[Solved] X86 Server Build

Ok I am going to just open a can of worms and ask for some advice.. It is generally known that while intel j1900 is the standard for x86 builds - I wanted to see if there is a better option. I did not intend to build another PC to serve as a server and I did not intend to buy a $10,000 cisco router. What I am seeing is that these generally use the denverton atom chip from the $300 to $3000 systems. If I wanted to build a gigabite switch capable of ips/ids or purchase a prebuilt one what are my options? I should clarify that I am not trying to build a 1U Server - but rather build a "server" whether that be itx/atx/1u server, Now we can consider certain things such as link speed. I understand that some of the link devices are insanely priced because they are designed to support 1-2 gb links.

Now what I want is to build a server capable of handling as much as it can up to a certain price point of about $500. Because right now paying ~$400 for a mini pc with 4 intel ports seems silly when I can just buy a 9700k and build around that for the same price, but of course the power consumption is kind of the issue as well, that is why I said I do not want to build a traditional PC because I want to keep energy costs down. That's also why I said the atom could work beacuse of the fanless designs and the 1u server style it's just meant to dissapate heat. It is looking like the way to go is get an atom mobo and build around it but maybe I am missing a key product out there that solves all of this. Low operating cost, enough cores to handle what 800 mb links, fanless.

I see these are generally the same and are common within the home router enthusiast market but they just are not reasonable to operate:

Netgear XG-7100
Neatgear SG-5100
Supermicro A1SRi

A H2 might meet you needs; shipping again I think.

Edit Jeff posted some numbers

1 Like

That type of data is excatly what I was talking about, j1900's performing the same as the atoms it just comes down to a matter of how you want to build it and what you want built on it. Consider something as low cost as a HP Compaq Pro 4300 with a Core i5-3470S or Optiplex 9020 4570, wouldn't something like this provide the best value? I could definately install a Intel server NIC and be on my way with a few more watts being pulled from the wall rather than find the perfect set up.

There is one common consensus: 4ghz/4 cores is recommended here

1 Like

I bought the H2 to try as my J1900 box wasn’t performing as well as I would have liked. Its size and price made it attractive compared to an iTX build.

Bay Trail-D, as in the j1900 (maybe even all members of the valleyview generation), has been plagued by ACPI/ silicon issues (instability/ freezing up)[0] for years. Since kernel v5.3[1] the situation has gotten better, but I would avoid these chipsets by now[2].

--
[0] that may partially be the fault of the mainboard manufacturers as well, who may not have dimensioned the power lanes big enough to deal with sudden load changes, as in waking up from deep c-states. Regardless of whom to blame, it's a major issues for many Bay Trail-D systems.
[1] a large patchset affecting wake-up procedures for i915 while being in c-states went into that kernel.
[2] yes, I own one j1900 myself, it's working, very powersaving, quick enough, but I'd love to throw it against the wall, whenever (when, not if) it freezes up again.

3 Likes

I'd also avoid C2000-series products like the plague. Minor little thing, they forget how to read their boot ROM, as I understand it, making the board permanently non-functional.

https://www.anandtech.com/show/11110/semi-critical-intel-atom-c2000-flaw-discovered

2 Likes

So ITX......... what options do we have here? I just feel like building anything less than itx will not work for me beacause I need the Intel EXPI9402PT Server card in the build. Shoot the recommended specs for an i3 build, 4 cores, itx board, case, psu, ram. Just usb sticks for storage here. I mean what am I looking at here? i3-6100?

Be careful with “Intel” cards as they are highly counterfeited. Even the low-end ones. I buy OEM pulls these days and have had much better luck than with even sellers on Amazon.

Last I bought an i3 I think it was the i3-7100T with its lower TDP. Power is expensive here, around US$0.30/kWh and I run on UPS more often than I like (hand-start and -transfer generator). DC in on the mobo or a picoPSU and a brick are generally a lot more efficient than any ATX-style PSU. Noctua cooling and fans are my current choice for virtually silent operation.

Dual Samsung or Crucial SSDs are cheap enough these days. USB sticks are too slow.

1 Like

@dlakelan help us out here good sir with some hardware recommendations

I haven't been following the market closely over the last say 6 months, so I don't have a lot to add over the advice of looking at the H2... When I search on Amazon I see things like the Asrock j4105-itx mobo, and that seems pretty good at first glance, add some DDR4, and a M.2 SSD and a 2 port Intel ethernet card. I'm not sure what the price would be.

It seems hard to imagine you'll get a better result than just buying this: https://www.amazon.com/Firewall-Appliance-Gigabit-Celeron-AES-NI/dp/B07G9NTR6Z/ref=sr_1_8?keywords=mini+pc+firewall&qid=1573536655&s=electronics&sr=1-8

which comes with 8GB RAM and 120GB SSD...

I did not buy a 9900ks for $600 because a 9700k has same cores and paying $300 less for ~10% loss of performance is a trade I will take anyday. I mean we're talking binned chips here basically right which just does not appeal to me more than what else I can do with the buiold.

The reason why I am looking at ITX is because I am seeing "my network is not 1 gig stable" but say I did shell out for a build the same as my current PC build - 9700k+ITX. Then I would be 1 gig stable with IPS/IDS packet inspection which is what people are having issues with. Right now I have a dell SFF set up and it is really performing well, at best I can hope for is a FTTH in 5 years no where near gig speeds and I would never be using IPS/IDS. But as before I am building for latency, if I can get the same latency times I can with a j1900 as I can with a 9700k or i3-7100T then it just doesn't matter about IPS/IDS security or a stable 1 gig rate basically I will just be paying for binned chips and we don't want that we want good price+performance.

If in the next 5 years you are not going to go over 500Mbps + SQM, and don't need more than say 200Mbps wireguard VPN, and don't need packet-by-packet IDS inspection at more than say 100Mbps, you can safely buy a cheap j1900 device.

On the other hand things built off Celeron 3000 series or 4000 series or better have AES-NI and faster cores, and could handle a bunch more.... and depending on which package you get they can be cheaper than the j1900... so I'd be looking for those myself. The biggest problem is just availability. That protectli device I linked above is available, relatively good price, excellent performance, all in one, low power... It'd probably be what I would be looking at if I were in the market, either that, or something with 4 NICs.

1 Like

Personally, I'd go with separate router and IDS boxes, both for performance (very different RAM/CPU requirements) as well as security, if your router serves as a perimeter firewall.

Here's a couple references on "Intel" NICs:

My most-recent eBay purchase was a "Dell 07MJH5 Dual-Port PCI-e Network Adapter" (i350-based) for US$25, delivered (needed two, robust, "spare" ports for some testing). The first link has a list of OEM part numbers that I find helpful.


Edit: In considering a J3060 and a J4105, here is one comparison that might be of interest

https://www.cpubenchmark.net/compare/Intel-Celeron-J4105-vs-Intel-Celeron-J3060/3159vs2852

I s

I have seen this before in a previous posting where it was switches, its functionality was quite the same funneling a 2 gig line through a fiber node/2 gig switch/1gig switch/router. That set up was around $30k but we are talking about the same thing here just conditioning a line for optimal use. That optimization was thoroughput mine is latency. I only have 50/10 so I am not concerned with top tier thoroughput numbers but when we start talking about cores and core speed then at some point latency and throughput coincide where the price will be to high for the core count/speed to pay for anything more at the router layer than say a 4 core celeron.

So at this layer for the router the 4 core celeron is the best for price+performance?

And what about the IDS box - are those something a ryzen 3600/i3+itx would handle better and will that apply at all to the latency figures we are trying to hit? Would it even matter because the price is too high? Obviously if it would affect latency I would never implement it. Right now I have a i5-6400 in a dell workstation with an openwrt live boot and I am pleased with the performance.

I also tried to live boot from an ssd and I lost the performance I was getting from the usb live boot which I was not very happy with considering it took about 7 hours to determine that the latency times just were not identical. It also introduced some packet loss and weird little drops.

Something like this would be perfect, the all in one cpu included package like the h2 just makes things easier but I guess the issue here is now I have to build a new system which I is also not appealing.

Again I am back to the just grab a optiplex 9020 from ebay and call it a day........

A used Cisco SG300-series switch (US$100-150 for 28/52-port units) or one of the upper-range ZyXEL units could handle the monitoring without breaking a sweat at 60 Mbps combined, or even an order of magnitude higher than that. There's a lot of additional utility in having a professional-grade, managed switch as well.

At the rates you're talking about, most any recent x86_64 should be sufficient for the routing and SQM. For that matter, any multi-core all-in-one would probably handle it.

I'd still put the IDS on another box, running a server-intended OS. Any "reasonable" IDS has significant demands on CPU, memory, disk, as well as direct and indirect dependencies. Personally, I'd consider it "crazy talk" to try to run Suricata under OpenWrt, especially with a backing database for event collection and analysis. A server-intended OS can also run a robust filesystem, ZFS being my choice by far for a large number of reasons (redundancy, expandability, live snapshots, ... ).

I can't get worked up about the specific choice of x86_64 devices. For me, at US$0.38/kWh during the summer (and needing to run off UPS far too often), noise and power consumption are big drivers for me. I've got a (used) six-port Lanner with a Xeon CPU and a slot for a 10Gig card that has been sitting on the bench as I haven't had the time to get it quiet yet.

I think I will go with the ASRock J4105B-ITX + Pico PSU-120 with a Intel I350-T2. Ordered a $27 EXPI9402PT and received a counterfeit with Pulse ethernet transistors.

1 Like

If you’re inclined to do so, I’d be keen to see what the final setup looks like. Maybe framed as a mini howto/guide. :+1:

1 Like

Well, I might be almost late here for the OP, but I was going to bring up another option, the good ol' Zotac CI327. One of dlakelan's recommends awhile ago. I've been pretty happy with mine. A faster N3450, with the AES-NI I believe the J1900 lacks.

But... Looks like in the past several months, it's finally gone extinct. And, the one we all were waiting for, (and waiting, and waiting..) the CI328 is now out there. A N4100, maybe a few other bump ups, and the same price. (Barebone $180, 4GB ram, 120GB SSD $220.) And a whole system draw of (?) something like 5-10W....

Of course, probably not what you want with the more exotic rather than basic router box requirements mentioned above.

Ah, thanks for reminding, we've been waiting for that update for a long time!

typo, though, it's the CI329 not 328