New Build Options

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

gabs247

New Around Here
Hi all,

I've got some very basic experience with routers. About 5 years ago, I purchases a small Qotom machine and installed pfSense on it, configured and maintained a basic router for home usage. I tried out various plugins and set myself an OpenVPN server, for instance. Some of the things I was really interested in doing, but never really got into it enough were IDS/IPS and also DPI visualisations/policies.

Unfortunately, my box died last year. It had had a few issues in the past, but this time was the end. I think it was a hard drive issue, as I could reinstall pfSense, but it just wouldn't boot off the internal hard drive...I've fallen back to a consumer router that I had spare for now (which has actually been far too long).

So then wtih the new Ubiquiti Dream Machines, I was thinking of just grabbing one of these:
- less of a worry for me
- I already have a Ubiquiti Access Point
- IDS/IPS feature
- some DPI features as well
- boost my wifi
- quite affordable

But I've read about some people having performance or other issues with them, and also many people recommending Ubiquiti internally, and pfSense at the edge.

So then started looking at what's currently available out there:
- pfSense still seems to be the most extensible, reliable and popular option
- Untangle, but limited free features
- OPNSense, looks really interesting with the addition of Sensei

But I guess, once bitten, twice shy with these prebuilt appliances, I have had a look around and they are still available and probably around the same pricing as the UDM (but without Wifi).

So apart from a general introduction, and welcome to have any general feedback on the above, I'm probably wondering if anyone has any experience with these Qotom or other "black box" appliances out there? I'm probably leaning towards giving OPNSense a go, if I can convince myself to give another box a go :)

Thanks for reading.
 

Trip

Very Senior Member
many people recommending Ubiquiti internally, and pfSense at the edge.
That's the way I'd go. As you can put together from reading elsewhere, UniFi is in a bit of a mess when it comes to firewall/gateway/routing -- USG/USGP too under-powered, UDM/UDMP still too flaky, UXGP still too under-developed).

I've built multiple Qotom Celeron and i-Series boxes, mostly with Untangle for business clients, and as long as you get the ones with Intel NICs (I210 or 211, or better), you'll be just fine. To mitigate failure a bit further, I would probably use your own M.2 or SATA SSD, be it an entry-level enterprise drive with a DWPD rating or 1 or higher (Micron, Intel, etc.) or a consumer drive with higher quality TLC or QLC NAND.

Since you already have a UAP, no harm in sticking with UniFi for LAN and WLAN -- that's really where their core competency is anyways.
 

L&LD

Part of the Furniture
First off, 5 years is not too bad, but I would not expect it to either after such a 'short' time either.

Jump into 2021 with the RT-AX86U if it's in the same price range as what you're considering. And your OpenVPN usage requirements can be met with less than 250Mbps speeds. You may be pleasantly surprised by what has happened in a half-decade.
 

shark2

New Around Here
this:

In OpenWrt they recommend these wifi 6 routers: belkin rt3200 and linksys E8450 both routers use the same hardware.

They say they are one of the best wifi routers that have support and use kernel version 5.10.

If you use sqm cake it can be up to 500mbs with one core, but if you install and use Irqbalance to use both cores, you can with more than 500mbs using sqm cake.

belkin rt3200 price 100 dollars
Search results - OpenWrt Forum: https://forum.openwrt.org/search?q=rt3200 order:latest


linksys e8450 price 150 dollars
Search results - OpenWrt Forum: https://forum.openwrt.org/search?q=e8450 order:latest


package Irqbalance

OpenWrt + 802.11ax supported
 
Last edited:

gabs247

New Around Here
That's the way I'd go. As you can put together from reading elsewhere, UniFi is in a bit of a mess when it comes to firewall/gateway/routing -- USG/USGP too under-powered, UDM/UDMP still too flaky, UXGP still too under-developed).

I've built multiple Qotom Celeron and i-Series boxes, mostly with Untangle for business clients, and as long as you get the ones with Intel NICs (I210 or 211, or better), you'll be just fine. To mitigate failure a bit further, I would probably use your own M.2 or SATA SSD, be it an entry-level enterprise drive with a DWPD rating or 1 or higher (Micron, Intel, etc.) or a consumer drive with higher quality TLC or QLC NAND.

Since you already have a UAP, no harm in sticking with UniFi for LAN and WLAN -- that's really where their core competency is anyways.
Thanks Trip, that's what I'm leaning towards. I guess I'm a bit nervous about buying another box, but I'm hoping it was maybe a cheap m.2 card or just some M2 issue...I've opened it and taken a photo, if anyone knows what this one might be, it doesn't seem to have a brand on it?

I don't have a screen with a VGA port at the moment, another issue with the J1900 qotom box that I had. If I upgraded to one with an HDMI port, I wouldn't have to use VGA ports anymore, would I?
 

Attachments

  • PXL_20210731_015235902_compress84.jpg
    PXL_20210731_015235902_compress84.jpg
    134.5 KB · Views: 27

gabs247

New Around Here
First off, 5 years is not too bad, but I would not expect it to either after such a 'short' time either.

Jump into 2021 with the RT-AX86U if it's in the same price range as what you're considering. And your OpenVPN usage requirements can be met with less than 250Mbps speeds. You may be pleasantly surprised by what has happened in a half-decade.
Yes, maybe that is the "better" OOTB option for me, instead of a Dream Machine. It looks like it has all the key features, and I've heard good things about Asus routers...I guess I like the flexibility of having more control, it's a compromise though, as it often means time mucking around.

I'll definitely do some more online research though, thanks L&LD
 

John Davis

Regular Contributor
Thanks Trip, that's what I'm leaning towards. I guess I'm a bit nervous about buying another box, but I'm hoping it was maybe a cheap m.2 card or just some M2 issue...I've opened it and taken a photo, if anyone knows what this one might be, it doesn't seem to have a brand on it?

if you do replace it have a look at the new dual-lan Intel NUC’s (dual 2.5gbe ports - ideal for pfsense)
 

Trip

Very Senior Member
Thanks Trip, that's what I'm leaning towards. I guess I'm a bit nervous about buying another box, but I'm hoping it was maybe a cheap m.2 card or just some M2 issue...I've opened it and taken a photo, if anyone knows what this one might be, it doesn't seem to have a brand on it?
That's a Phison-branded mSata SSD with Micron/Toshiba MLC NAND -- looks like a 64Gb capacity. Probably just got thrashed with too many write cycles. I'd be willing to bet you could restore the box to working order by just replacing the SSD. The Kingston UV500 is a pretty solid choice.
I don't have a screen with a VGA port at the moment, another issue with the J1900 qotom box that I had. If I upgraded to one with an HDMI port, I wouldn't have to use VGA ports anymore, would I?
Presuming you had an HDMI-compatible display, that would be correct. Something like a Protectli Vault 4 (or the oem Qotom equivalent) would give you almost identical single-threaded performance via the J3160, while running at roughly half the power and offering HDMI for display. Plus, that box offers Intel I210AT NICs, which are a little better than the I211's in that they offer double the egress/ingress queues per port, very nice for firewall duty.
 

gabs247

New Around Here
Thanks Trip. The
That's a Phison-branded mSata SSD with Micron/Toshiba MLC NAND -- looks like a 64Gb capacity. Probably just got thrashed with too many write cycles. I'd be willing to bet you could restore the box to working order by just replacing the SSD. The Kingston UV500 is a pretty solid choice.

Presuming you had an HDMI-compatible display, that would be correct. Something like a Protectli Vault 4 (or the oem Qotom equivalent) would give you almost identical single-threaded performance via the J3160, while running at roughly half the power and offering HDMI for display. Plus, that box offers Intel I210AT NICs, which are a little better than the I211's in that they offer double the egress/ingress queues per port, very nice for firewall duty.

Thanks Trip. The only board that I can see available to me (in Australia) is not from Qotom (they only have a dual LAN port J3160 available). Protecli is a lot more expensive for me to purchase, probably about double an OEM via AliExpress.

The option that I've found on AliExpress has "chinese brand" memory/hard drive and unfortunately they haven't told me what. The reviews indicate it's Kingston and Biwin/Toshiba, and the board appears to have Intel I211AT NICs, but the reviews don't seem too bad and it would be a step up from the J1900 box that I had previously (especially with the HDMI interface). They also have J3455 and J4205 options, but I'm thinking the J3160 is a better option in terms of much lower power usage compared to slightly better performance?

 

Trip

Very Senior Member
@gabs247 - Nice find. Provided the J3160 has enough horsepower for whatever service(s) you may want to run, I think that box should do just fine.
 

gabs247

New Around Here
Thanks, hopefully they are decent boxes.

I'm thinking I'd need to go 8GB ram again, if I want to run OpnSense with Sensei and all the funky stuff.

Not sure whether I need more or less disk space? I had 64GB last time, would that be adequate still or should I push to 128gb?
 

Trip

Very Senior Member
All depends on if you want to cache web content, log internally or if any other packages are storage-hungry. Never hurts to have more than you need, that's for sure.
 

lwukdwfk

New Around Here
@Trip What did you think of this Seeed Studio mini pc for $279?
  1. https://www.seeedstudio.com/Odyssey-Blue-J4125-128GB-p-4921.html
  2. https://www.amazon.com/dp/B08FT4WHQN/

Specification

ComponentsODYSSEY Blue J4125 128 GB
ProcessorIntel® Celeron® J4125 (Frequency: 2.0 - 2.7GHz)
CoprocessorMicrochip® ATSAMD21G18 32-Bit ARM® Cortex® M0+
GraphicsIntel® UHD Graphics 600 (Frequency: 250 – 750MHz)
MemoryLPDDR4 8GB
StorageExternal 128GB SSD
WirelessWi-Fi 802.11 a/b/g/n/ac @ 2.4/5 GHz HT160
NetworkingDual Intel® I211AT PCIe Gigabit LAN, Supports Wake-On-LAN, Supports PXE
AudioMicrophone + headphone Combo Connector
USBUSB 2.0 Type-A x2, USB 3.1 Type-A x1, USB 3.1 Type-C x1
Video InterfacesHDMI2.0a: Up to 4096x2160 @ 60Hz 24bpp / DP1.2a: Up to 4096x2160 @ 60Hz 24bpp
Expansion SlotsM.2(Key B, 2242/2280): SATA III, USB2.0, UIM; M.2 (Key M, 2242/2280): PCIe 2.0 ×4; Micro SD card Socket; SIM Card Socket; SATA III
TPMBuilt-in TPM (2.0)
PowerDC Jack 5.5/2.1mm or Type-C PD; DC Jack input: 12-19V DC; Type-C input: 15V DC
Dimensions130x120x50mm
CertificationsFCC, CE, TELEC

Intel Celeron J4125 vs Intel Celeron J3160

 
Last edited:

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top