Hands up if you're buying yourself any techy xmas prezzies


binhex

Recommended Posts

Let me kick this off with a very cheap and cheerful xmas presents for myself this year:-

 

1 x Aluminum USB 3.0 Hard Disk Drive Enclosure for 2.5 Inch/ 3.5 Inch SATA HDD and SSD - replaces existing caddy connected to my nuc 7the gen for recording dvb-t tv, yeah i know its boring :-)

https://www.amazon.co.uk/gp/product/B00RCJ54BC/ref=oh_aui_detailpage_o00_s00?ie=UTF8&psc=1

 

1 x Jabra Move Wireless Bluetooth On-Ear Headphones - going to be used for late night movie watching, slightly more exciting but still practical.

https://www.amazon.co.uk/gp/product/B00NHSFWG4/ref=oh_aui_detailpage_o01_s00?ie=UTF8&psc=1

 

you guys getting anything good?

Link to comment

I bought my present early :) I got a QOTOM-Q355G4 (3607 passmark Core I5, 8G Ram, 120G SSD). If I were doing it again I'd save a little and get a smaller SSD. 

 

I tried buying from AliExpress, but they wanted a scan of my drivers license to prove who I was?!?  I wasn't willing to give them that, so I bought it from Qotom's Amazon store instead. Cost an additional $15 or so, but definitely worth it.

 

I had planned on using pfSense, but was turned off after finding out you have to pay $99/year to access the manual. And their forums weren't too friendly either. I went with OPNsense and have been very happy so far.

 

Currently I am using my old ASUS router as an AP, but I've lost some functionality since it doesn't support VLAN tagging on the guest network. My next purchase will be two smoke-detector style APs, deciding between Ubiquiti and Zyxel.

Link to comment
2 minutes ago, ljm42 said:

I bought my present early :) I got a QOTOM-Q355G4 (3607 passmark Core I5, 8G Ram, 120G SSD). If I were doing it again I'd save a little and get a smaller SSD. 

 

I tried buying from AliExpress, but they wanted a scan of my drivers license to prove who I was?!?  I wasn't willing to give them that, so I bought it from Qotom's Amazon store instead. Cost an additional $15 or so, but definitely worth it.

 

I had planned on using pfSense, but was turned off after finding out you have to pay $99/year to access the manual. And their forums weren't too friendly either. I went with OPNsense and have been very happy so far.

 

Currently I am using my old ASUS router as an AP, but I've lost some functionality since it doesn't support VLAN tagging on the guest network. My next purchase will be two smoke-detector style APs, deciding between Ubiquiti and Zyxel.

 

$99 to access the manual?  You mean the subscription for paid support?  There are multiple books available (even at your local library) for pfsense and their forum is usually all you ever need.  It is free software, they have to pay the bills somehow.

Link to comment
2 minutes ago, ljm42 said:

 

I mean the "pfSense Gold Subscription" which is required to access the "pfSense Book" but specifically does not get you any kind of support.
   https://www.netgate.com/our-services/gold-membership.html

Right. The paid support packages are much more expensive.

 

I haven’t had any issues with the user forum though. They have seemed very helpful and I’m pretty much a total noob when it comes to firewalls. Experiences are bound to vary though I guess.

Link to comment
7 minutes ago, ljm42 said:

 

I mean the "pfSense Gold Subscription" which is required to access the "pfSense Book" but specifically does not get you any kind of support.
   https://www.netgate.com/our-services/gold-membership.html

 

Ahh, Gold membership...well worth the money, IMO, if need that kind of support.

 

Edit: Some of their forum members can be intimidating, but there is a lot of expertise available there and most likely any question outside of something completely unique has already been answered.

Edited by unevent
Link to comment
2 hours ago, binhex said:

 

hmm i sense a lot of love for pfsense (no pun intended hehe), im a bit afraid to find out exactly what it can do for me over a decent router, cos i know if it looks good i will HAVE to set one up, the inner geek in me is too strong, i....can't.....resist

If you decide to go for this make sure the cpu supports AES-NI.

Link to comment
3 hours ago, binhex said:

 

hmm i sense a lot of love for pfsense (no pun intended hehe), im a bit afraid to find out exactly what it can do for me over a decent router, cos i know if it looks good i will HAVE to set one up, the inner geek in me is too strong, i....can't.....resist

 

pfsense is amazing, i paired this with a unifi AP and netgear switch.

 

The forums are not the best in terms of help, mainly as most questions have been answered and many of the knowledgeable are probably frustrated. However for someone like myself who does this for fun the questions are not always easy to understand and many members there lack the time to explain.  A world apart to limetech forums, where everyone helps each other.

 

Link to comment
10 hours ago, binhex said:

 

hmm i sense a lot of love for pfsense (no pun intended hehe), im a bit afraid to find out exactly what it can do for me over a decent router, cos i know if it looks good i will HAVE to set one up, the inner geek in me is too strong, i....can't.....resist

Received the mini pc this evening. It's got it's quirks already. 

Couldnt get into the bios no matter what I tried, i planned on re-seating the CPU with mx4 so after that I unplugged/reconnected the mobo battery, this "fixed" the bios key not working lol 

Doesn't seem to like my usb keyboard connected prior to boot only after booted. I used efi shell to flash the firmware found on pfsense forum which has some intel me removed.

 

Now pfsense usb installer has hung on install. 

Exactly what I signed up for ?

 

 

Link to comment
14 hours ago, binhex said:

 

hmm i sense a lot of love for pfsense (no pun intended hehe), im a bit afraid to find out exactly what it can do for me over a decent router, cos i know if it looks good i will HAVE to set one up, the inner geek in me is too strong, i....can't.....resist

Depends what routers you call "decent". If your decent router has an MSRP over ~$500, then pfsense probably won't do a whole lot more for you. If you are calling any mid - high range consumer router decent, then pfsense has much more to offer, not least of which is potential CPU power for traffic shaping, analysis, VPN throughput, multiple redundant WAN sources, proxy servers, caching, pretty much anything the multi thousand dollar corporate routers do.

 

Then again, if you only have access to 5Mbps download and 512Kbps up on a DSL line, pfsense probably holds little appeal. If you have symmetrical Gbps WAN, then not running pfsense or some other capable router software on a high power platform is criminal.

Link to comment
7 hours ago, jonathanm said:

Depends what routers you call "decent". If your decent router has an MSRP over ~$500, then pfsense probably won't do a whole lot more for you. If you are calling any mid - high range consumer router decent, then pfsense has much more to offer, not least of which is potential CPU power for traffic shaping, analysis, VPN throughput, multiple redundant WAN sources, proxy servers, caching, pretty much anything the multi thousand dollar corporate routers do.

 

Then again, if you only have access to 5Mbps download and 512Kbps up on a DSL line, pfsense probably holds little appeal. If you have symmetrical Gbps WAN, then not running pfsense or some other capable router software on a high power platform is criminal.

 

Decent for me a business class router, not talking top dollar stuff but i got a half decent router that has rock solid performance for my current line (ADSL 20Mb/s dl 1Mb/s ul), i guess this could change though if i switch to fibre, which i have been thinking about recently, so who knows maybe the router wont be able to cope as well when i up the speeds to 60 Mb/s dl, i shall see eh.

 

I think the only additional functionality i would like to get out of pfsense is probably proxy cache, pi hole type functionality (does it do this?), and maybe QoS.

Link to comment
5 hours ago, binhex said:

Decent for me a business class router, not talking top dollar stuff but i got a half decent router that has rock solid performance for my current line (ADSL 20Mb/s dl 1Mb/s ul), i guess this could change though if i switch to fibre, which i have been thinking about recently, so who knows maybe the router wont be able to cope as well when i up the speeds to 60 Mb/s dl, i shall see eh.

 

I think the only additional functionality i would like to get out of pfsense is probably proxy cache, pi hole type functionality (does it do this?), and maybe QoS.

 

Caching proxies are really not as beneficial these days given the large Internet pipes, even your 20/1.  They slow the Internet experience because you are constantly working from the cache by writing to/checking if exist/reading from disk, even with SSD.  The Squid package in pfsense is what you would use for the transparent proxy which will proxy non-encrypted traffic.  Not much these days is non-encrypted so benefit varies.  You can do encrypted traffic cache proxy by configuring certificates you install on all client devices, but headache if you have many devices.  There is another way to do encrypted caching without certificates, but can give some browsers/devices fits.  It used to be good for caching Windows update stuff, but MS changes delivery and becomes unreliable and you are always having to tweak the filters to capture the updates to cache.  The QoS is no where near as simple to configure as one would have experienced with Toastman Tomato.  There are books, videos, etc. on it though.  Pi hole (ad blocking) can be done with pfblockerNG and works extremely well, add Snort for IDS/IPS.

Edited by unevent
Link to comment
12 hours ago, binhex said:

 

Decent for me a business class router, not talking top dollar stuff but i got a half decent router that has rock solid performance for my current line (ADSL 20Mb/s dl 1Mb/s ul), i guess this could change though if i switch to fibre, which i have been thinking about recently, so who knows maybe the router wont be able to cope as well when i up the speeds to 60 Mb/s dl, i shall see eh.

 

I think the only additional functionality i would like to get out of pfsense is probably proxy cache, pi hole type functionality (does it do this?), and maybe QoS.

I've got a adsl connection and the traffic shaping is a life saver - means the right services get bandwidth when they need it, and p2p, Usenet etc when they don't.

 

Having full control over traffic is a big plus as well e.g my son got a Google mini for his birthday at the weekend and being able to work around not enabling upnp to get working was very satisfying.

Link to comment
6 hours ago, unevent said:

 

Caching proxies are really not as beneficial these days given the large Internet pipes, even your 20/1.  They slow the Internet experience because you are constantly working from the cache by writing to/checking if exist/reading from disk, even with SSD.  The Squid package in pfsense is what you would use for the transparent proxy which will proxy non-encrypted traffic.  Not much these days is non-encrypted so benefit varies.  You can do encrypted traffic cache proxy by configuring certificates you install on all client devices, but headache if you have many devices.  There is another way to do encrypted caching without certificates, but can give some browsers/devices fits.  It used to be good for caching Windows update stuff, but MS changes delivery and becomes unreliable and you are always having to tweak the filters to capture the updates to cache.  The QoS is no where near as simple to configure as one would have experienced with Toastman Tomato.  There are books, videos, etc. on it though.  Pi hole (ad blocking) can be done with pfblockerNG and works extremely well, add Snort for IDS/IPS.

Take care when using squid with a VPN as it can leak dns

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.