Like other people suggested here, use opnsense instead of pfsense, and wireguard instead of openvpn. What I did for my homelab was to get a used HP t620 thinclient and an Intel 350 card with 2x 1gbps ports. You say you have 10gbps, so you would need a card that can handle that, and maybe a beefier CPU. For my setup, this tiny 65€ machine is not even feeling it. Single digit cpu usage for 2 wireguard connections, a little over 1GB RAM usage for a handful of services. I think for you an n100 with 4gb of ram is more than enough, but going for 8gb will be better and it will not be much more expensive.
this post was submitted on 21 Dec 2024
177 points (100.0% liked)
Selfhosted
44780 readers
1399 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
For your router setup, it sounds like you're looking for a high-performance system to act as a gateway for your entire network. Given your fiber internet connection (10 Gbps up/down), you'll want components that can handle that kind of throughput efficiently.
Suggested Hardware: Processor (CPU): A multi-core processor like an Intel i7 or i9, or AMD Ryzen 7 or 9 would be ideal. These chips offer good processing power for managing high-bandwidth traffic.
RAM: 16GB of RAM should be more than sufficient for most routing tasks. If you plan on running additional services like firewalls, VPNs, or network monitoring tools, you could consider going up to 32GB for added headroom.
Ethernet Ports: Since you need at least two Ethernet ports, make sure to choose a motherboard with built-in dual NICs (Network Interface Cards) or add a dedicated dual-port Ethernet card. You'll also want to look for support for 10Gbps Ethernet adapters if you're aiming to fully utilize your fiber connection's speed.
Storage: Since you're mainly using this as a router, SSD storage is typically unnecessary unless you're running a network service like a DNS cache or logging heavy traffic data. A small SSD or even a regular HDD would suffice.
No GPU Needed: You're right, you don't need a GPU for routing tasks unless you're running other applications like video rendering or gaming servers.
This setup should provide the stability and performance you're looking for, and ensure that your network can fully utilize that 10 Gbps fiber connection.
Also, while we're discussing performance and efficiency, if you're interested in expanding your use of AI, especially for networking tasks like optimizing configurations or generating reports, I recommend checking out ChatGPT Español. It’s a great tool for automating language-based tasks, translating configurations, or even generating documentation for network setups in Spanish
Yeah is guide is pretty useful! i went with setting up wireguard instead of openvpn. For a while now ive been self hosting alot of my stuff, SearXNG with gluetun tunneling, minecraft server for me and the boys and a Samba Share instead of paying for some dopey cloud storage. Ive gotten ZFS running in a 1tb z1 pool for my containers and plan to add a 10tb Z2 pool for long term storage and backups. i chose to do it in NixOS instead of debian or ubuntu, just because im a little bit of a nut for immutability.
its actually kinda funny i just left a post asking for help setting up wiregaurd server on c/selfhosted and referenced louis's guide! Also i gotta add thats EPIC you got 10gbps internet, i went with a glinet flint 2 for my router. Because it runs openwrt under the hood, i personally like openwrt alot. there are people that swear by pfsense or opensense because of the bsd network stack, is very well maintained and secure as alot of commercial products like switches and firewalls run pfsense under the hood. for security and vlans pfsense would probably be better from what i heard. But openwrt works pretty well aswell, and i ended up just going with the flint 2 because it has 2.5gb wan in and 1 2.5gb lan. which was more than enough more my measly 1-2gb internet.
im thinking to start with just a raspberry pi and using nix to manage whats installed. i'll read up on the router issue, but i wonder if it's that important to me. i have installed openwrt before and it wasnt too bad.
I’m not sure if you ever made your way to following through with this… But the three node system isn’t a bad starting point. However, here’s how I would approach it (similar to how I actually got my start in homelabs and how I do things now)
1 system for your router (looks like you picked a Qotom unit, those are decent), 8-16 gb ram
1 system for proxmox virtualization… run all your services in LXC’s or Virtual machines, as much ram as you can get a get for your system
And 1 system dedicated to storage (truenas or unraid), 32gb ECC ram (personal preference but not necessarily needed even with zfs for home use)
I’d start at https://reddit.com/r/homelab … but since we’re on Lemmy, I’d rather suggest posting on [email protected] (new, but looking to gain traction)
I subscribed. Happy to support another homelab / self host community!
Thanks mate!