Quiet & Ultra Low Power Router/Firewall/Server on Debian

[shosurosakura]

I have been spending quite a bit of time researching hardware intending to create a swiss-army knife style box in the household.

I am seeking opinions and any real world knowledge that may assist in the endeavor given the following specifications to the project:

• -Low Power Consumption is Key - Always On
  -Quiet Operation - 24/7 Drone is not acceptable
  -Gigabit Ethernet Capable
  -WiFi Chipset for A/B/G/Draft-N
  -3 SATA ports minimum
  -Linux Compatible - Specifically Debian or Variant (EG: Ubuntu)
  -Cost - It needs to be reasonable, defined as less than $500
  -Light Web Serving / Database (I made our family cookbook into a database driven web app)

Currently favored hardware includes:

Processor: E5200
Research has shown this or the E7200 to be the lowest in power consumption with their Wolfdale cores.

The Atom is also intriguing except that in several real world tests the E5200 drew less power overall because it completes the work faster negating the impact of the extra power it drew compared to the Atom.

Motherboard: Intel DQ45CB or Intel DG45FC
DQ45CB is what I would use if I used a PCI-E to Mini PCIE converter board to put an intel proset wifi card inside the box.

The board I had come to prefer due to size and the availability of research information regarding power consumption was the DG45FC (based on reviews online including here on Silent PC Review). The problem with this board for me is that it only has one expansion slot: thus I'd have to find a USB solution to the Wifi or to the second Gigabit NIC.

WiFi Card: Intel Wifi Link 5100
The main reason for choosing this card was the fact that it is the only chip I found completely compatible with Linux with no caveats. I'd have to use a PCIE to Mini PCI adapter such as the one found at hwtools.com.

If there are other options available, EG: USB 2.0 attached wifi cards that are solid enough to function and broadcast for a WiFi access point I am open to that so long as it is KNOWN to work under the Debian distribution of Linux.

Hard Disks: Western Digital Laptop Drives (non SSD)
Currently favoring a dual disk set up of Western Digital Laptop drives. They are quieter and tend to draw 1/3 the power of normal 3.5" drives.

NIC: Linux Compatible - Intel?
Any Intel NIC would work, I have also used Netgear NICs in the past and they usually work under Linux.

Case: Thermaltake Lanbox Lite
Okay, I admit, I will probably have to dampen a bit, but the case looks snazzy. I have not found any of the cases reviewed to be aesthetically pleasing.

Power: PicoPSU 150
I am still wrapping my brain around a post I was following and commenting in on another forum here: I am not a hardware modder by any means and I am not sure if I am totally comfortable with "modifying" a Delta brick to increase wattage past the 102W offered in most bricks if my maximum wattage goes past 102W.

In my travels, I have also run across "interesting" items such as:

MSI Industrial IM-945GC

I tried to be as complete in detail for desired function as possible.

Target goal for power consumption is 13 W idle or less, 60-75 W under load.

I am open to any and all suggestions and solutions as long as they fit within the specifications mentioned at the start of the post.

[jessekopelman]

The Atom is also intriguing except that in several real world tests the E5200 drew less power overall because it completes the work faster negating the impact of the extra power it drew compared to the Atom.

The problem with this line of reasoning is that you want the system to be always on, so unless this is an incredibly busy system, the lower consumption of the Atom solution will trump the better performance/W of the E5200. The only thing that will really trump Atom for always on is MoDT using socket P and a good chipset (as seen in the new Mac Mini) -- sadly this is a very rare and expensive beast!

Target goal for power consumption is 13 W idle

Unless you are talking DC draw, this is not achievable with the CPU/motherboard combinations you listed. The only way I know of to get 13W-AC on a DIY system is to use a 945GSE Atom board. Unfortunately, all the common examples of this only come with 2 SATA ports. If you are dead set on the 3rd SATA, you may be able to find some special industrial board -- be prepared to pay, though! Probably much cheaper to just eat the costs of a system that uses 10W more at idle. ~25W-AC at idle is a realistic and achievable goal.

[shosurosakura]

As far as MoTD is concerned, I found the Gigabyte GA-6KIEH-RH to be most interesting thus far and Gigabyte has a decent reputation.

I have two concerns on this board.

First, other than the Merom processor I could purchase with the system, a processor would cost a large sum (more than the actual motherboard).

Second, it uses the SiS raid driver which I seem to remember other posters here mentioning as an issue under Linux.

I am attempting to replace several items: a shared hard drive where we back up data, a Linksys WRT54G router that is dying, and add back an internal web server to replace one we lost several years back.

My power consumption benchmark, as you astutely pointed out, is the Mac Mini.

The only reason I am not using a MacMini is that I want two internal drives and would like internally contained network ports as opposed to a dongle hanging off the back of the machine.

Other than LogicSupply.com, what other sites are good for finding custom ITX boards so that I can see a range and find out what other options might be available in the MoTD configuration?

[ascl]

Rather than get a WiFi card, you might look at using an old WiFi router as a wireless bridge (assuming you have one lying around or can get one super cheap).

Maybe stick dd-wrt on that linksys?

[ascl]

EDIT: Errr... forum error-ed on submission. Sorry for double post.

[shosurosakura]

The Linksys is one of the few models that cannot support DD-WRT or Tomato (the two firmwares a friend of mine referred me to).

I have one of the "Stripped Down" WRT-54G's that have issues due to low onboard memory and a slow embedded processor.

My thought in all this was, since I need to replace the file server / backup drive / etc I may as well tie it all to a router as well and not add to the power vampires that destroy my energy bill.

I had looked at wireless bridges but they all seem ... expensive and meant for commercial use.

[jessekopelman]

a processor would cost a large sum

MoDT is not for those who place a priority on price. Like I said, it is more cost efficient to have a system that idles 10W higher than to build one that can hit your ~13W benchmark. You can have your cake and eat it too if money is no option. Otherwise, you need to either compromise on features or power consumption. As I mentioned, if you could live with 2X SATA, an Atom 945GSE board will give you the power consumption you are after and let you hit your $500 price target.

[shosurosakura]

Compromise is something I have been trying to figure out on this box as I am very aware that I am asking for my cake, eating it, and asking for seconds to boot.

The reason for 3 SATA ports is to have a SATA Optical Drive for monthly burned backups and the other two dedicated to hard disks which are simply mirrors of each other.

I need a minimum of two Gigabit ports because, even if I opt to put in a switch at a later date, I need an input and an output for the router part of the box.

The WiFi is for our portables so that we can continue to be free of cabling as we are now until the Linksys completely fails.

One of my primary concerns in all this is also the Linux compatibility.

The last time I set up a Linux router it took about 6 months and multiple hardware swaps to get it working correctly.

Granted, this was back in the late 90s, but I don't have the kind of time to devote to sheer hardware hacking now that I'm not a single college age person.

I am open to suggestions on Atom boards...I am not wholly sold on any of the boards on LogicSupply.com, one thing I see missing is Mini PCIe to add the wifi cards that I know work with Linux.

If you have other vendors (capable of shipping to the US), I am willing to entertain recommendations based on the specifications listed out in my original posting as well as any modifications you see as being possible given the abbreviated needs as this discussion continues.

Thanks for the input thus far, it is helping me coalesce a better plan of action on where I could/should compromise.

[ascl]

My point was actually that many WiFi routers support wireless bridging. Its not a cheap alternative if you have to buy an expensive commercial bridge!

I can't tell you if the linksys can or not.

Also, most revisions of the wrt54g can now be dd-wrt'd, only one remains impossible:
http://www.dd-wrt.com/dd-wrtv3/dd-wrt/hardware.html

Anyway, it doesn't give you the all in one box you'd prefer, so it might not be a good solution for you.

I ran a linux router/file server etc for years (a long time ago now)... but I just used an old PC I had lying around and stuck it in a closet. Probably not ideal from a power point of view, but it worked fine!

You are doing it the right way. Linux compatibility can be a bitch. Older hardware is usually better covered. Maybe you should just pick up a 2nd hand PC? (doesn't meet your low power desire however).

[jessekopelman]

My point was actually that many WiFi routers support wireless bridging.

This has become a common feature over the last couple of years, but before that it was very rare. I was very surprised, recently, when I went through all my spare routers (wired and wireless) looking to set one up as bridge for a temporary use and found that none of them could. They were all >3 years old and I think that was the problem. I was very surprised, given that every router with an integrated switch should support bridged mode; but apparently vendors, especially in the past, tended to disagree with me and the IEEE 802.3 specifications.

[ascl]

My rev 1.0 WRT54G (which has to be 6 or 7 years old now) supports it... but its running DD-WRT so thats not quite fair!

My DLink DIR-655 which is 1 or 2 years old doesn't (I think) support it.

So yeah, its a crap shoot basically. In the future I will only buy DD-WRT compatible routers I think.

Lastly, wireless bridging is not true transparent bridging, which can cause some problems in some situations.

[jessekopelman]

Compromise is something I have been trying to figure out on this box as I am very aware that I am asking for my cake, eating it, and asking for seconds to boot.

If you can't compromise on features, then you have to compromise on price or power consumption. If the motherboard you wanted were available at a reasonable price, people would be talking about it on these forums. The build your own server/router topic comes up at least every two weeks. There are such motherboards, but but they are either very expensive, require expensive CPU, or both.

[shosurosakura]

I found a good price on a processor for the Gigabyte board I had linked above.

Has anyone reading had any dealings with starmicro?

I found them through pricewatch.com and they had a decent rating there.

[petecool]

You'd be surprised how cheap Socket P mobile CPU's are on ebay.

This one http://cgi.ebay.ca/NEW-Intel-Core-2-Duo ... 286.c0.m14 should be more than enough for what you want to do and should work on the Gigabyte Mini-ITX motherboard linked above.

(Edit: changed link)

[psiu]

Security wise, your server should be a separate box than the gateway device. I suppose virtualization could work here...or a further question, will the cookbook be accessible to the outside world? If not, that would probably be okay.
Also, you could easily just use the existing router solely as a wireless AP. This is what I do at home--use a machine running pfsense as router/firewall/gateway and then use a Dlink and Moto routers as WAPs.

[shosurosakura]

The server will not be open to the outside world and will be allowed to answer internal ip and mac addresses only.

It would be nice to have a separate file server but even then if the gateway is cracked it would not be hard to crack the server.

I suppose I could make an internal subnet with routing within the network not able to accept inbound from the outer world interface but again if they crack the gateway it would not matter.

I would love to know what other advantages there are to splitting server from gateway and router other than one spare password and performance gains.

This is a for home use box.

[psiu]

Well, generally you would be looking at the server being the one that gets exploited...if it's not accessible to the outside, I think you'll be fine.

[stevea]

I'm looking to build a similar server,. I think the Intel DG45ID looks superior to the DG45FC for any purpose I can think of (including price). My server needs are greater so I can't consider the Atom. E7400 or E8200 perhaps.

Someone claims the Atom can be made into such a low idle power, but I think this is wrong. For example ...
http://www.silentpcreview.com/article865-page5.html
http://www.silentpcreview.com/article952-page5.html
So these idle at 22-27 watts, not close to 13W.

There are a number of power tests w/ various 65WTPD, 45nm core2 duos on uATX boards idling around 35W and peaking around 70W.

I wouldn't worry at all about running router/firewall functions and server functions on the same system. OTOH I would be concerned about running a web service on a system with critical data. Securing Apache or othe web server is an advanced topic.

[arckuk]

stevea:
The Atom is a CPU with a very low power consumption, but on mITX boards it is usually paired with the standard 945 chipset, which is a relative power hog. Hence the ~25W idle figures routinely seen.

The 13W figures you have seen are will be for the Intel D945GSEJT board, which uses the mobile version of the 945 chipset, which uses much less power. I have one of these boards, and I've measured it idling at around 16W with a 3.5 inch HDD. With a 2.5 HDD, you may just get down as far as 13W.

[K.Murx]

WiFi Card: Intel Wifi Link 5100
The main reason for choosing this card was the fact that it is the only chip I found completely compatible with Linux with no caveats.

If there are other options available, EG: USB 2.0 attached wifi cards that are solid enough to function and broadcast for a WiFi access point I am open to that so long as it is KNOWN to work under the Debian distribution of Linux.

Help yourself
http://linux-wless.passys.nl/
http://wiki.debian.org/WiFi#PCIDevices

NIC: Linux Compatible - Intel?
Any Intel NIC would work, I have also used Netgear NICs in the past and they usually work under Linux.

Never had any problems with any wired NIC and Linux in recent decades.
Concerning:

I need a minimum of two Gigabit ports because, even if I opt to put in a switch at a later date, I need an input and an output for the router part of the box.

Why an extra NIC right now? If you wire your house (big if, in my experience), you won't need the wifi card anymore, so you can rip that out and replace it with a NIC of your choice.

Second, it uses the SiS raid driver which I seem to remember other posters here mentioning as an issue under Linux.

Unless performance is critical and you have a very good hardware vendor/warranty: NEVER use a dedicated RAID solution. Software RAID will consume a bit of CPU power, however it is portable between devices - hardware RAID quite often not. Of course, if you enjoy tracking down compatibility lists or the exact same 3+ years old controller on ebay after yours failed just out of warranty you may ignore that advice

The reason for 3 SATA ports is to have a SATA Optical Drive for monthly burned backups and the other two dedicated to hard disks which are simply mirrors of each other.

If you want to burn something once a month - why not get an external USB adapter/enclosure for the optical drive?

One of my primary concerns in all this is also the Linux compatibility.

The last time I set up a Linux router it took about 6 months and multiple hardware swaps to get it working correctly.

Granted, this was back in the late 90s, but I don't have the kind of time to devote to sheer hardware hacking now that I'm not a single college age person.

Don't worry too much - the only area where notable complications still exist are wireless chipsets. Okay, and unusual interface devices like touchscreens, tablets, etc., but you are not looking at stuff like that.