Hi,
CPU Intel i3450 @ 3.10Ghz
RAM 16GB DDR3 1600 Mhz
Planning on buying cheap dual 2.5G Intel i226 from aliexpress. The motherboard has bultin Realtek controller 8111f which I probably disable.
Would the CPU be good enough for it? would be good enough to use is as router and have my EERO in bridge mode for wifi only?
I’m planning to setup a VPN Wireguard (surfshark VPN) that can be used by any device on my EERO 6 pro network.
By far more than enough. I’m running it on a N6005 with 4 cores and 8GB ram and it rarely goes over 10% cpu even when there are multiple people streaming in the house, a couple people gaming and I’m making some large downloads. My connection is a Gig+ from Xfinity via a ARRIS Surfboard S33. 1.5G down, 200mbps up.
The things that use a lot of resources are the addons like IDS/IPS (Suricata) or from the router VPN endpoints (OpenVPN).
This would replace the EERO as the router. (You could then setup the EERO as just a wireless access point)
Forget 10gbit, unless your ISP will switch to 10/25gbit soon, like in Switzerland. Drop power hungry I3450 cpu, even if it was free, it will not handle VPN anyway. More NICs better, in worst case your could survive with 3 (WAN + LAN->switch + control NIC), but i prefer 5 to 6. Buying a modern CPU in a cheap device like Tomton, Hunsn will give you modern CPU (N100, N300, 8505) with modern instructions, GPU, higher IPC, and much less consumption. As a bonus you will receive 5 to 6 brand new I226 NICs. Optionally, with 2 SFPs if you pay up for something you will probably not use.
If you want to utilize VPN at proper speeds and god forbid add those plugins everyone enables for no reason like ZA, Suricata, then you will struggle even with N30x and 8505. Without them, you can max it out easier and add VPN server to let mobile phones connect:) 10gbit VPN is out of question for VPN, and since switch could do that, there’s no point having it in a firewall.
Thank you very much for your feedback. What chipset nics are you using? What if any addons are you using on your opnsense router setup ? Dual nic using I226 from aliexpress should be good enough it? I’m just planning using vpn wireguard (from my understanding using less resources) for few clients on my network to beat geo location restrictions. The end goal would be to handle 1.5gb down / 50mb up connection and replace my eero 6 pro gateway / router; and use 3 x eero pros as wifi APs. Hopefully my hardware would be able to handle opnsense plain vanilla setup like dhcp, firewall and few vpn clients via vpn wireguard (Surfshark). Also I would replace my 16 port gigabit Cisco unmanaged switch with 8 port 2.5gb unmanaged switch. I have 3 wired PCs with 2.5gb nics on my LAN + opnsense router I’m planning on building. I don’t think I would be able to test it with just a single nic built on the motherboard. Hence I have to wait for nics to arrive from aliexpress. Another problem is that it is Realtek controller which is not well regarded.
I’m using one of those 4-port topton units. 4x Intel I225v NICS.
I’m actually running Proxmox on the unit and doing hardware passthrough for two of the nics.
I also run PiHole and Home Assistant in lxc containers as well on the machine.
Realtek nics are often derided because their drivers aren’t very well supported and they have no offload capabilities. Makes them not so great as router nics, but typically fine for other uses. Just don’t configure that interface for anything in OpnSense and you should be fine.
The unit will handle 2.5G networking just fine. Mine handles routing between multiple VLANs that have much more bandwidth (my truenas box has 40gbe and my vmhost has 10gbe).
Thank you 
If you have few minutes can you please see if amazon.ca (prime, so I can return it if it won’t work) has any dual 2.5gb I can buy? Please DM me if this is against the forum rules.
So for my first case scenario (VPN wireguard behind eero 6 pro gateway/router), I could use (or try) single motherboard NIC 1g realtek 8111h?
After that for the end result which is to build VPN router and my EEROs as wifi APs, I will buy dual 2.5g Intel i226 card… There is a lot of people saying aliexpress might be selling me fake i226 card 
… so perhaps I should pay more to buy it locally.
Your thoughts
There are only a couple stand-along I225v adapters out there.
StarTech, Qnap or an HP branded single port.
For my money, I’d look at Ebay for a Intel X550-T2 card. It’s a 10Gbe part that will also run at 2.5gbe. Future proof yourself. (We can dream of 10Gbe internet service right?)
Note: Only the X550-T2 supports 2.5gbe signalling. Do not get a X520 or X540 series as those are only 10Gbe.
Note: You can run some SFP+ modules at 2.5Gbe, which is how I connect my Brocade ICX-6610 switch to my router. 10Gbe SFP port with a SFP+ module that will connect at 2.5Gbe. Which if you are already buying a 2.5Gbe Switch, you may want to look at the MikroTik CRS310-8G+2S+IN which is a managed 8x2.5gbe + 2x10gbe SFP+ switch.
Thank you very much for your reply As much as I would love to future proof, the higher prices and my household setup (cat 5e / cat6 wires mostly) At the moment I only have two 2.5gb clients, my win11 media/plex server will get 2.5gb NIC and OPNsense router box (that I’ll try to building) will get another dual 2.5gb NIC. Based on your reply I will most likely buy QNAP QXG-2G2T-I225 (it should come with i225-lm b3 chipset). I will have a chance to try it for 30 days with an option to return it if I discover any issues.
What unmanaged switch would you recommend? 8 ports (or more), 2.5gb (or faster)? there are some cheap noname switches, however there could be some performance issues with them. I don’t want any latency or speed dropout issues. Currently I use Cisco a gigabit 16 port unmanaged as my main switch and everything has been solid.
Not sure what your situation is or budget, but why not a managed switch?
There are some very good deals on server-class hardware if your at all techy. The aforementioned Brocade ICX-6610 with 4x 40gbe ports, 8x10gbe and 48x1gbe I was able to pick-up from ebay second hand for under $100. It’s loud as heck though so unless you have an unfinished basement or can set up a network closet in your garage or something, I wouldn’t recommend. But you could get a Brocade ICX-7250 for pretty cheap as well without the noise (but no 40gbe). https://forums.servethehome.com/index.php?threads/brocade-icx-series-cheap-powerful-10gbe-40gbe-switching.21107/
Same goes for home “compute”. My “NAS” is a HP ML350 G9 with 16x2.5" drive slots setup with TrueNAS. I picked up the ML350 for less than $100 with dual E5-2620v4 Xeons (8-cores per) and 128GB ram. It was a decom from a local company. A 40gbe Mellanox card was ~$30 and a 40gbe DAC cable was ~$20.
/r/homelab has a lot of good resources for that kind of thing if you are interested.
Here’s a sneak peek of /r/homelab using the top posts of the year!
#1: It finally happened to me! Ordered 1 SSD and got 10 instead. Guess I’m building a new NAS | 671 comments
#2: How many of you have memorialized an IP address? I did so for my late wife’s computer.
#3: Should /r/HomeLab continue support of the Reddit blackout?
^^I’m ^^a ^^bot, ^^beep ^^boop ^^| ^^Downvote ^^to ^^remove ^^| ^[1](https://www.reddit.com/message/compose/?to=sneakpeekbot) ^^| ^[2](https://np.reddit.com/r/sneakpeekbot/) ^^| ^[3](https://np.reddit.com/r/sneakpeekbot/comments/o8wk1r/blacklist_ix/) ^^| ^[4](https://github.com/ghnr/sneakpeekbot)
So after a lot of thinking I will skip upgrading my LAN to 2.5g and I will wait for 10g be cheaper. However I want to still build OpnSense box , can you please recommend a good dual / quad gigabit intel card? Would this be good (Intel 82575/82576 Controller)?
So after a lot of thinking I will skip upgrading my LAN to 2.5g and I will wait for 10g be cheaperHowever I want to still build OpnSense box , can you please recommend a good dual / quad gigabit intel card? Would this be good (Intel 82575/82576 Controller)?
