Johno
Regular Contributor
Thought this might be useful info for anyone considering building a custom mini-pc based router running PfSense or OPN Sense, either bare-metal or using Proxmox.
I've recently purchased one of those passively-colled Chinese-built mini PCs/firewall devices with multiple Intel NICs and low power consumption CPU, such as those by the likes of Protectli, Quotom, Tuofudun, Hunsn and Topton (basically resellers of CWWK products). Mine is branded Glovary which I purchased via Amazon for the easy returns and customer service: https://www.amazon.co.uk/gp/product/B0CV3NTLTJ/?tag=smallncom-21 there's a 10% discount offer at the moment.
I purchased a bare-bones N100 version with 6 NICs and added 32GB Crucial RAM and 512 GB Samsung 970 Pro NVMe and received it less than two weeks later. The customer support via Amazon messaging was prompt and so far (I've not yet left a review) they've been very attentive, sending me a message containing support info and docs just hours after placing my order. It's a solidly-built piece of kit, feels like good quality and after installing the RAM and NVMe disk, it booted up just fine and I installed Proxmox VE, creating VMs for OPNSense, PfSense and an LXC for Adguard Home.
		
		
	
	

It's all working fine, with either just PfSense or OPNSense running along with AdGuard DNS server (but with just a few clients connected in my homelab and sitting behind my current Asus router for WAN), reported CPU temps have reached close to 50°C in the recent very hot UK weather (35°C outside), but today with ambient temp of 25°C, CPU temp is 39°C so it would seem the CPU runs about 15°C hotter than ambient. Glovary supplied a PWM cooling fan on request, which fits inside the underneath of the case and operates as an exhaust fan pulling down warm air from the dowward-facing motherboard/RAM/NVMe, though I'm not sure how effective that'll be, operating against rising warm air. The CPU is mounted on the other side of the mobo and can't be seen as it's directly connected to the case, the top of which is a large heatsink. I don't see any vents inside the case to allow warm air to naturally escape upwards, except via the slight gap around the motherboard but then that warm air will just hit the heatsink which is directly connected to the CPU heat-spreader via a thermal paste layer, but has no vents to allow warm air to escape upwards.
The PWM fan is configurable via the AMI BIOS but the settings parameters are very basic, namely the temp at which the fan stops, the temp at which it's at full speed and the temp at which the fan starts. The fan is a Chinese branded 80mm PWM fan that's 10mm thick and it seems pretty quiet with the BIOS reporting it running at around 1400rpm with the CPU temp reported as 38°C. Note though, that the motherboard/BIOS doesn't support PWM (nor any) sensors for the fan so using the sensors utility in Proxmox/Linux shell only reports CPU temps along with ACPI interface and NVMe temps, with nothing for the fan. I guess this is one corner that's been cut to keep price down; I wonder if the more expensive Protectli devices do support fan control via the OS?

10mm thick PWM fans are pretty thin on the ground, I've found an Akasa 10.8mm thick fan which is probably thin enough but it gets mixed reviews for noise. There are 15mm fans available (even Noctua) but Glovery support point out that they might cause issues with insufficient clearance; I'm not sure whether a bottom-mounted exhaust fan is actually useful as the temps are more or less the same as before I fitted it; flipping it to use as an intake fan seems pointless as there's nowhere for the warm air to escape upwards, hence, I guess, it's use an an exhaust fan.
The biggest difference I've noticed to cooling is achieved by placing a vertically-oriented 120mm fan in front of the unit, so that it blows air laterally over the heat sink fins and underneath the case via the 3mm gap afforded by the case feet. An external 5V USB 120mm fan was the suggestion of Glovary customer support though they said the fan should be placed directly onto the heatsink which I didn't think was a good idea. I purchased a NewHail 2Pack Quiet 120mm USB Fan Dual-Ball Bearings, USB Fan 5V, with L/M/H 3-Degree Speed Switch from Amazon which was on offer at the time, it has silicone feet which I'd guess helps reduce noise and provides stable placement for the fan itself. Placed vertically about 2 inches from the Glovary with fan speed on lowest, I see a reduction in CPU temps of about 10°C and a reduction of 8°C for the NVMe, no difference to the ACPI temps; the noisier medium and high speeds didn't make any discernable difference and the low speed setting is pretty quiet, certainly not enough to draw attention.

I've installed Proxmox onto a ZFS-formatted disk so that snapshots are quick and easy (the Samsung disk should be able to cope with the demands of ZFS), with OPNSense and PFSense running as VMs (one at a time obvs), I'm still trying to work out whether I prefer one of the other, I think OPNSense looks more modern and logical and the ZenArmor support is a bonus, I might upgrade to the full home edition when the Black Friday/Cyber Monday sales start.
The router isn't "live" yet, I'm still getting comfortable with PfSense and OPNSense, how to configure them for access to Proxmox admin on a separate subnet, DNS config to use Adguard Home server etc, but the availability of up to 2GB/sec fibre broadband on my street has prompted me to invest in this setup for the future, the two Asus routers I currently have as an AIMesh 2 network will be relegated to providing WiFi across the house using AIMesh on a wired backhaul.
As I've said, I've posted this as (hopefully) useful info for anyone else considering a home-built mini-pc router/firewall, any useful advice or info from others here would greatly appreciated.
				
			I've recently purchased one of those passively-colled Chinese-built mini PCs/firewall devices with multiple Intel NICs and low power consumption CPU, such as those by the likes of Protectli, Quotom, Tuofudun, Hunsn and Topton (basically resellers of CWWK products). Mine is branded Glovary which I purchased via Amazon for the easy returns and customer service: https://www.amazon.co.uk/gp/product/B0CV3NTLTJ/?tag=smallncom-21 there's a 10% discount offer at the moment.
I purchased a bare-bones N100 version with 6 NICs and added 32GB Crucial RAM and 512 GB Samsung 970 Pro NVMe and received it less than two weeks later. The customer support via Amazon messaging was prompt and so far (I've not yet left a review) they've been very attentive, sending me a message containing support info and docs just hours after placing my order. It's a solidly-built piece of kit, feels like good quality and after installing the RAM and NVMe disk, it booted up just fine and I installed Proxmox VE, creating VMs for OPNSense, PfSense and an LXC for Adguard Home.

It's all working fine, with either just PfSense or OPNSense running along with AdGuard DNS server (but with just a few clients connected in my homelab and sitting behind my current Asus router for WAN), reported CPU temps have reached close to 50°C in the recent very hot UK weather (35°C outside), but today with ambient temp of 25°C, CPU temp is 39°C so it would seem the CPU runs about 15°C hotter than ambient. Glovary supplied a PWM cooling fan on request, which fits inside the underneath of the case and operates as an exhaust fan pulling down warm air from the dowward-facing motherboard/RAM/NVMe, though I'm not sure how effective that'll be, operating against rising warm air. The CPU is mounted on the other side of the mobo and can't be seen as it's directly connected to the case, the top of which is a large heatsink. I don't see any vents inside the case to allow warm air to naturally escape upwards, except via the slight gap around the motherboard but then that warm air will just hit the heatsink which is directly connected to the CPU heat-spreader via a thermal paste layer, but has no vents to allow warm air to escape upwards.
The PWM fan is configurable via the AMI BIOS but the settings parameters are very basic, namely the temp at which the fan stops, the temp at which it's at full speed and the temp at which the fan starts. The fan is a Chinese branded 80mm PWM fan that's 10mm thick and it seems pretty quiet with the BIOS reporting it running at around 1400rpm with the CPU temp reported as 38°C. Note though, that the motherboard/BIOS doesn't support PWM (nor any) sensors for the fan so using the sensors utility in Proxmox/Linux shell only reports CPU temps along with ACPI interface and NVMe temps, with nothing for the fan. I guess this is one corner that's been cut to keep price down; I wonder if the more expensive Protectli devices do support fan control via the OS?

10mm thick PWM fans are pretty thin on the ground, I've found an Akasa 10.8mm thick fan which is probably thin enough but it gets mixed reviews for noise. There are 15mm fans available (even Noctua) but Glovery support point out that they might cause issues with insufficient clearance; I'm not sure whether a bottom-mounted exhaust fan is actually useful as the temps are more or less the same as before I fitted it; flipping it to use as an intake fan seems pointless as there's nowhere for the warm air to escape upwards, hence, I guess, it's use an an exhaust fan.
The biggest difference I've noticed to cooling is achieved by placing a vertically-oriented 120mm fan in front of the unit, so that it blows air laterally over the heat sink fins and underneath the case via the 3mm gap afforded by the case feet. An external 5V USB 120mm fan was the suggestion of Glovary customer support though they said the fan should be placed directly onto the heatsink which I didn't think was a good idea. I purchased a NewHail 2Pack Quiet 120mm USB Fan Dual-Ball Bearings, USB Fan 5V, with L/M/H 3-Degree Speed Switch from Amazon which was on offer at the time, it has silicone feet which I'd guess helps reduce noise and provides stable placement for the fan itself. Placed vertically about 2 inches from the Glovary with fan speed on lowest, I see a reduction in CPU temps of about 10°C and a reduction of 8°C for the NVMe, no difference to the ACPI temps; the noisier medium and high speeds didn't make any discernable difference and the low speed setting is pretty quiet, certainly not enough to draw attention.

I've installed Proxmox onto a ZFS-formatted disk so that snapshots are quick and easy (the Samsung disk should be able to cope with the demands of ZFS), with OPNSense and PFSense running as VMs (one at a time obvs), I'm still trying to work out whether I prefer one of the other, I think OPNSense looks more modern and logical and the ZenArmor support is a bonus, I might upgrade to the full home edition when the Black Friday/Cyber Monday sales start.
The router isn't "live" yet, I'm still getting comfortable with PfSense and OPNSense, how to configure them for access to Proxmox admin on a separate subnet, DNS config to use Adguard Home server etc, but the availability of up to 2GB/sec fibre broadband on my street has prompted me to invest in this setup for the future, the two Asus routers I currently have as an AIMesh 2 network will be relegated to providing WiFi across the house using AIMesh on a wired backhaul.
As I've said, I've posted this as (hopefully) useful info for anyone else considering a home-built mini-pc router/firewall, any useful advice or info from others here would greatly appreciated.
			
				Last edited: 
			
		
	
								
								
									
	
								
							
							 
	
 
 
		 
 
		 
 
		 
 
		