4x 2.5GbE Intel J4125 Firewall that Finally Works with pfSense!

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hey guys this is patrick from sdh and today we're going to take a look at this thing right here and you may be saying hey patrick that's just a little tiny box and i see four ethernet checks why are you so excited about it and the reason is that these little ethernet jacks are actually two and a half gig intel ethernet jacks and inside of this little box we have the j4125 four core cpu this thing idles at like under 5 watts if you don't have any nicks connected to it it is a super low power device and you can now use it as a firewall so this overall is super exciting now if you watched any of our videos you know that i usually say this is and then it's usually a product name after and you'll notice that i specifically did not do that in this video and that's because well these things have a number of different names this particular one i got was actually i think a hundson h-u-n-s-n i don't know how to say it if you guys have any ideas that's a great use for comments down there but there are a ton of different vendors that sell basically this motherboard in either this case which you'll be basically be able to see here or in some of the b-roll or photos that we have but then also they have another version with a more elaborate i guess heat sink design and it's basically the same board inside but at the same time there's different vendors and you know it's it's it's just a total mess right like that's what these things just are but the road to this has actually been fraught with peril the fact of the matter is that for a long time this box was extraordinarily difficult to get working especially if you wanted to do something like have a bare metal pf sense install or something like that this was not basically working and so i think a lot of people were turned off by it also there were some previous versions that used the earlier steppings of the nyx which had some issues and this is the newer b3 stepping so that's i guess good so we're starting to see that i think these things are coming out more and more also personally we've been using this because i have not trusted this thing for a long time but we've been using this thing and basically checking out the difference between this and then the spectrum i guess integrated wi-fi and router and just to see you know do you actually get something better by going and putting pfsense on a little box like this or buying an appliance right versus doing something like getting the spectrum box for free or renting it you know at a relatively low monthly cost and the answer is yes and actually a lot better than i thought it was gonna be and we're gonna talk a little bit about that now first though let's go over the specs of this box because i'm sure that's basically what you guys are here for so first off on the front of this unit or back i don't know which side is which but we're just gonna say one of the sides of this unit what you're actually going to see is that we have a total of four rj45 jacks now these actually are using the intel i225 v mix and we also have some status lights and a 12 volt power input we'll get to that in a little bit but really the important thing here is really the mix there are going to be some versions of these with more nicks that are going to come out but i haven't i've ordered a couple of them still haven't gotten them so i don't i don't know what's going on but we have gotten a couple of these four port models and when you look inside you're actually gonna see that these nicks are the slnm nix and what that practically means is that these are b3 and they do show up in the os's b3 now i'm going to just take a quick second here and just show you guys something and this is specifically the pf sense 2.52 install so if you were like in say mid 20 20 or late 2021 this is probably what you would have installed if you did a bare metal pf sense install and what you can basically see here is that these knicks as you're installing pfsense actually are shown as like the pro 1000 which is kind of like an older nick um so they are detected and they actually did work which is the interesting part but you definitely saw some issues like for example you could go and ping out a lot of times if you had one of these nicks as your wan connection you'd be able to ping out no problem but you get like really weird dns issues where like dns just would not work and give you tons of errors and it turns out that well now with the pfsense 2.6.0 we actually get a new pf sense that is able to handle the i225vs and these things are actually showing up as intel i225vs and so we can actually use these nics so prior to that release this box was pretty darn hard especially if you were using pf sense now of course i'm talking about the community edition here and there are different versions uh and new paid versions of pfsense but i know we do have a lot of people that look at psense community edition and use that so i just we're going to use that as kind of our baseline here also you're going to notice that this does not have an out-of-band management port so you may be wondering like how the heck am i getting these views and what i'm using is a tiny pilot we actually have a review of the tiny pilot that you can see here on youtube or on the sth main site we'll link that in the description and that allows us to go and do remote management even though you don't have a baseboard management controller in this and frankly the baseboard management controller on a normal server uses about as much power as this entire system so i can totally see why you don't have one here now we are testing the tiny pilot v2s and we even have a poe version which is super exciting we're gonna probably do a piece on that in a little bit i know there are pi kvm folks but um there's some challenges with pi kvm right now in terms of hardware so we're gonna really focus on tiny pilot still if you do need remote management on this and you wanna remotely set up or you just want something connected to your firewall that you can actually go and if you just need the cli or something like that a tiny pilot i think is a good answer for that right now okay so let's go to the other side of the system and what you basically see is that we have our power button we have a little spot for a wi-fi antenna we have usb 3 ports we also have an hdmi port and so this is actually what we use most likely for the tiny pilot if you had something like elentronics spider or something like that for your kvm you might use the vga port or i guess if you had a data center crash car but why would you use something like this on a data center i would get something that's rack mounted not not like this but you know if you didn't want to you have a vga port i guess you can still use that and then basically you have the reset port and then you have another spot for a wi-fi antenna we don't have this unit configured with wi-fi just what it is and the reason for that is that although the spectrum you know thing has a wi-fi built in and it's a little router frankly it's not very good and we use external wi-fi aps instead of using this we'll talk about that again a little bit later when i talk about the impacts of this now inside the system what you're not going to see is the processor the processor in this is an intel atom class but it's the intel celeron j4125 which is a 4 core 4 thread atom class processor i think it has a 2 gigahertz base and like a 2.7 gigahertz turbo frequency it's part of gemini lake so if you want to look up you know more details on that processor that's something you can definitely go do roughly just roughly speaking i would say that the cpu performance actually and this can be a little bit better just any raw you know normal x86 compute performance could be a little bit better than something like the intel atom c3558 which would be something that you'd see in like a kind of more commercial firewall that you know i think um typically we would deploy in a data center or something like that but this on the other hand still has that four course it still is relatively modern in terms of an atom core and so you do get relatively good performance from it you don't get features like 10 gig ethernet in the you know seller online you also don't get things like quick assist technology and so there are things that you definitely don't get in this but for a pretty low cost box that's in the i don't know like usually you're going to spend maybe 250 to maybe 350 to set up one of these things i mean it's not really that bad that you don't get all those extra features right and you can't see the processor because the processor is basically on this side of the chassis and it's kind of affixed to the chassis so that way you can get good thermal transfer and thermal interface between the processor and the top of this i know there are going to be other versions that you're gonna see and a really good dead giveaway is just if you look at i guess this side over here you'll definitely be able to tell like hey this is the same box if you see this kind of port configuration you see that that's the same motherboard some people have more elaborate heat sinks but frankly this thing idles at such low power i mean we're talking like four and a half watts when you don't have nicks connected um you just frankly don't need crazy heatsinks because this is a metal chassis so in the system what you're going to see is that we get a single sodium and that's really ddr4 so it is a little bit more expensive than the older ddr3 class but on the other hand if you're buying a new system these days you know you can get ddr4 memory fairly inexpensively you're also going to see that we have an msata ssd in here and this is a 256 gigabyte msata ssd and if you're sitting there thinking like hey you have eight gigabytes of memory a 256 gig ssd like what the heck are you doing that's way too much totally is but i also wanted to be able to run linux on it and i wanted a little bit beefier of a system and so i spent a little bit more money uh actually setting that up you don't necessarily need that for something like pf sense i do like having eight gigabytes of memory you can totally get by with four and if you just have like a 32 gig ssd you're probably going to be fine with pf sense as well so you definitely don't need the 256 gig and eight gig configuration that i have here you can definitely get by with something that's less costly it probably saves you 50 bucks or so now if you really want to go and try to recreate something like you know the cable mode cable router and wi-fi box you can go put a wi-fi card in this but at the same time frankly you're probably not going to get anything that's useful or really good out of this so i would i personally really am a fan of getting external aps to really go and get you that kind of coverage that you really want but that really brings me to the big point of this thing right i mean that's the fact that this has two and a half gig ethernet you might say well you know patrick i don't i don't necessarily need two and a half gigs now like why is two and a half gig ethernet why you guys pushing that so hard on sth on the main site and the reason is that we're starting to see more devices that actually have two and a half gig ethernet ports and you know like here's a motorola mb8611 i think and this thing this yellow port up here is the actual you know port that goes from the modem to your router and that thing is actually a two and a half gig ethernet port we're also seeing two and half giga ethernet on a number of access points especially with wi-fi six and wi-fi six e and we will continue to see two and a half gig ethernet start to be adopted more widely when we get into future generations as well so it just so happens that we're starting to see a lot of the network gear that would even go into the small medium business or homes really use two and a half gig ethernet and we're also seeing that when we look at clients like a lot of pcs these days have two and a half gig ethernet built in whether it's real tech or intel you're definitely starting to see that this trend is really happening we're starting to see it on the nas side and so it just kind of feels like we're getting there one of the frankly slowest parts has been really the switches and i'm really hoping that we're going to start doing more on that rohit does have some two and a half gig switch reviews that he's already done but we also have a couple that are coming up on the sdh main site we're probably not going to do videos of those but just letting you know that those are coming but i want to talk about impact and how i even got this thing because i think that is totally cool so when i first moved to austin texas and that was just last year i got to the house i got the keys to the house but i didn't have all my stuff and my stuff wasn't going to come for another couple weeks and so i basically had a just giant house but i didn't have any i didn't have any network infrastructure i had nothing right and so you know i went and i said okay what's the fastest internet i can go get like literally the fastest i can get something that i can run internet in my house because i didn't want to run off of uh you know 5g or lte and so the fastest one i could get installed was just going down to the spectrum store picking up a spectrum kit and then getting everything installed so i could actually keep working and i probably could have just called up the netgate guys and said hey i moved to austin can i uh can i get a box but you know i know there were supply chain issues last year i didn't know if they could get me a box and it was also a weekend so i didn't think that they were working and so i also looked at amazon and that was going to take another day or two to get a firewall and so i said okay i'm just going to go down to spectrum and just see what they have to get me online because i just needed it and that is basically how i ended up with both the spectrum modem but then also they provided this unit which is the spectrum router plus wi-fi and on the back of this thing what you're actually gonna see is that we have a yellow two and a half gig ethernet port and then we also have a couple of one gigabit ports which is actually kind of nice that you get kind of like a multi-lan uh you know setup so you can actually go plug a couple things in there so this actually was kind of nice and it also has wi-fi built in so i was able to go and just use wi-fi although in a very small portion of the house i was able to use wi-fi all with one unit but then of course because you know this is me a couple days later i managed to go and get a actual firewall that was you know more useful also managed to get a couple wi-fi ap so i was able to start building out the network here and of course you know since then the network build out in this house is absolutely crazy like i think i have something like 1700 fibers between single mode and multi-mode fibers just to my office i mean i have hundreds of fibers so i can basically not have switches or have switches have devices i can 100 gig ethernet to you know a whole bunch of different devices in any room that i want to and this house has absolutely crazy networking and although the wan options have also expanded i did want to do a little experiment just kind of seeing what the difference was between using something that was like a pre-built kit from spectrum which is the cable provider here and then also i wanted to just kind of see if something like apf sense was any better and the answer was absolutely shocking because the answer was yes and yes by a long shot so since this is sth and we've been doing project tiny mini micro with all these one liter pcs i basically said okay well let me go set up like you know a dozen of these little one leader i think it started as like eight or ten but eventually it was like a dozen of these little pcs also i had extra nast units i was like i'll go throw up a nasty unit the previous owner left a ubiquity um solution in terms of the wi-fi which just was not good so i just replaced all that with bigger uh much bigger business aps and more of them but i still had all the gear so i was like okay well i'll just um i'm just going to use that as the wireless network for this this little setup as well and so overall i was basically able to go and create something that would be like you know a small business or a home if your home i guess you know you were like a couple that had maybe eight to ten children and once you have enough boxes well then it's relatively easy to go do things like collect metrics in terms of you know what the reliability of the connection is what you start to see in terms of ping times two different endpoints and so i was able to go and collect metrics over a period of a couple months i also had pfsense installed on a one gig version of this and then i also had uh you know this new two and a half gig version that i've been testing for a couple months since psense 2.6 came out and was able to actually like use this thing and so i just want to give a couple of thoughts in terms of the difference between using the you know spectrum provided wi-fi router and also just kind of using something that's more dedicated like this box so one of the things that i really wanted to surface quickly is just the fact that latency actually on this thing is way better and there are really two main parts of latency and i was actually totally surprised by this right but a lot of things that are in the like say 15 to 20 millisecond range when i'm kind of pinging uh locations that are in that like 15 to 20 millisecond uh latency range those things actually have gone down by about two milliseconds using the little pf sense box versus using this little spectrum box and so i thought that that was actually really interesting and i've actually gone and i've you know gotten onto the wi-fi network i've used this just to kind of go verify when i saw like things that were weird but also just to kind of just see you know what my experience was like and i definitely noticed the difference between the two the other thing i think is interesting here is that you know most likely if you have a pf sense installation you're going to use things like you know google or cloudflare or like one of those public dns services and when you do that and you're hitting the local dns cache it actually seems like it's much faster just browsing the web and stuff i mean it is noticeable when you're hitting the local cache or the dns on this thing versus when you're going out and using spectrum's dns servers so that was something that i didn't i kind of knew but i hadn't used a cable providers dns for a long time and so i just i didn't really i guess appreciate it until i actually tried using the network on the spectrum router now in terms of reliability that was also a big one that was very different between the two something that i noticed on the spectrum little router and wi-fi box is that i basically had to reset that thing like around and you know varied a little bit but it was like around every two weeks it would hit this like kind of i don't know exactly what was going on in the internals of this thing but something happened and it would just like cause like crazy sluggish performance like i couldn't get to anything i could literally pick up my phone jump on the 5g network and it would be like way better quality of service and so like you know at that point you're just like what the heck is going on it'd be way faster on my phone and you're just like why am i paying for something that is this bad but the thing that you don't necessarily know if you are using this little spectrum combo is whether it's the router itself it's the modem or if it's something upstream at the isp and so with pfsense you actually have a lot more tooling because you have the ability to do things like you do trace routes you do pings you do ns lookups you can do all those kind of things that you can do with pf sense that you can't necessarily do with the spectrum box spectrum does have a little app that you can use and it kind of works i guess but at the same time you they're not very good at telling you like hey we're having a lot of issues in our network and so you know this is nice to have that kind of telemetry data coming out of pf sense and to me one of the biggest benefits of these pf sense uh boxes is just the fact that they are crazy stable and you should definitely by the way i'm saying this but you should definitely never ever ever ever do this but we did find recently a pf sense box that i think had something like 1425 days of uptime or something like that you should never do that because that is like you should be patching your firewall of course you should be doing that but i just kind of was like yeah that's how long these things can potentially go without rebooting versus the spectrum box which lasts like two weeks before it basically like seized up and would have to get reset and while you know you could definitely go and push one gig speeds actually we could when we were just kind of setting up just simple iperf 3 testing we could get actually over 2 gigabits per second on this little box which was kind of nice to see when you start doing things like you have open vpn or if you have ipsec you're probably going to be limited more to a couple hundred megabytes per second rather than running at like 2.5 gigabits per second or something like that so i think that in terms of performance that is definitely something to keep in mind but on the other hand i think that there's more than just that performance story in terms of the overall throughput of the box latency and stability there's also just the fact that tooling is a lot better on something like pfsense than it is on a cable provider or isp buck and the reason for that is that you have so many more options like if you want to go set up things like pixie boot servers it's a heck of a lot easier to go do that on a pf sense box than it is to go and do on your kind of isp provided box also just seeing things like how many and which types of boxes are connected to your network if you happen to have a network at your home that may have hundreds of devices on it it is kind of nice to be able to go and see like hey here are all the devices that are on my network or vms or whatever right and that is something that you can see very easily with pfsense and the dhcp server so i really like that feature as well and then hey let's just talk about site-to-site vpns how are you going to set up the site-to-site vpn on this now a lot of people don't necessarily need a site-to-site vpn but it is nice to be able to go and say hey i just want all of my traffic to be encrypted or i want to go access something remotely in a data center or something like that you know of course sdh we do all the server reviews so i think we have a lot of folks that do need that site-to-site vpn functionality and frankly something like this is not what you're going to want now there is pf sense and i've used pfsense a lot and so that's why i'm really kind of talking about that but there's also opn sense you could use like microtex router os um you could use you know just a number of different packages that are out there both paid and also open source but at the same time you know usually with those you get way better tooling and the ability to do some things that are just you know you just frankly want these days that you can't do on a relatively locked box like this and again if you are setting up a network these days having something that has two and a half gig ethernet to go match a modem two and a half gig ethernet i think is actually kind of valuable and something that i would definitely say hey it's worth looking at oh and i mean it's pf sense you also have like a cool firewall and all that kind of stuff uh that you don't necessarily get on your spectrum box as well but on the other hand i totally get why people buy the non-boxes that are like this and let's kind of get into that real quick so why would anybody use the isp box versus something that is just way way better and i think the reason that people would use the isp box is frankly because it's kind of less expensive in a way right it's way easier to set up like pf sense like you have to go and you actually have to go install the thing you could get i think on a lot of these boxes some vendors actually allow you to or will send these things with pf pfsense but it's kind of shady and i don't really like having somebody else go install an open source package for me because you just kind of like never know like what's happening in that image right but on the flip side the isp box i think actually does make sense and like i know we say that these things are you know they're not they don't perform well they don't have the features and all that kind of stuff that we want but for a lot of people what they really want in terms of features is like you plug in power you plug in the ethernet cables or maybe one ethernet cable just to the modem and basically you're off and running you have wi-fi and everything's all set up so there's definitely a different level of complexity and i think that's that's what this kind of spectrum box is really doing and again this thing was like 350 dollars you can save some money and probably get something for you know and i'm guessing as it gets more competitive probably down in the like kind of mid-200s or something like that for a box but at the same time i mean you know that's a lot of money for a lot of folks to be able to go and spend on an initial purchase and by the way you don't even get wi-fi with this right you also have to go have an external wi-fi solution which will be better but on the other hand you know that's extra cost again so i don't necessarily want to go rag on the isp boxes because i also think that i understand the point of the boxes i understand the target market for the boxes but if you watch sth on youtube there's a darn good chance that you work a lot with servers or you know you have home networking gear and stuff like that and if that's the case then i do think that getting a different kind of firewall solution is definitely the right option so overall i've actually been really happy with this unit we haven't really seen any stability issues that i was kind of worried about with the i225vs but you know in this version the b3 version it seems like they are working and that's not an issue you know pfsense is just usually pretty stable for us so it's kind of like what i would expect we get all the features that i would want i do think that probably i would have preferred to have a netgate 6100 box but on the other hand this thing is like less than half the cost so um you know that's also kind of nice and just like with the isp box not everybody can of course go spend that extra couple hundred dollars to get the netgate box and so i kind of understand why you know these things are very popular i think if you are building a network in 2022 getting things like this two and a half gig ethernet i think is absolutely awesome and it is totally worthwhile now that i guess we're now in the third revision of the intel mix which is kind of scary in itself but one thing i do want to note is the fact that the intel i225 is not as well supported as the intel i210 there are driver things and all that kind of stuff which is why this really kind of became useful a couple of months ago a couple weeks ago rather than being useful like last year so i think that this 2022 era may belong to boxes like this so guys i hope that you really enjoyed this look at this little hunson or topton or whatever kind of brand you want to call or whoever rebrands these things box i think that this little firewall box is completely awesome i don't think i would buy this as a desktop but on the other hand i think as a network device this is actually pretty darn cool and speaking of cool stuff i'm just gonna plug the fact that this week we're gonna have things like how you can get your hands on a 3080 ti so definitely check that out i think we're gonna launch that tomorrow we're also gonna have things like a new processor launch that i am crazy excited for and get to show you numbers on super high-end processor that i think is just going to blow people's minds and then we have nvidia gtc this week so there is a ton going on at sdh and i'm just going to plug that you should definitely check out the main site regularly this week because we're going to have just absolutely crazy content that i've been working on for the last couple weeks and hey if you like this video why don't you give it a like click subscribe turn on notifications so you can see whenever we come out with great new videos as always thanks for watching and have an awesome day
Info
Channel: ServeTheHome
Views: 148,598
Rating: undefined out of 5
Keywords: pfsense, opnsense, 2.5gbe, 2.5g, intel i225, intel i225-v, 2.5gb router, 2.5gb firewall, 2.5gbe firewall, 2.5gbe router, pfsense i225, pfsense 2.5gbe, pfsense build, i225 firewall, intel, intel j4125, quad nic, mini pc, mini pc firewall, mini pc pfsense, pfsense firewall, pfsense setup, fanless pfsense, spectrum, spectrum router, spectrum router vs pfsense
Id: wUcDg_ms0is
Channel Id: undefined
Length: 24min 3sec (1443 seconds)
Published: Sat Mar 19 2022
Related Videos
Physical or Virtual? A Silent 4x 2.5GbE Proxmox VE pfSense and OPNsense Box
ServeTheHome
167K
The Pinnacle of Mini PC Servers
ServeTheHome
264K
Shocking New 10GbE and 2.5GbE Firewall and Virtualization Hosts
ServeTheHome
162K
THIS 25GbE Server and Firewall Has it All
ServeTheHome
100K
Fast networking is cheaper than you think.
Hardware Haven
305K
The EVERYTHING $300 Fanless Home Server
ServeTheHome
319K
Firewall Comparison, Which Ones We Use and Why We Use Them: Untangle / pfsense / Ubiquiti
Lawrence Systems
601K
HUGE UPGRADE! New Firewall Router Virtualization Host
ServeTheHome
169K
PFSense vs UniFi Dream Machine - Whats the BEST ROUTER
SpaceRex
21K
Thin Client w/ NIC for VMs and Firewalls HP T740
ServeTheHome
162K
DO NOT design your network like this!! // FREE CCNA // EP 6
NetworkChuck
3M
Ultimate CHEAP 2.5GbE Switch Guide
ServeTheHome
167K
NSA Backdoor in Windows? This and more from the guy who created Windows Task Manager!
David Bombal
440K
Is The GoWin R86S Pro i3-N305 With 25G Network Connections an Amazing Homelab Server or Router?
Lawrence Systems
49K
Virtualizing PFSense With The Seeed Studio Odyssey
Hardware Haven
77K
Cheap AliExpress 1U Server with 10GbE ports - Ideal for PFSense! - BKHD Intel Atom C3558
Cameron Gray
209K
Fastest Cheap 4x 2.5GbE Intel Atom N6005 Firewall for pfSense OPNsense and Proxmox
ServeTheHome
67K
Best EVER Fanless Mini PCs for Virtualization and Firewalls?
ServeTheHome
171K
Why do these exist?
JayzTwoCents
155K
Upgrade Your Router with This Affordable and Power-Efficient pfSense Topton 12th Gen Firewall
Helping Ninja
8.4K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.