This is an attempt to document my new firewall. I want to keep track of information and links in a single place, both for my own reference and to help other people make their own choices.
|Component||Model||Link to spec||Link to manual||Cost||Vendor|
|CPU||Intel Core i3-4130T||Spec||n/a||£89.64||eBuyer|
|PSU||Silver Power SP-S4600FL||?||?||£92.00||Amazon|
|4 GB Memory||Kingston 1600MHz DDR3||Spec-ish||n/a||£29.99||eBuyer|
|Heatsink||Nofan CR-80EH||Spec (scroll down)||Manual||£36.46||eBuyer|
|40GB SSD||Intel 320 Series SSD||Spec||Intel support||£19.98||eBuyer|
|3 TB HDD||WD RED 3TB||Spec||n/a||£91.22||eBuyer|
|Wired (gigabit) network card||TP-Link TG-3468||Spec||Manual||£ 6.80||Amazon|
|Wireless (802.11b/g/n) network card||TP-Link TL-WN781ND||Spec||Manual||£ 8.65||Amazon|
|Case||Nofan CS-30||Spec-ish||n/a||£40.57||Quiet PC|
|Keyboard and mouse||Logitech Wireless Combo MK270||Spec||Manual||£20.00||Amazon|
|Gigabit switch||TP-Link TL-SG1008D||Spec||Manual||£20.61||eBuyer|
The cost is just within the £400 budget (because the 3TB drive came out of a different budget). This should give me a fanless, low power, linux friendly firewall that should also run World of Warcraft, and be a useful test/development machine.
I bought my previous firewall ("Hathor") in 2006, and it was based around a VIA EPIA PD6000 Mini-ITX motherboard, which, at the time, was a good compromise between cheap, low power, and functional. Hathor had a VIA C3 processor (broadly equivalent to an Intel Pentium III (Source), 512MB of ram and a 20GB hard disk.
Hathor has been a rock solid machine for the last 8 years, but has been becoming slow relative to the other PC's in the house, and given the increasing load that I have put upon it. (See: Apache Tomcat). Also, the initial choice of a micro-itx motherboard has meant that it has been hard to upgrade components. I have been able to add in a SATA card so that I could use a spare hard drive (from when I upgraded the one in my laptop). (As part of this upgrade project, I bought a 3TB hard disk which is currently in hathor, but will be moved to maat once the build is complete.)
A modern computer is made up from a long list of parts:
The first component I found was the cooler for the CPU.
originally, I was going to go with another mini-itx board. (Specifically, a ZOTAC E2-1800 ITX ) because I thought that would give me the right combination of low power (or at least, low heat) and low cost, while still giving me a reasonable increase in CPU power. But I wasn't happy with the compromises inherent in the mini-itx route, or of the lack of expansion slots and the cramped case.
I checked my assumptions:
Why was I looking for a mini-itx board?
Because they were low power.
Why do I want a low power board?
Because I don't want a fan.
Why don't I want a fan?
Because I don't want the server to make any noise.
Armed with new knowledge of what I wanted, I searched for fanless heatsinks. And I found the NOFAN CR-80EH . It will cool chips of up to 80 TDP, and it costs less than £40 (£36.46 from eBuyer).
It is just possible that I can build a proper PC, but with no fans....
The CPU I have chosen is an Intel Core i3-4130T . Its dual core, "Hyper-Threaded" (which means it pretends to be a four-core chip), supports hardware virtualization, and, most important, has a TDP of only 35 Watts. (I say only - the old chip apparently has a TDP of 2 Watts...). This gives me hope for my fanless plan.
(I think I looked at AMD chips, and I think that I found the FLOP/Watt ratio too poor, but I can't actaully remember doing that. I feel a bit worried now that I've made the wrong choice. Ah, paranoia.)
Given the CPU, I can now pick a motherboard. The chip needs an LGA 1150 motherboard. When I was looking for a mini-itx board, I wanted on-board wireless and two wired network ports (one for the LAN, one for the Internet) but I slowly came to realise that what I really wanted in a motherboard was expansion slots.
The motherboard I have chosen is a Gigabyte GA-H18M-H. That link is to a long list of specifications, but the two important ones for me are the combination of the price (£33 from eBuyer and the 3 PCI-E slots.
The motherboard has an UEIF BIOS, which supports larger hard disks and (should) alow me to use Secure Boot, assuming I can get it to work.
It also has HDMI out, so I can easily connect it to our living room TV. (Shinju would like me to get World of Warcraft running on the new machine so we can play together)
So far so good, but I'm not going to be able to use my old case (which is good, because I want to re-purpose the old machine as a media display for the bedroom. But that's another project).
Looking around the NOFAN website, they also make cases. Specifically, they make cases with lots of holes which are good for people making fanless PCs. Very specifically they make the CS-30 case, which is cheap (about £40 including next day shipping from Quiet PC), will hold a couple of 3.5" hard disks and a 2.5" disk, and will take proper expansion cards (rather than needing a weird riser card like the old case).
The case doesn't come with a power supply, but its going to need one. NOFAN also do fanless power supplies, the P-400A which is nice, but pricey. However, given the existence of one, I should be able to find others.
Amazon sell a 400W PSU from Silver Power, for just under £100, which is also fanless - the SP-S4600FL. (No link for this one as I can't find the manufactures site). 400W should be far more than I need, which is good, because I don't want to stress any of the components.
I have recently bought a largish hard drive, but I also wanted to get a SSD for the new server, partly to test the technology, but mostly because they are just crazy fast.
SSDs are getting cheaper, but I still didn't have that much space in the budget, so I've got a 40GB (<oldfart>40GB! I started with 5.25" floppies with 360K!</oldfart>) Intel disk (because it was on special at eBuyer when I was shopping).
40GB should be more than plenty for a Debian install. I'm still thinking about partitioning the disk, but I'm fairly sure that I'll put my /home onto the 3TB disk.
Memory is entirely generic these days. The motherboard has two DDR3 1600 slots that can take 8GB each. I can fit a 4GB memory chip into the budget, and I may get a second one in a few months.
The original plan was to get a mini-itx board with onboard wireless and two wired ethernet ports. I would have connected Shinju's PC directly to the firewall, and connected the rest of the house network (wich is the TV, X-Box, PVR and Blu-Ray player) through a hub, through a USB->ethernet adapter.
However, it turns out that gigabit network switches are suprisingly cheap. TP-LINK have an 8 port switch (the TL-SG1008D) on eBuyer for just over £20, and all the network cables are either cat5e or cat6, so I might as well take the opportunity to upgrade the network to gigabit.
(OK, so only the new firewall and Shinju's PC are gigabit, but hey, its a good opportunity)
The motherboard only has one on board network card, so I needed one more wired card to connect to the LAN, and a wireless card to connect to the laptop. I had assumed that USB adapters would be cheaper, but I was wrong. Amazon have a gigabit PCI-E network card (again, from TP-LINK) for about £7, and a PCI-E wireless (802.11b/g/n) network card (again from TP-LINK) for £9.
(Upgrading the wireless to 802.11n should mean that the wireless connection to the laptop will now be faster than the wired, since the laptop only has "Fast" ethernet (100Mbps), and 802.11n is 150Mbs.)
(I've checked, and both the wired and the wireless cards are supported by Linux)
I wasn't going to bother, but there was (just) space in the budget to get a keyboard and mouse for the firewall. Since it is probably going to be either beside, behind or under the TV, we don't want cables over the floor, so I've got a Logitech MK270 Wireless Combo which should Just Work™.
Not strictly part of this build (the funds came out of a different budget), I've got a surge protector. Its my first one, so I'm going to be interested to know how well its going to work.
As of 2014-05-25 I've ordered parts and I'm waiting for them to be delivered. Once they're here I'll document the build (with photos!) and then, as a part 3, document installing the OS.