Hello Eric and List, it is not so easy to hit the target really direct, but I'll try it out.
> -----Original Message----- > From: [email protected] [mailto:soekris-tech- > [email protected]] On Behalf Of Eric Malkowski > Sent: Friday, May 18, 2012 3:02 PM > To: [email protected] > Subject: [!! SPAM] [Soekris] Extra enet and redundant disk choice for a net6501 running > a linux distro If you are planning to buy the net6501 in the 19" rack mount case, please chose the dual 2,5" SSD RAID-1 variant. You have enough space and no heating problems, the mSATA solution I´ll prefer if you are choosing the net6501 standard case. At this day´s there are many NAS solutions for each kind of pricing out on the market, sorted with one or two GB LAN Port, so you can easily store all kind of logfiles for a long time. If it is too expensive or you have not enough space, or whatever else, than the best choice in my opinion is, that the net6501 do the Firewall job with two 2,5" SSD´s in raid-1 mode and the net5501 can be the ,syslog server, wlan ap, snort machine and whatever you want and fits your needs, with a spinning HDD. The "hard" read write cycles will only attach the spinning hdd. As an example: net5501 CF Card with the OS, mini PCI WLAN card, 3,5" spinning HDD with pfsense, monowall, zeroshell, ipcop, ipfire. By splitting the jobs to different machines it will speeds up the entire network perhaps also a little bit more. > I searched the mailing list and didn't find much so I'm posting what I plan to buy to > build up a 6501 to replace a 5501 that has done great service for several years. > Here goes: > I need 6 network interfaces, only 2 of them need to be gigabit. Please go to <http://soekris.com/> and have a look at the left side and read the entry of the "May 18, 2012" about the PCIe quad LAN cards called Soekris lan1841 and lan1844, perhaps that is also interesting for you and you will / can wait until these cards are released. I mean than you are able to set up 12 GB lan ports with your machine. In the past the chipsets from Realtek were doing heavy load to the cpu and the intel ones were taking it away from the cpu, so perhaps better to use the internal ports from the net6501. I don´t really know if this is at today's time even also but don´t forget this is an Intel Atom based board!!! Quick and dirty I would prefer the internal Intel lan ports from the net6501. > I'd like to run a full Redhat / Fedora / CentOS based distro No major storage needed -- > it will be primarily firewall, router, and VPN. Two internet connections and 4 internal > networks. > net6501-70 in the 19" rackmount case SKU 10650174 > Startech ST1000SPEXDP Dual port Gigabit PCI Express card The card is of cost around 120 Euro + transportation fee. And perhaps it is a bottleneck. My tip for you, connect the internet WAN lines to two of the net6501 ports and buy for the other two ports two small switches (Smart switches), they are OS independent and offering you vlan option, they are cheaper, offering more ports and if you will change the firewall in 2020 or whenever once time again or settle to another art of device, you can still use the switches. So your new firewall device will benefit from the (Only in my opinion) better Intel chipset inside the net6501 and you have many more options, to set up more than 4 separated networks with more ports, by using the vlan option of the switches. A quick overview at <http://support.netgear.com/app/products/list/p3/796> Netgear GS105E = 5 GB LAN Ports - VLAN option, passive cooled, desktop switch - 25 - 35 Euro for your DMZ Netgear GS108E = 8 GB LAN Ports - VLAN option, passive cooled, desktop switch - 30 - 40 Euro for your LAN If you need more ports or playing around with other things of your interest for the future, there are many other switches from this family out. The only "pain" you need a windows based pc for running the configuration utility. > The extra enet card uses Realtek 8111C chips and will be internet connections < 50 > Mbps so no worries on load there. Only 2 interfaces out of the 6 will see any > significant traffic beyond 100 Mbps. I have no idea if this card meets the "low power" > requirements to be using the the 6501. If it doesn't can anyone recommend a dual port > enet card PCI express that will work -- can be as low as 100 Mbps per port. As I wrote in the lines above, have a look at the soekris homepage (not the European one) and decide yourself, if you can wait or not. > For storage I was thinking of just getting two of the Transcend 32GB MLC mSATA SSD > mini-pci express cards Soekris sells. Set it up with software RAID-1. Am I crazy to dothis? No, not in my opinion, but I´ll prefer the mSATA solution in the standard case and the 2,5" SSD solution in the 19" case. That frees internal the mini pcie ports and gives you more abilities to add one or more cards in the future if needed. > That should be it. Hopefully any answers will help others trying to choose storage and > expansion enet interfaces for the 6501. > Oh -- in case you are wondering, the 5501 has a CF card with Fedora 8 install where I > change the mount options for noatime and set it up so the /var/log structure is > replicated in a ramdisk at boot time. It's resulted in very few writes to the CF card over > years of uptime (easy to tell by watching IRQ counts in /proc/interrupts for the IDE). > This has worked well, but I would rather have a "full up" distro install with > RAID-1 for whatever the storage is. It's not serving files in any way > -- primarily a router / firewall but I don't want a single disk failure (whether SSD or 2.5" > drive) to make the box not function -- a reboot is acceptable if a drive fails and it > comes back up on one drive with the other kicked out. What is with sata server disk for 24/7/365 ? They are expensive! So why not 2 cheap 2,5 SSD´s and if one is dead it harms you not so hard. I would give the net5501 a second chance as a syslog storage and as you told above the old machine haven´t had much write cycles. In shorter words, you buy a new net6501 and then wasting the ram by running a ram disk and do harming the cpu by periodical copy jobs for the logs and a realtek chipset that is probably perhaps not taking the load off from the cpu, but your net5501 still stands dead in the corner? ------------------------------------ Kind regards Frank _______________________________________________ Soekris-tech mailing list [email protected] http://lists.soekris.com/mailman/listinfo/soekris-tech
