inexpensive mini-PC with four 2.5G ethernet interfaces
These should make good routers. This deal will last until 2:00AM Saturday. After that, the price will probably be a bit higher. Beware: AliExpress. I've ordered one but I cannot vouch for it. <https://forums.redflagdeals.com/aliexpress-com-mini-pc-fanless-bare-bones-four-ethernet-ports-good-router-pfsense-2550606/>
On 2022-07-01 3:34 a.m., D. Hugh Redelmeier via talk wrote:
These should make good routers.
This deal will last until 2:00AM Saturday. After that, the price will probably be a bit higher.
Beware: AliExpress. I've ordered one but I cannot vouch for it.
I bought one from them last year, but it only has 1 Gb Ethernet ports. It works well with pfSense. Here's a recent speedtest on my Rogers 500/20 connection. https://www.speedtest.net/result/13316408542
On 2022-07-01 3:34 a.m., D. Hugh Redelmeier via talk wrote:
These should make good routers.
This deal will last until 2:00AM Saturday. After that, the price will probably be a bit higher.
Beware: AliExpress. I've ordered one but I cannot vouch for it.
I bought one from them last year, but it only has 1 Gb Ethernet ports. It works well with pfSense. Here's a recent speedtest on my Rogers 500/20 connection. https://www.speedtest.net/result/13316408542
BTW, your reply was double posted, James. Since you actually bought one... how is it different from buying Asus router? On 2022-07-01 08:59, James Knott via talk wrote:
On 2022-07-01 3:34 a.m., D. Hugh Redelmeier via talk wrote:
These should make good routers.
This deal will last until 2:00AM Saturday. After that, the price will probably be a bit higher.
Beware: AliExpress. I've ordered one but I cannot vouch for it.
I bought one from them last year, but it only has 1 Gb Ethernet ports. It works well with pfSense. Here's a recent speedtest on my Rogers 500/20 connection.
https://www.speedtest.net/result/13316408542
--- Post to this mailing list talk@gtalug.org Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
On 2022-07-01 12:01 p.m., William Park via talk wrote:
BTW, your reply was double posted, James.
Since you actually bought one... how is it different from buying Asus router?
Sorry, I thought my first post went only to Hugh. Compared to an Asus? Well, pfSense is a lot closer to "real" routers from Cisco, etc.. For example, on my system, I have 4 Ethernet ports. Some people bond them for greater bandwidth. I have a test LAN and also a dedicated connection to a Cisco router (I bought it when I was working on my CCNA). It supports routing protocols such as RIP, OSPF and BGP. It has an NTP server which can be fully configured for multiple sources and so much more. So, you'd be better off comparing that Asus to a Cisco router. A lot of people don't know that routers can be much more than the typical SOHO router, which has only 1 WAN and 1 LAN connection. For example, I have a VLAN for my guest WiFi through the same access point (Unifi AC-LIte) as my main network. I know many SOHO routers support guest WiFi, but how configurable are they? I can have as many WiFi networks as my AP has SSIDs. PfSense also supports captive portals, so you can use a login screen for users. It also supports RADIUS servers for VPN connections. It supports OpenVPN, IPSec and Wireguard VPNs. On IPv6, I get a /56 prefix from Rogers, which means I can have as many as 256 /64 subnets. I can even pass some of those onto my Cisco router, to be split further. I doubt you can do that with an Asus, etc. router. Bottom line, pfSense on appropriate hardware is much more capable than typical SOHO routers. BTW, prior to this mini PC, I had an old HP compact desktop computer for my firewall/router. On my 500/20 connection, I would generally see around 540 or so down and 21 up. I got the mini PC when the HP died and my download bandwidth immediately jumped! So, the HP was the limiting factor. Now, it's getting to the point where my 1 Gb LAN is the limiting factor. Also, prior to pfSense, I used Linux for my firewall/router, but it wouldn't handle DHCPv6-PD, which is how the prefixes are distributed. PfSense does and I can assign individual prefixes to any interface, including VLAN or VPN. PfSense is a free download from pfsense.org, though there is also a commercial version that comes installed on Netgate hardware.
On 2022-07-01 13:49, James Knott via talk wrote:
BTW, prior to this mini PC, I had an old HP compact desktop computer for my firewall/router. On my 500/20 connection, I would generally see around 540 or so down and 21 up. I got the mini PC when the HP died and my download bandwidth immediately jumped! So, the HP was the limiting factor. Now, it's getting to the point where my 1 Gb LAN is the limiting factor.
How can you get more bandwidth than your ISP gives you?
On 2022-07-01 4:58 p.m., William Park via talk wrote:
On 2022-07-01 13:49, James Knott via talk wrote:
BTW, prior to this mini PC, I had an old HP compact desktop computer for my firewall/router. On my 500/20 connection, I would generally see around 540 or so down and 21 up. I got the mini PC when the HP died and my download bandwidth immediately jumped! So, the HP was the limiting factor. Now, it's getting to the point where my 1 Gb LAN is the limiting factor.
How can you get more bandwidth than your ISP gives you?
Rogers has always been generous with bandwidth. Recently my upload increased from 20 > 30 Mb. I found out about that in another forum and I just had to power cycle my modem to get it. Regardless, I consistently get well over 500 Mb down. Here's an example from just now: https://www.speedtest.net/result/13354933415
| From: James Knott via talk <talk@gtalug.org> | To: talk@gtalug.org | Cc: James Knott <james.knott@jknott.net> | Date: Fri, 1 Jul 2022 13:49:45 -0400 | Subject: Re: [GTALUG] inexpensive mini-PC with four 2.5G ethernet interfaces | Sorry, I thought my first post went only to Hugh. Our mailman rewites the "From: " to point to the list but leaves the comment part the same. Notice the first line that I'm quoting. This is stupid but necessary: various anti-SPAM algorithms essentially force our hand. This seems to have started 14 Jun 2016.
On 2022-07-01 03:34, D. Hugh Redelmeier via talk wrote:
Beware: AliExpress. I've ordered one but I cannot vouch for it.
I'd be more worried about the huge tracking rigmarole that RFD puts your browser through than buying from AliExpress. Here's the unencumbered link: https://www.aliexpress.com/item/1005004359859004.html Stewart
On 2022-07-01 7:02 p.m., Stewart C. Russell via talk wrote:
I'd be more worried about the huge tracking rigmarole that RFD puts your browser through than buying from AliExpress. Here's the unencumbered link:
I see it comes bundled with pfSense or OPNsense. Mine didn't come with either, but had an unlicensed copy of Windows installed, to verify it was working. I wouldn't worry about what's bundled and just download the latest 'n greatest pfSense or OPNsense. I've noticed there are a few companies producing mini PCs aimed at the pfSense market. IIRC, when I got mine, there were also 8 port versions available.
On 2022-07-01 19:52, James Knott via talk wrote:
I wouldn't worry about what's bundled and just download the latest 'n greatest pfSense or OPNsense.
No, I meant the huge amount of tracking cruft that Hugh's RFD link carried. It goes via awin1.com, which is on two of Ublock's standard tracker-blocking lists. Stewart
On 2022-07-01 9:02 p.m., Stewart C. Russell via talk wrote:
On 2022-07-01 19:52, James Knott via talk wrote:
I wouldn't worry about what's bundled and just download the latest 'n greatest pfSense or OPNsense.
No, I meant the huge amount of tracking cruft that Hugh's RFD link carried. It goes via awin1.com, which is on two of Ublock's standard tracker-blocking lists.
I wasn't referring to that. I was referring to what I read in the ad, where it described the bundles of pfSense, OPNsense or nothing. While I favour pfSense, any bundled version may be older than current. So, I'd just download it and copy to a USB stick to install from.
| From: James Knott via talk <talk@gtalug.org> | I wasn't referring to that. I was referring to what I read in the ad, where | it described the bundles of pfSense, OPNsense or nothing. While I favour | pfSense, any bundled version may be older than current. So, I'd just download | it and copy to a USB stick to install from. I agree. If you buy it without RAM or SSD (as I did, for reasons explained on RFD), you don't get any OS preloaded. The vendor clearly thinks that it is a feature to offer preloading. I wouldn't use a preload anyway. Licenses are a different issue. But no licenses are offered.
On 2022-07-02 12:09 p.m., D. Hugh Redelmeier via talk wrote:
| From: James Knott via talk <talk@gtalug.org>
| I wasn't referring to that. I was referring to what I read in the ad, where | it described the bundles of pfSense, OPNsense or nothing. While I favour | pfSense, any bundled version may be older than current. So, I'd just download | it and copy to a USB stick to install from.
I agree.
If you buy it without RAM or SSD (as I did, for reasons explained on RFD), you don't get any OS preloaded.
The vendor clearly thinks that it is a feature to offer preloading. I wouldn't use a preload anyway.
Licenses are a different issue. But no licenses are offered.
Do you currently use pfSense? I've been running it for over 6 years.
| From: James Knott via talk <talk@gtalug.org> | Do you currently use pfSense? I've been running it for over 6 years. No. I've used OpenWRT on wireless routers (when possible). For my gateways I've always (25 years) used PCs with a Red Hat linux distro: RHL, CentOS, Fedora.
On 2022-07-03 12:51 a.m., D. Hugh Redelmeier via talk wrote:
| From: James Knott via talk<talk@gtalug.org>
| Do you currently use pfSense? I've been running it for over 6 years.
No.
I've used OpenWRT on wireless routers (when possible).
For my gateways I've always (25 years) used PCs with a Red Hat linux distro: RHL, CentOS, Fedora.
My first firewall ran Slackware and I used SuSE for years, until Rogers started providing native IPv6 using DHCPv6-PD, which SuSE couldn't handle. That was over 6 years ago. Prior to that I was using a 6in4 tunnel to get IPv6 since May 2010. With that, I had to compile the client software and it worked well. I have a separate access point, mounted in my laundry room, as WiFi from my "office" doesn't cover the other end of my condo very well.
participants (4)
-
D. Hugh Redelmeier -
James Knott -
Stewart C. Russell -
William Park