This post is a project in progress, as such the build isn’t complete, the final build pictures will be posted when this article is finished (expected finish date is around June / July) as I’m only putting aside £100 or so per month on this project
Another project I’m starting on, since migrating my internet to Youfibre. Is building a custom 1u router, powered by pfSense.
Desired specifications on my 1U Pfsense Router
- 10 Gig network cards (quad port ideally), both RJ45 and SFP for flexibility
- Modern multicore CPU that supports AES-NI for encyrption and VPN (ideally 4 cores or more)
- Approx 16GB RAM
- NVME Hard Disk (for speed and lower power)
- 1U Chassis with Flex PSU (250mm deep max)
Build budget for my pfsense router
I’m aiming for a target of around £350 for building my Pfsense router, whilst this is overkill and doesn’t need to be this much I can reuse the equipment for another build should I decide to change this around or go for lesser spec equipment
Build log for my 1U Pfsense router
Entry #1 Pfsense build
As this project has only just started, there’s not mainly much to report as it was just in progress this month. Currently I have purchased two network cards on eBay which I think should work. I read about recommended network cards on the servethehome blog post, and network cards seem to be a bit of a pain unless you’re getting genuine Intel ones or recommended network cards for pfsense builds. I did a search on eBay and managed to find a Quad Port RJ45 Chelsio T540-BT which is 4 x 10GB ports that can be used for a NIC for a cheapish prices of around £40. The only thing I’m unsure about is most cards seem to be branded by manfuacturers like Dell or HP. Not sure if this is an issue, I’ll find out.
Whilst I’m not expecting line rate speeds to be achieved, I also don’t want to hit bottlenecks, so just want to minimise it. I also added extra ports for flexibility. I also luckily (whilst searching the above card), managed to blag a Quad Port SFP Chelsio-T540-CR fibre card, which is the Fibre version of the above card I purchased (for around £60). As a bonus it also came fitted with 4 transceiver modules to save me probably another £20 or so.
That’s the network side of things sorted, next months purchase will probably be either the case. Or the hardware components perhaps a motherboard, then CPU/RAM in the month after. As I need to save pennies first.
The biggest problem I’m going to encounter I think in my DIY pfsense build is the chassis size. Due to me having two network cards, I need to have a motherboard that supports dual PCI-express slots. The problem is the cases I’m looking at (250mm deep), are generally recommended for Mini-ITX motherboards, and for dual PCI slots, you normally need a Micro ATX motherboard (244mm x 244mm). Now, in “theory” a board should fit, although I’m probably going to have to do some magic to my pfsense build. I’m thinking about buying a black case, and then drilling and cutting all the holes myself.
As a quick side note, I know I can go deeper for MicroATX chassis, however I’m trying to get this to fit inside my Electronics workbench rack portion and it’s only about 12″ deep, so 250mm is probably my max
Power for the pfsense server build won’t be an issue, I’ll just use a flex PSU for that in my build which will supply all the power I need. The next big step after this would be cooling the server. I think I’m going to be really limited on space if I manage to honk in a MicroATX board, so may have to custom 3D print a shroud I can whack over the heatsink, or direct CPU), and get some fans to cooling the 1u router build.
Entry #2 Pfsense build
I extended the build further this month, I was looking around eBay every now and then for the off chance something cropped my eye. Whilst I was browsing, I came across a Gigabyte Gaming 5, MicroATX motherboard which came with an Intel i5-4690k processor, and 16GB of DDR3 RAM. Whilst it looks nice, it’s also more modern than my existing computer. It had a built in NVME M.2 slot on the motherboard, and 3 x PCI-e 16x slots. When populated on two slots they run in 8x mode (which is great because the network cards are x8). Great. I decided to purchase it, cost me £100. I didn’t want to go overboard on the hard disk, but wanted something to support the M.2 slot. So purchased a P320 Intel NVME drive. Perfect. It is 256gb in size, and fast enough for my requirements. The M2 NVME cost me £15 for my pfSense router.
The next months steps will be buying a 1U rackmount case (250mm deep) and a flex PSU for the rack equipment. Rather than a pre-made one (which is designed for wrong size ATX board). I’m going to buy a blank chassis, then cut slots, and drill holes to my own specification. After this, I’m going to 3D print a shroud of some sort (or maybe a copper heatsink), then attach it to the board and improve the cooling for the case.
Once this is done, it’s a case of drilling holes necessary for the airflow and go from there.
What problems building the pfSense router
The main problem is space, a 250mm deep is the maximum I could get for a rack case. I can actually go deeper, but I want the router in a specific location in my workbench. I didn’t want to use a PicoATX motherboard, because it lacks M.2 and PCI-express ports due to space constraints.
MicroATX motherboards “can” fit a 250mm deep case, but there’s very little wiggle room around 5mm. So I plan on purchasing my own case and modifying it to my own design to suit.
I’m also not sure about the gap between the base of the case, and the motherboard itslef, even with low profile stand offs the room is going to be limited I think. I may have to switch to a 1.5u case design, one of the benefits with this is the extra spac,e and I have room to put in two full profile height PCI-e cards if I want to install them at the rear I/O. I’d much rather have a 1u case though, I may have to come up with some magic to fit everything inside the case. I’m now more interested in this as a challenge aswell. I’ll buy the 1U first, and if needed I’ll buy the 1.5U then just keep the 1U for something else
Cooling the pfSense router
Cooling is obviously going to be a big problem for my custom built pfSense router build. There’s a few reasons for this.
- Space inside the case is tight
- Minimal room for cooling
- Rear of case is tight
- High ouput from heat internally from devices like NIC, CPU and RAM
As a base build, I’m looking at fitting maybe a low profile CPU cooler inside the case. In order to test the build I’m planning on running Prime95 stress test seperately on the build itself once it’s built up. This will be a good way to stress the equipment and see what kind of temps I will hit and see if anything is worrying me.
I am planning on building a PWM Fan Controller and fitting a few 40mm fans inside the case. May aswell make use of any space that can be used for cooling, as cooling it is more of a problem than exhausting the heat for me.
Power saving on DIY pfSense router
One of the things I’ve considered will considered when building the router is power saving functionality. The CPU supports AES-NI, so I’ll turn this on, but I’m going to look at turning on any little feature that needs it, and disabling anything I can to save power. Onboard audio, don’t need that. Anything which isn’t functional to the build can be turned off to me. I’ll be documenting each change I do and recording the results so that people can see real world figures over the base line build.
Whilst I can afford it, with the current price of utilities I want this machine to use as little power as possible. I’ll do testing with a Killawatt style power monitor (or metered PDU) so that I can see real time draw statistics. I’m not sure if there’s anyway to load test a pfSense server so I’ll have to look this up too
Off hand, I’m consdering removing a RAM module, my motherboard has two sticks and each one is 8gb. This is more than enough for a pfSense router build. I can easily whack in more if needed. I considered changing to Low voltage ram. I have my eyes on some sticks at the minute as due to the space I have available I want to maximise the airflow internally too.
I’d like a passively cooled build, but I think reasonably this won’t happen. I’m going to look at fitting a Flex PSU to the build maybe a higher quality one (with lower wattage) so it’s running an optimum efficiency if 80+ specification. Not sure how mcuh power supply fans add onto the build, but I’ll look at these two. I want the build to be as silent as possible.
The overall goal for the pfSense router
I want more control over my home network and technology that I can use to explore IT knowledge. The problem with ISP equipment is that it works, or is severely limited and hinders the equipment, I don’t want any hindrane on my network setup and also plan on receiving a Cat6a or Cat7 certified network cable, that is guaranteed 10Gbe so I can run it between the ONT and my new pfsense router build when the build is finished.
Plus it’s fun
I’m well aware the specs for this build are completely overkill and would never get used. Overall I’m not really bothered, just wanted something custom built as it’s been a while since I had chances to build up a PC.
I’m going to use a certified 10Gb network cable so that I know it’s guaranteed to perform. This is going to run straight from the ONT, the RJ45 output port so that it becomes the WAN input on the pfSense DIY router. I plan on using PCI risers with the WAN card at the rear, then using the SFP card as an uplink port to my 10Gb switch that I’m going to be fitting to. I’d love to get line rate speeds on my router, but I’ll see what possible options I can do with the configuration.
I’ll still need to buy myself a Wifi router until I can get my Wifi6/7 access points to provider WiFI networking, but primarily the design is for me to play about with home networks and learn.
Final build pictures for 1u pfSense DIY router
Pictures will be added after the final build is complete
