[Guide] JDM's Mini-ITX pfSense builds

I’ve even noticed the latency difference on loading web pages.

IMO, buy once cry once. pfSense is where it’s at.

You can forgo all of the extras, just get 2GB of RAM and no extra NIC for example.

No kidding? I’m surprised the USG would bog down web browsing. I am really looking forward to getting some dns ad blocking going once the server is live. Will have to look into pfsense next.

Totally agree with buy once. When we moved I went for the 24port 10/100/1000 Cisco Poe switch with 2 extra 10g sfp ports. Exactly zero use for it now, but seemed reasonable (plus the wife has no idea either way lol).

@ZetaEpyon I have one build where I will be using using a PCIe riser and one without. What case are you using in this picture with the low profile PT13B fan?

For my other build, I’m probably going to install the Intel Pro 1000 4 port NIC as well, so case that case looks like it wouldn’t work. Do you think a standard 90 degree PCIe riser will clear that fan?

Thanks!

Silverstone PT13B is the case, not the fan. The fan is the Silverstone NT07-115X, and as far as I can tell, was pretty much made specifically for this case.

Per the specs, it’s 23mm tall, so you might be able to figure out whether a riser would clear it from that.

Took a few size comparison photos of my DQ77KB boxes, as well as the DFI mini PC.

Stacked from top to bottom:

  • Silverstone PT13B - DQ77KB + Xeon E3-1260L
  • Akasa Galileo - DQ77KB + i5-3470T
  • DFI AMD mini PC

And one showing the 2.5" mount in the PT13B (with short SATA data cable and custom-made SATA power cable). When closed, the 2.5" drive actually fits in between the heatsink and the back of the case.

3 Likes

This picture is quite stunning!

No case needed.

@ZetaEpyon So which build are you sticking with for pfSense? I love that passive case but I don’t want to run the 1260L too hot. Does the 35W i5 provide adequate performance for pfSense?

I figure if the cpu is to hot for my config I can make a shroud and vent it with another fan… or taking cues from JDM’s no case build ust put a high rise cooler on it and cut out a hole in the top of the case hemi shaker style, it’s a blower right? That or maybe drop down to the i5-3470T. We’ll see.

@Gator I changed my recommendation to the i5-3470. Seems like a more appropriate processor for the job, it’s cheaper too. Plenty of performance for pfSense, even with VPNs and VLANs. You can always setup up to the E3-1260L if you need to.

@mikebrow I’m not sure what your config is, but you definitely don’t need much cooling for either one of them. Remeber the TDP rating is near max usage, active cooling on either one of those is almost overkill.

Yeah, like I said earlier, I was able to push 475Mbps through OpenVPN with the i5-3470T, so unless you’re expecting to need full gigabit VPN or something, it seems more than performant enough.

I also agree with JDM that cooling for either CPU doesn’t take much. I’m personally more comfortable with the active cooling on the 1260L than when I had that in the passive Akasa, but some of that is more concern for other motherboard components than the CPU itself. With even very modest active cooling, there’s no problem at all.

Thx guys. Two use cases for me, domestic and development. On the domestic config I live in the boonies. I have to pay double the cost for gig just to get 30mb. I need to off load plex and nas duties from my game pc (nk4). For dev it will be nice to have a bare metal rack with enough cores and ram to hold up an enterprise cloud (nsfw). And I’m into AI stuff as well (nsfw++). I’ll keep the heavy intra network lifting on unmanaged switches.

Hey guys, I’m new to all of this, so is this just basically a router replacement? And I would need to add wireless to it in one form or another.

I’ve just had buying my own modem and router on my list of things to do and I came across this topic.

Yup, it’s just a router! If you need more wired ports, you can add what we call a “dumb” switch, like these:

As for wifi, you’d just add a dedicated access point. Most of us here are fans of Ubiquiti APs, here are a few common examples:

Or, as an alternative, you can turn off DHCP on your wireless router that’s being replaced by pfSense, and turn it into an AP.

Edit: Also, if you need a dedicated modem…

You can also find a little more info here (pfSense hasn’t yet been added to this list):Network — Serverbuilds.net

5 Likes

is this just basically a router replacement?

“router” is a very broad term…

It would be more apt to call this an Enterprise Router… most routers can’t do the stuff this one can, and even the ones that come close to the same feature set usually bring your network to it’s knees trying to enable the features you asked for … like vpns, encryption, add blocking, and qos.

1 Like

True. And I probably won’t need 80% of it. But it’s basically the same price point for this as opposed to buying a higher end Netgear or whatever and this will blow that away, so why not? Does that make sense?

1 Like

Yes, it makes complete sense. Also, if you want to save a couple of bucks, get one of these boxes, like the 6630G…

Thanks for another excellent build guide. I now have the anniversary build and the pfsense build, perhaps I should just defer all future builds to JDM.

I purchased:

  • Intel DQ77KB - ebay $37
  • i5 3470T - ebay $29
  • 4gb RAM - ebay $6
  • 120w 19v DC PSU - ebay $23
  • 60gb msata - amazon $19
  • case Goodisory Tempered Glass - amazon $49

Total: $163 shipped

It occurs to me I’m missing a CPU cooler writing this. All things considered though that $150 price point is a nice sweet spot and I should be able to route my AT&T gigabit WAN connection without too much issue and stay around 10-15w most of the time. Nice!

2 Likes

That’s a lot of pressure, but I’m happy to help however I can! :slight_smile:

Also, the CPU cooler should be listed in the original guide, post #1.

added some photos to my OPNsense build above… the firewall is up, old router now configured as an AP. I still haven’t found the right case for it but have a temporary workaround in place. Maybe I’ll build my own test bench box.

I did want to make sure everyone building one of these got the warning about not updating your bios if you want to use the red nic.