sort of weird part is that the screws that hold the case together have to be threaded as you put them in the first time. This was a little alarming at first since I thought I was cross threading, but after a closer look I’m confident I did it correctly.
First step in the process really is to get the pfSense image copied to the CF card. Once that is done you can get everything assembled and close the box. Once you power it on the first time… it doesn’t boot. For some reason you have to hook it up to your computer via a null modem cable and connect to the terminal. You basically get in, change some terminal settings and then reboot. Once you reboot after those changes you can connect to it over the network and do the config. I don’t understand why that step is required. I like having the serial connection available if something goes wrong but I’d prefer not to have to use it…
Now that the unit is setup and running, I check on it to see how it’s holding up. It runs at between 0% and 5% CPU usage all the time and is using only about 64MBs of the 256MBs of RAM available to it. I was initially worried that it would be a little underpowered but it seems to handle my 15Mbps FIOS connection while sitting basically at idle. You could easily ask it to do more tasks like VPNs and traffic shaping without trouble. The unit sits there, cool to the touch, and pulling less then 10 watts. I’m using about the same power as an off the shelf linksys router while getting a feature set 5x more powerful and for less then $200.
I’m pretty happy with the move to the low power hardware. I don’t have the ability to use pfSense’s addon packages in the current configuration but I could swap the CF card for a hard drive if I wanted to. The board has the connector already on it. Right now though I’m more then happy with the features I can access and don’t feel like I’m missing any features.
Topslakr
I just had an identical setup for my home network (pfsense, 2d2, case, CF card, VPN accelerator card) and it’s pretty amazing. Didn’t have to use the serial cable though. PC gets an IP on first boot up, configured the initial setup through its Web GUI, reboot and I’m in business!
On idle network traffic, I did notice that the CPU hits 25 – 30% when on Web Gui and memory hovers around 45% with dhcpd, dnsmasq, ntpd and squid services running.
Hello dears!
How about the speed limit for this device while routing traffic from one interface to another? I am looking for a router for home usage. While my old Linksys WRT54GL can not route more than 25 Mbps, and just looking around for some opinions. I like very much Pfsense, but also don’t want to use single PC just to route my home traffic.
Firstly I thought for Mikrotik 750GL, but I am not sure whether this device will survive for the next 5 years 🙂
So, could you please share some experience with this ALIX boards powered with Pfsense?
Interesting Question. My Alix.2D2, which is still in use 5 years later, has never once had an issue. The router is setup with a connection to the internet and a connection out to a 16 port gigabit switch. Overall network performance is excellent and I have no complaints about throughput or packet loss. In terms of the speed of routing to and from the internet, the ceiling is my connection speed, not the Alix.2D2.
I recently upgraded it to the most recent version of PFSense, which was pretty painless. The only hiccup I had was updating the firmware. I wasn’t having any luck doing it via CF cards ect so I did the update through the serial connection and that worked excellently.
Spending the money on the Alix board has proved to be one of the best investments in networking gear I’ve made to date.