This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Current popular QOTOM or similar hardware for home UTM-9?

Hello.

I'd like to change my home UTM-9 hardware from an old PC to one of the newer QOTOM-like devices.

I need four NICs - WAN, LAN, 2 WLANs.

Price is an issue, I'd like to keep the total < CDN$375 (US$300) if possible.

I'd appreciate recommendations and any 'gotchas' I should look out for.

Thanks!

 

Mike



This thread was automatically locked due to age.
Parents Reply Children
  • Mike_Cunningham said:

    Thanks, I'm looking in those 3 places.

    Are you running your ESXi host on the QOTOM box?

    Mike

    Yes, along with 3 vm's at the moment, utm, freepbx, and cyberpower systems powerpanel business appliance (very small vm for managing ups).

    Still have about 2 GB of ram left, might install some other lightweight vm's/servers in the future.

    I think bang for the buck the qotom is the best deal out there.  The thread over on the pfsense.org forum convinced me to get this box.

  • You could save a little bit of money and go with a 120Gb SSD instead of 256Gb. 256Gb is way more than you will ever use. On my UTM I have a 120Gb SSD and it only uses 6% of a 40Gb data partition.

     

    Amazon has the Qotom with recommended RAM and SSD. https://www.amazon.com/Qotom-Q355G4-Firewall-Ethernet-Barebone-Computer/dp/B06XJV9R8X

  • You sure that's the right link?  It brings up just the bare bones with no ram/ssd for $228USD + s/h.  I think this is the one you're referring to.

    https://www.amazon.com/gp/product/B06XPJKV5L/ref=s9_acsd_hps_bw_c_x_2_w

    8GB ram module is $72 from newegg, and $59 from amazon. So $287 is less than the $301 (+ s/h) that I paid, but too late now.   I wanted to get the box with the ram due a number of posts about ram incompatibility.  The ram module model below is according to the pfsense thread.

    https://www.amazon.com/Kingston-Technology-1600MHz-PC3-12800-KVR16LS11/dp/B00CQ35HBQ

    https://www.newegg.com/Product/Product.aspx?Item=N82E16820239697

    After 2 months of use, space is plenty.  I'll never run out at this rate.  I have a spare 250gb ssd, but was concerned about excessive log writes.  Also, while a mechanical drive probably slows things down somewhat, for general utm function other than av scanning, it's still plenty fast.

     

  • Thanks.

    I got tired of running a 600 watt PS and spinning 6 SATA drives,

    just to run UTM in a vm, so i moved to a smaller, slower box.

    Now I'd like to make another move to a mini PC or equiv for the UTM

    and 'something' for freepbx.

     

     

     

  • Here's some dashboard pics from exsi.  First one from the main page.  Downloading at full bw (~320mbps), 2 freepbx calls going. 

     

  • Jay Jay said:

     

    After 2 months of use, space is plenty.  I'll never run out at this rate.  I have a spare 250gb ssd, but was concerned about excessive log writes.  Also, while a mechanical drive probably slows things down somewhat, for general utm function other than av scanning, it's still plenty fast.

     

     

    So, your log disk is an external spinning drive?

    I was looking at the AliExpress site and noticed they have Q355G4 units with 4th gen i7 processors,

    versus 5th gen i5 procs. Not that I can afford it but, would the i7 be a better solution for an ESXi host

    with a couple of vm's (like you have)? 

     

    Also, the AliExpress and Amazon.com sites have a hugely better selection of QOTOM units compared to Amazon.ca

     

    Mike

  • No, you can mount a standard 2.5" laptop drive internally.  There's a sata port and sata power plug.  I got rid of the 30gb mini pcie ssd.

    As for the cpu's, I don't know.  I'd say the difference is marginal at best.  Maybe a few points higher for the 4500u.

    https://ark.intel.com/compare/75460,84984

    They're roughly 18 months apart in terms of release dates.  Both dual core with hyperthreading.  The 4500u has a slightly higher clock speed and 1 more MB cache.

    I one key feature as it relates to virtualization is VT-d support on the 5250u.  As I understand it, this allow mapping certain hardware directly to a vm rather than through software emulation.

    https://software.intel.com/en-us/articles/intel-virtualization-technology-for-directed-io-vt-d-enhancing-intel-platforms-for-efficient-virtualization-of-io-devices

    Search "I/O performance through direct Assignment"

    I didn't implement my configuration this way with respect to network adapters.  I may try it later to see if there's any significant performance improvements or lower cpu usage.

     

     

  • Jay Jay said:

    Also, while a mechanical drive probably slows things down somewhat, for general utm function other than av scanning, it's still plenty fast.

     

    So, you have A/V scanning off? How much of an impact does it make?

    Mike

  • MIke,

     

    Sorry for the late reply.  Never received notification of another posting.

    I can't honestly answer your question as I never turned av scanning on in the first place.  All clients except for android devices have their own local av software (kaspersky).

    Also, I don't know if the cpu load pictured earlier is valid because the 5250u is dual core with hyper threading.  I don't think it's ready all core loads properly.  Exsi cpu utilization shows around 100% (for all available cpus) if I do speed tests with IPS turned on.

    There's a thread on here outlining a number of exceptions to add to utm so it skips scanning of netflix/youtube content.  Also, since installing utm almost 8 months ago i've only had one IPS hit.  Originating from a local client and targeting the utm, both on the local lan.  I think that might be a false alert because it's the only one in so much time and has never been repeated.

    I have att fiber coming out this week to install symmetrical gigabit because of ongoing upload issues with the cable isp.  I'm hoping the install goes well and there's no obstacles.  Supposedly fiber has been available in my area since 2015 so the network should be well developed by now. Most in the neighborhood have comcast, some have the other cable provider. It'll be interesting to see what the utm achieves assuming i'm able to hit advertised speeds connected directly to the att gateway.  If all goes well I plan on keeping the cable around for a week or so while I do more testing.

    Will be doing some vpn testing with the cable internet for as remote.  At the least I expect a 500mbps+ upload with fiber.  Should have no problem saturating the cable's 350 mbps download so the only bottle neck will be the utm hardware.  I recall either here or on the pfsense forums, somewhere around 200-250 mbps was typical for a qotom 5250u vpn connection.

     

  • Hi gus,

    I am currently using the aliexpress box for the latest version of UTM and my NICs are in the correct order. My link speed is 4/0.4 so nothing gets really stressed.

    No wifi, 8gb ram 128 ssd, 4 NICs.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.