Can you recommend something overpowered which I will keep as long as hardware is not damaged?
I know there is VyOS Hardware Compatibility List – VyOS but it doesn’t make a choice easy and there is only 4 fanless devices without information how many VAN port is builded in.I didn’t find the page friendly for me.
I don’t have experience with choosing hardware for such purpose. It is my first time and I don’t want to invest month to learn which hardware is good one and which is bad one.
Hardware needs:
fanless
2x WAN
no wi-fi in router, I will make AP
Network design and my needs:
wireless router
2x WAN
firewall (on the same device as router is unless it is not recommended by security concern)
wi-fi AP or mesh device on each floor. So I don’t have to change wifi AP when moving between floor to have stronger signal. I don’t feel it make sense router to have wi-fi. I would like to keep this devices separately. It makes more sense for me, unless I miss something.
the router has public IP
port forwarding to some services like for example Home Assistant for Smart Home. Why port forwarding instead of VPN? VPN drain batter in phone faster.
up to 5 VPN client connections
up to 5 computers including PS5 plus some less important devices connected to the network like printer etc.
There are many little fanless boxes these days and I’m not going to try and recommend any individual one. Personally I have a QOTOM box with 4 ports and that’s done me well, though I’ve had issues with mine powering off unexpectedly (this doesn’t seem to be something that happens to anyone else and since I swapped out the RAM it hasn’t done it)
My one recommendation though would be for any box you DO buy, make sure it has an Intel chipset for the networking. A lot of the smaller fanless boxes want to save cost and put a Realtek chipset in there - fine if it’s a desktop PC but not great (in my personal opinion!) for a network device.
I’m looking at buying a Fitlet3 device - only 2 Intel NICs but very small and low powered. But my requirements aren’t the same as yours.
I really can’t narrow scope I’m sorry - the only one I’ve ever bought is a QOTOM and as mentioned, I had issues with mine. Anything else I suggest would be no better than research/guess work you can do yourself.
Prehaps looking at the SelfHosted Reddit might be a good idea? I think they’re a big fan of the https://protectli.com/ hardware.
and this
ark . intel . com/content/www/us/en/ark/products/214634/intel-nuc-8-rugged-kit-nuc8cchkrn.html
the one which you mentioned looks cool, but I have very hard time to compare it to other hardware. In the first impression it is more expensive, because of UI to “build” your own version, but I can be wrong.
fit-iot . com/web/product/fitlet3-build-to-order/
*Sorry for unfriendly links, but forum doesn’t allow me to paste more, than 2 links.
I think I will decide on https://eu.protectli.com/product-comparison/ just because they do good job about comparing / description / “build” final unit. Although I just realised how expensive it is to setup a router lol.
Does it make any sense to have 2 hard drives (m.2 SATA SSD + SSD) instead of 1? For backups or something? Although I would prefer to upload backups to another server, but I don’t know how it works in practice.
This one is for opnsense, but why Hardware sizing & setup — OPNsense documentation need 120GB SSD? Is it the same for vyos? Why router + firewall + VPN + … need so many GB? I expected everything what is needed will fit into RAM.
These are questions really you need to answer yourself.
For me, I made my QOTOM box a Proxmox Server - Vyos was one virtual machine of a number of VM’s.
That’s why I went for a piece of hardware with more RAM + Storage.
For just a “Bare metal” Vyos box, 4G of RAM would be fine, but again it depends on what you want to do. You mention multiple things in your first post (Firewall additional) etc - how would you plan to do that? VM?
Vyos will do firewall rules, that’s all I use, but again it depends on what you plan to do
Also keep in mind if you want to have multiple APs you’ll need multiple LAN ports - you’re better off having a single LAN port on your Vyos hardware and then plugging that into a dedicated switch (probably with PoE so you don’t have to put injectors inline with your APs)
You can bridge multiple ports on Vyos, but you don’t get the best performance doing that.
I have two HUNSUN RC05 which I bought from Amazon. It has an Intel Core i5 Gen10 CPU and 6x 2.5 Gbps Intel I225 network ports. You can install up to 32 GB of RAM as well as 1x NVMe and 1x SATA disk and it’s fanless.
I have installed VMware ESXi on this device. I am running several VMs and one of them is my VyOS router.
I am using this setup for about 4 month now and I am quiet happy so far.
You mention multiple things in your first post (Firewall additional) etc - how would you plan to do that? VM?
No VM. I want to have dedicated device for only vyos or opnsense depends what I will like more.
I see vyos / opnsense as all in one solution: router + firewall + VPN. At least this is my expectation.
But my main concern was hard drive. Does speed of hard drive matter for router + hardware + VPN? How many GB is needed? The Hardware sizing & setup — OPNsense documentation recommended hard drive made me confuse.
You can bridge multiple ports on Vyos, but you don’t get the best performance doing that.
oh that is interesting. The vyos is not optimised for that? I plan to have 2x WAN + 2x LAN, so 4 ports.
What else do you have on your router besides of vyos? Why WM? It makes me confuse, because router is so critical to always keep it as separate device. What else do you mix with vyos on the same hardware? I will stick to my idea, but I am curious about yours.
ok I figured this out, at least I think so. Big size of hard drive is mainly for logs and statistics.
Still the question about what else you run in VM on the same hardware is up to date. Maybe I miss some opportunity while both of you use VM - there has to be some reason for that.
edit to answer myself:
from reddit I found people use other services like Plex or Home Assistant etc.
Other people see VM as a backup.
So it is more a choice to put all eggs in 1 baskets or more.
summary for people with the same question:
I decided to buy one of https://eu.protectli.com/product-comparison/ because it is very well described, designed for this purpose and have good opinions.
Big hard drive is needed for logs and statistics. For vyos or opnsense it self it is not needed. Alternatively if you want to host vyos as VM with other systems.
There is no need to have more, than 4 ports. 2 is minimum. Why?
Also keep in mind if you want to have multiple APs you’ll need multiple LAN ports - you’re better off having a single LAN port on your Vyos hardware and then plugging that into a dedicated switch (probably with PoE so you don’t have to put injectors inline with your APs)
You can bridge multiple ports on Vyos, but you don’t get the best performance doing that.
I have no idea, but I assume performance will be as good as in switch. Although buying switch for that purpose sounds like a better idea, because it should be cheaper and you will have PoE.
Labels on ports don’t matter. If there is label WAN or LAN or PORT1 it doesn’t matter, because you can set it in vyos.
My last thought:
I will try vyos, but maybe for some reason I will not like it and try opnsense or other one. This is important, because I will buy hardware (RAM, CPU, hard drive size) which is recommended for both of this systems. Otherwise I will limit my ability to change my mind. So when you buy hardware, try to buy something a little better to be able to change your mind. But don’t go into overkill.
