Need advice Intel i350, SSD help?

General questions.
Post Reply
mattnin
Posts: 15
Joined: December 13th, 2017, 7:33 am

Need advice Intel i350, SSD help?

Post by mattnin » August 4th, 2018, 6:27 pm

I had to reinstall my ipfire and decided to maybe rethink my machine. I believe some components may be overkill and would really appreciate responses from the more experienced network admins here.

It's running 16GB of DDR4 2133, Intel Dual Core, Intel i350.

I had an SSD in there, but feel it's being underutilized. I'm not caching with squid nor download accelerator. Is the the SSD helping anything except boot time?

Also, I have the intel i350 T2 (two ports). My machine also has an internal Realtek Ethernet port. Would it be based to assign the Realtek to the Red Interface and leave the i350 to the Blue and Green interfaces (LAN and Wireless)? Or would it be best to assign an ethernet port on the i350 to the Red interface?

Thanks for any help. I still have a lot to learn...

silverknight
Posts: 15
Joined: June 27th, 2010, 2:01 pm

Re: Need advice Intel i350, SSD help?

Post by silverknight » August 4th, 2018, 11:26 pm

If this is for a home based network that is crazy overkill. For home installs a cheap pc from a thrift shop and some old gigabit network cards do the job.

So to suggest a good build we need some info:
  • Where is this machine going to be deployed? At home? At a business?
  • How many users/machines will it serve?
  • What services do you have enabled?

mattnin
Posts: 15
Joined: December 13th, 2017, 7:33 am

Re: Need advice Intel i350, SSD help?

Post by mattnin » August 5th, 2018, 1:42 am

It's deployed at home just serving the wife, myself, my kid, and family and friends. I only have snort, guardian, and openvpn for now. I am looking into swatch for log monitoring and Lynis for additional monitoring. I'm not using it for file serving or anything else but just would like to make it a pure firewall, IDS, IPS, log monitoring and alert solution and also for just learning and having fun. I'd like to be able to install graylog to the box somehow and may do that using qemu.

I would like to be able to use the hardware to it's full potential but every time I look at the status, the CPU is always underutilized and barely running at 2% utilization. The 16GB RAM can mostly get filled with cache, I believe that is due to snort. I'm sure the SSD is just sitting there barely doing anything of any use at all.

My friend from work suggested to setup the Intel i350 2 port NIC between the green and blue interface since they will be doing the high speed talking and just leave the onboard realtek ethernet port for the WAN since it's slower, so I did that. If you or anyone else have any suggestions for services that will really make use this system, let me know, otherwise I think you're right, I will have to downsize it.

User avatar
marshalleq
Posts: 58
Joined: March 10th, 2014, 7:54 am
Contact:

Re: Need advice Intel i350, SSD help?

Post by marshalleq » August 5th, 2018, 5:24 am

Snort and Guardian can use quite a bit of memory BTW. I'd suspect CPU too so maybe have a look into that. Also I've found the faster hardware to be superior for DNS query speed which may be a consideration (haven't done any serious testing to confirm it, but that's my sense). I've found far more improvement getting the MTU's right, which is downright magical.

Marshalleq

silverknight
Posts: 15
Joined: June 27th, 2010, 2:01 pm

Re: Need advice Intel i350, SSD help?

Post by silverknight » August 5th, 2018, 11:58 pm

Something like this would be just fine: https://www.amazon.com/gp/product/B00J5EZQ7O/ Its barebones, you add your own RAM and storage drive.

These things pull next to nothing in wattage and if your are in an area like me where electricity is pricey these things pay for themselves within a year or so vs running a full size system. I've deployed these with Snort, Squid, VPN, etc with 40-50/users and they work great. Its a prebuilt solution so you can save some money by parting out your own and building it yourself.

In short for home use any low power Intel Atom board with at least dual core is going to do what you want, look for boards with multiple NICs to same some trouble (the one I linked has 4). If your home internet speed is above 300Mbit you may want to look at the quad core Atoms. For memory 2GB of ram is also a good minimum for your needs, 4GB would be ideal and anything more than 8GB isn't doing a lot for you in my opinion but other users may have good points for adding more. SSDs are a luxury for IPFire, they don't do much beyond making boot time a little faster. I like to use them simply because they should have a much longer lifespan than a HDD which to me is worth the small extra cost.

EDIT:

Forgot to address your question on NICs. The devs here have historically preferred Intel network cards over Realtek for various reasons. I agree with this simply out of my own experiences with the two. After many years of service and dozens of Terabytes of data the Intel cards seem to hold up a lot better.

mattnin
Posts: 15
Joined: December 13th, 2017, 7:33 am

Re: Need advice Intel i350, SSD help?

Post by mattnin » August 7th, 2018, 3:25 am

Thanks for the advice everyone! Now how do I convince the wife that I need another server ;D

User avatar
marshalleq
Posts: 58
Joined: March 10th, 2014, 7:54 am
Contact:

Re: Need advice Intel i350, SSD help?

Post by marshalleq » August 8th, 2018, 10:39 pm

I just discovered this qotom hardware - getting great feedback on the opnsense forums. Apparently get the i5 one with AES-NI. Comes in at a bit over $200 US. Low power, 4 NIC's etc. They're running IDS etc and getting gigabit speeds so pretty good.

https://www.aliexpress.com/item/Qotom-Q ... 5c-41f9-a8

rodneyp
Posts: 149
Joined: October 4th, 2010, 2:17 am
Location: Australia

Re: Need advice Intel i350, SSD help?

Post by rodneyp » August 9th, 2018, 5:48 am

Why not install all IPFire options that might be useful on the i350 and then check utilisation of resoources. That should give an indication of what hardware would suffice.

A 40 W light bulb running 24/7 consumes 1 kWH of electricity per day. That could be a quantity of heat and cost you might not want. My experience of SSD in laptops is that battery life is at least doubled.

NIC are horses for courses. I've changed Internet providers 3 times in 5 years to get to 14 Mb/s - which is the most technically feasible at this location. Realtek 10/100 NIC for RED is not stresed at all.

IPFire CUPS print server can save a lot of configuration for multiple workstations.

Post Reply