Hello,
in search for hardware that is out of the box rack-compatible, I came across DEC2687 – OPNsense® Rack Security Appliance.
Does anyone have insight into whether this is compatible with installing VyOS?
This has been a while ago, but the last time I had tinkered with one it was just a plain X86 with I believe Intel NICs, so yes, back then VyOS could run on it. To be honest I’d say it still does because I can’t imagine they developed special hardware for OPNsense.
Greets,
Sander
Thanks for that. Are you aware of an alternative rack compatible solution that does not have thepotential to get me into the “if you open it and extend the RAM you void the warranty” and “we don’t care what isn’t working, as you overwrote OpnSense” bind?
I run VyOS on Deciso hardware (DEC740, DEC750) just fine.
2 Likes
I use whatever I can get my hands on. I have full blown rack servers as ‘big’ border routers but also small supermicro sys-e300 devices, which might be more fitting instead of the Deciso stuff.
It seems to never been an issue if you want to extend the RAM yourself in an OPNsense appliance:
https://shop.opnsense.com/product-categorie/hardware-appliances/
The boxes are made in EU by the company behind OPNsense named Deciso Group B.V. in the Netherlands.
The boxes are based on AMD cpus.
The spec for the particular unit is over here:
Their older homepage had better info about the motherboards they are using, which for DEC2687 might not be relevant (as I dont know which model the DEC2687 is using) but can still give you a hint of overall capabilities - basically mostly single or dualchannel:
https://web.archive.org/web/20240420184244/https://www.deciso.com/netboard-a10-gen2/
https://web.archive.org/web/20240407173603/https://www.deciso.com/netboard-a10-gen3/
https://web.archive.org/web/20240420201929/https://www.deciso.com/netboard-a20/
Their greatest/most expensive boxes the DEC4200 series seems to use quad-channel (not sure if all slots are populated on delivery or not):
Over here it do however seems that they always populate all available RAM slots:
While at it make sure to update the BIOS to latest available:
Possible alternatives (except for rackmountability) is something like Minisforum MS-A2 which as barebone (you will have to add RAM and storage yourself, it supports up to 2x48GB = 98GB of DDR5 5600) which goes for €689/each (AMD Ryzen 9 7945HX) or €939/each (AMD Ryzen 9 9955HX):
AMD Ryzen9 7945HX
The above comes with 2x2.5Gbps RJ45 + 2x10Gbps SFP+.
Problem is to find a sweetspot for price vs performance but also what your other demands are (is Country of Origin being China ok with you? Does it need to be rackmountable out of the box? Do you prefer AMD over Intel due to all the CVE’s the Intel CPU have where each microcode update will lower their performance? etc).
Other rackmountable solutions which doesnt go for €5999/each as the OPNsense DEC4280 could be something like (these are Topton/CWWK boxes so made in China):
TLSense J6412: 1U Rack, 5x 2.5Gbit LAN, J6412 CPU, No RAM, No Storage, €275/each + VAT
TLSense C3758R 1U: 4x 10Gbps SFP+, 5x 2.5Gbps LAN, Atom C3758R CPU, No SSD, No RAM, €475/each + VAT
A compare between above CPUs:
https://www.intel.com/content/www/us/en/products/compare.html?productIds=204840,214758
Adding to the great info from @Apachez, you can find rack adapters for both the MS-01 and MS-A2 from Minisforum on Etsy if you did want to pursue that route.
Gentlepeople, the amount of insight here is simply amazing. Thank you!
I’m checking out all the hints.
Is anz of the options actually silent (no fan) or is that simply unrealistic given the power required to run VyOS for 4+ NICs?
1 Like
Most rackmountable devices will have fans simply because those who are fanless needs to have a spare 1RU above and below the unit for the passive cooling to work - the are also designed to sit in a cooled datacenter (where the ambient temp is like +18C or so which is probably not the case for your homelab). So having a 1RU fanless 19" device will occupy 3RU in the rack unless you want to risk to get a heat stroke of it.
Other than that the DEC600, 700 and 800-series are all fanless:
And all models except the rackmountable and N305L6 are fanless over at Open Source Router and Firewall hardware (same day shipping from Stockholm) (again CWWK/Topton made these).
Note that when it comes to fanless devices NVMe’s are an issue. You will need to fit a heatsink on it and sometimes add an external fan to the unit.
I have this model as Proxmoxserver at home:
Where to deal with the heat generated I had to adjust the PL1 and PL2 settings in BIOS (force it to 15W for both), add Be Quiet MC1 Pro heatsinks on the NVMe’s (I got 2x Micro 7450 MAX 800GB):
and externally put a Noctua NF-A8 5V PWM (uses USB as power) along with Noctua NA-SAV4 mounting sticks (anti-vibration and no screws) to the back of the unit to suck the heat out of it (or if it was to push air into it, I dont recall the airflow direction):
https://noctua.at/en/products/fan/nf-a8-5v-pwm
Also I placed the unit on like a metallic grill with face down to get some natural convection and airflow (heated air raises).
And it behaves very well, the CPU is currently at about +40C and the NVMe’s at about +59-69C (depending on where to measure the temp at on the NVMe’s).
In my unit I also have a Crucial DDR5-5600 48GB SODIMM CL46 (16Gbit) (CT48G56C46S5) stick which will generate heat aswell:
Oh. Thank you so much.
So let me recapitulate:
- TLSense fan-less bare metal machine
- bequiet NVMe heatsink
- Noctua NF-A8 5V PWM & NA-SAV4 mounting sticks to move air over the aluminum casing/external heat sink?
Didn’t get the fan mounting, I think? What did you fix it to?
Its fixed to the backside where the RAM and NVMe’s are also located.
The backside plate have mounting holes (where I used the NA-SAV4) with a mesh (to not suck in all dust thats available) where the Noctua fan is located (mounted externally and gets its power from the USB).
I forgot to mention I also repasted the chassi onto the CPU due to reports of not perfect quality assurance at the factory regarding this. I removed the old paste and repasted using Thermal Grizzly Kryonaut.
Cool (hopefully 
).
Last Q: “Also I placed the unit on like a metallic grill with face down to get some natural convection and airflow (heated air raises).” - can you describe this better? I’m not getting it. Place it down with the surface that actually has the power button etc!?
According to google translate its called a “coaster”.
The thing you place between the table and the baking dish that just recently was in your +200C owen so it wont burn or melt the table once you place it there.
In my case it looks similar to this model:
So I placed the N305L4 box with its front pointing to the bottom (towards the table) ontop of this coaster.
This way I have a small airgap between the table and the unit itself and by having it placed vertically what was previously pointing upward (the builtin heatsink) is now facing to the side while its bottom (with the externally mounted Noctua fan) is also pointing to the side.
Since the frontface of the chassi is fairly large and flat it have no problem to maintain being placed vertically.
This maximizes the fanless cooling (to avoid pockets where the heated air otherwise can get trapped) along with this external fan to increase cooling of its bottom (where the RAM and 2x NVMe are located).
Another fix would of course be to not use 2x NVMe (which alone will peak at give or take 2x9W = 18W or so) and instead use a fairly cool SSD something like Kingston DC600M (peaking at 1.6-3.6W):
I have another desktop box based on Intel NUC5 along with Samsung 850 SSD which uses an Akasa Newton-X which works very well (even to play CS:S on). But that heatsink is perhaps 20% larger then the one used by N305L4.
Also the heatissues occurs during full load (which I verify my systems with). If your box will mostly idle then basically none of the “workarounds” I have performed would have been necessary.