Building my first home server - atom based router/file server build need advice

[Mothergoose729]

I have been looking to get into networking for a while because I really know very little about it. I have plans to build a atom/linux router to give myself a sort of crash course. Home project sort of thing.

Anyway, here is the parts that i am thinking about getting:

JetWay JATOM-GM1-330-LF Intel Atom 330 (flex ATX with 2 PCI and 1 PCIE):
http://www.newegg.com/Product/Produc...82E16813153144

Intel PWLA8391GT 10/ 100/ 1000Mbps PCI PRO/1000 GT Desktop Adapter
http://www.newegg.com/Product/Produc...82E16833106121

ASUS PCE-N13 IEEE 802.11b/g/n PCI Express Wireless Adapter Up to 300Mbps
http://www.newegg.com/Product/Produc...82E16833320048

D-Link DGS-2205 10/100/1000Mbps 5-Port Green Technology Desktop Switch
http://www.newegg.com/Product/Produc...82E16833127083

Rosewill R379-M Black/ Silver 0.8mm SGCC Steel Slim MicroATX Computer Case with ATX12V Flex 300W Power Supply
http://www.newegg.com/Product/Produc...82E16811147098

I need to use it to network a total of 4 machines (excluding the server, which I want to be the "hub"). One running win7, another kubuntu 9.10, another mac OSX 10.6.2 and another windows XP SP3. In an ideal world I want to be able to use the router to network all the computers together, as well as connect them to the internet both wired and wirelessly, and also configure it to automatically create back-ups for my hard disks on the multiple machines. In addition, I want to dedicated quite some space to creating a cash of all web pages I visit within a given time frame (I am thinking six months).

I have a linksys WRTGL router (the one you can flash the firmware with) and I plan on making it into a switch/ wireless bridge. The router is being used as my main router now, I want to section it off and preferably control bandwidth allocation as it will be the port other people in my house will be using.

The D link wireless switch will be used to manage my own home network I would like to keep sectioned off. I did some research, but I am a complete networking newb. I choose this swtich because it has QoS support, which is important for prioritizing and managing traffic, and jumbo frames, which is suppose to help with speed. The idea is to build a super router here that can handle anything with zero connectivity problems.

The wireless adapter I choose needs to be compatiable with linux and be capable of broadcasting. I am most nervous about this part, information on its compatability with linux on the net seems iffy.

I chose intel networking cards because they are reliable and have onboard cache. I think this is important for allowing higher frame sizes and increasing overall networking stability. Again, I am a newb.

The idea is I want to run a line from my modem into this machine into one of the intel networking cards. I want to run out from the onboard LAN to my router (which I want to flash to tomato or WRT and set as a bridge/switch) and then use the second intel card to run out to the D link swtich, where most of my computers will be connected. Any help on parts, software, guides, or just general suggestions would be great.

 

[Mothergoose729]

bump

 

[imagoon]

I have been looking to get into networking for a while because I really know very little about it. I have plans to build a atom/linux router to give myself a sort of crash course. Home project sort of thing.

Anyway, here is the parts that i am thinking about getting:

JetWay JATOM-GM1-330-LF Intel Atom 330 (flex ATX with 2 PCI and 1 PCIE):
http://www.newegg.com/Product/Produc...82E16813153144

Intel PWLA8391GT 10/ 100/ 1000Mbps PCI PRO/1000 GT Desktop Adapter
http://www.newegg.com/Product/Produc...82E16833106121

ASUS PCE-N13 IEEE 802.11b/g/n PCI Express Wireless Adapter Up to 300Mbps
http://www.newegg.com/Product/Produc...82E16833320048

D-Link DGS-2205 10/100/1000Mbps 5-Port Green Technology Desktop Switch
http://www.newegg.com/Product/Produc...82E16833127083

Rosewill R379-M Black/ Silver 0.8mm SGCC Steel Slim MicroATX Computer Case with ATX12V Flex 300W Power Supply
http://www.newegg.com/Product/Produc...82E16811147098

I need to use it to network a total of 4 machines (excluding the server, which I want to be the "hub"). One running win7, another kubuntu 9.10, another mac OSX 10.6.2 and another windows XP SP3. In an ideal world I want to be able to use the router to network all the computers together, as well as connect them to the internet both wired and wirelessly, and also configure it to automatically create back-ups for my hard disks on the multiple machines. In addition, I want to dedicated quite some space to creating a cash of all web pages I visit within a given time frame (I am thinking six months).

I have a linksys WRTGL router (the one you can flash the firmware with) and I plan on making it into a switch/ wireless bridge. The router is being used as my main router now, I want to section it off and preferably control bandwidth allocation as it will be the port other people in my house will be using.

The D link wireless switch will be used to manage my own home network I would like to keep sectioned off. I did some research, but I am a complete networking newb. I choose this swtich because it has QoS support, which is important for prioritizing and managing traffic, and jumbo frames, which is suppose to help with speed. The idea is to build a super router here that can handle anything with zero connectivity problems.

The wireless adapter I choose needs to be compatiable with linux and be capable of broadcasting. I am most nervous about this part, information on its compatability with linux on the net seems iffy.

I chose intel networking cards because they are reliable and have onboard cache. I think this is important for allowing higher frame sizes and increasing overall networking stability. Again, I am a newb.

The idea is I want to run a line from my modem into this machine into one of the intel networking cards. I want to run out from the onboard LAN to my router (which I want to flash to tomato or WRT and set as a bridge/switch) and then use the second intel card to run out to the D link swtich, where most of my computers will be connected. Any help on parts, software, guides, or just general suggestions would be great.

Well here is my take.

#1 why put the good intel card on the WAN. That seems silly. #2 why put this in the middle of your modem to router connection. There zero reason to do that. Hook the modem to the WRT router and then attach the computer via 1 ethernet port to the internal switch.

I have no idea what you mean by 'stable frame size.' If your thinking about running Jumbo Frames, don't. It won't help you at home. WRT only does QoS from LAN to WAN it does not QoS at the switch ports nor to most of the WRT unit have enough CPU horsepower to QoS at gig speeds. QoS at the internet only works based on what you are sending also, it will not do anything to what the remote side is sending you. A decent switch will be more than able to handle the traffic that home equipment can generate. Your main hang up will be the Atom board. It has close to the same CPU performance as a P3 1-1.2 ghz.

 

[Mothergoose729]

Well here is my take.

#1 why put the good intel card on the WAN. That seems silly. #2 why put this in the middle of your modem to router connection. There zero reason to do that. Hook the modem to the WRT router and then attach the computer via 1 ethernet port to the internal switch.

I have no idea what you mean by 'stable frame size.' If your thinking about running Jumbo Frames, don't. It won't help you at home. WRT only does QoS from LAN to WAN it does not QoS at the switch ports nor to most of the WRT unit have enough CPU horsepower to QoS at gig speeds. QoS at the internet only works based on what you are sending also, it will not do anything to what the remote side is sending you. A decent switch will be more than able to handle the traffic that home equipment can generate. Your main hang up will be the Atom board. It has close to the same CPU performance as a P3 1-1.2 ghz.

i want to build my own autonomous router, I just don't want my WRT to go to waste. I plan on hooking the D link switch up to the atom PC.

So you are saying that jumbo frames and QoS will have zero benefit for me? I do want this server to broadcast a wireless signal. What about the intel cards? Might cheaper ones perform the same? The most important thing is that the PC acts as a functional router and that it is robust enough to squeeze out every drop of performance from my (admittedly modest) home network.

 

[imagoon]

i want to build my own autonomous router, I just don't want my WRT to go to waste. I plan on hooking the D link switch up to the atom PC.

So you are saying that jumbo frames and QoS will have zero benefit for me? I do want this server to broadcast a wireless signal. What about the intel cards? Might cheaper ones perform the same? The most important thing is that the PC acts as a functional router and that it is robust enough to squeeze out every drop of performance from my (admittedly modest) home network.

Jumbo frames would be minimal if anything. You use jumbo frames to a) reduce the cpu load from TCP/IP processing. If your CPU is not maxed then this is not an issue. b) reduce TCP/IP framing overhead. Also minimal unless your network spends most of the day at 100% through put. At home it won't 99.9% of the time. c) You want to pass larger than 1500 byte packets without fragmenting. Unless you have a iSCSI SAN array you won't need that either.

Jumbo frames also will have a tendency to reduce performance through routers if the next network's mtu is smaller, such as your internet connection. Packet fragmentation generally will slow you down or cause the connection to fail.

QoS only effects the side of connection you are on. It does not improve inbound internet. You could use it internally but the WRT most likely does not have the CPU to enforce it well at gig speeds.

So to answer your question: QoS and Jumbo frames: zero to minimal (in rare cases.)

The best performance for home will often picking up a lower end enterprise switches and good dedicated Intel Nics for the PCs. A pc based routers main benefit is extra RAM and CPU for NAT translations with can be important if you use torrents or other high session techs. Also make sure your plant is installed to spec.

 

[Mothergoose729]

Jumbo frames would be minimal if anything. You use jumbo frames to a) reduce the cpu load from TCP/IP processing. If your CPU is not maxed then this is not an issue. b) reduce TCP/IP framing overhead. Also minimal unless your network spends most of the day at 100% through put. At home it won't 99.9% of the time. c) You want to pass larger than 1500 byte packets without fragmenting. Unless you have a iSCSI SAN array you won't need that either.

Jumbo frames also will have a tendency to reduce performance through routers if the next network's mtu is smaller, such as your internet connection. Packet fragmentation generally will slow you down or cause the connection to fail.

QoS only effects the side of connection you are on. It does not improve inbound internet. You could use it internally but the WRT most likely does not have the CPU to enforce it well at gig speeds.

So to answer your question: QoS and Jumbo frames: zero to minimal (in rare cases.)

The best performance for home will often picking up a lower end enterprise switches and good dedicated Intel Nics for the PCs. A pc based routers main benefit is extra RAM and CPU for NAT translations with can be important if you use torrents or other high session techs. Also make sure your plant is installed to spec.

Hmm... ok. What would your recommend as a lower end enterprise switch? I have my heart pretty well set on making my own router, but you mentioned putting intel networking cards in all of my PCs? Please explain.

Also what does it mean when you say "make sure your plant is installed to spec"?

 

[imagoon]

Hmm... ok. What would your recommend as a lower end enterprise switch? I have my heart pretty well set on making my own router, but you mentioned putting intel networking cards in all of my PCs? Please explain.

Also what does it mean when you say "make sure your plant is installed to spec"?

Make sure your plant is installed correctly:

http://forums.anandtech.com/showthread.php?t=2053136

The lower end procurves as managed switches work well, the middle end Dell switches as dumb switches also work well. The better intel cards have larger buffers / cpus / and TCP IP off load engines which tend to improve performance. Again performance gained would be dependent on how hard you are pushing the network.

 

[Mothergoose729]

Make sure your plant is installed correctly:

http://forums.anandtech.com/showthread.php?t=2053136

The lower end procurves as managed switches work well, the middle end Dell switches as dumb switches also work well. The better intel cards have larger buffers / cpus / and TCP IP off load engines which tend to improve performance. Again performance gained would be dependent on how hard you are pushing the network.

You recommend a managed vs and unmanaged switch? I was able to find this:

http://www.newegg.com/Product/Produc...82E16833316090

What advantages would a switch like this have over the one I linked?

Thank you for the link to your thread on cables. Very informative, I love that kind of stuff.

You mentioned in an earlier post that I should not plug this PC based router I plan to build directly to my modem. Why not?

 

[JackMDS]

OP you have to spend time doing some learning.

I have the feeling that in part you put together a system that is based on words that you heard rather than a real understanding of what it means.

For your purpose if you do need a Giga Switch, this is what you need.

5 Ports - http://www.newegg.com/Product/Produc...82E16833156250

Or.

8 Ports - http://www.newegg.com/Product/Produc...82E16833156251

Paying more for a switch would not benefit you at all.

 

[imagoon]

You recommend a managed vs and unmanaged switch? I was able to find this:

http://www.newegg.com/Product/Produc...82E16833316090

What advantages would a switch like this have over the one I linked?

Thank you for the link to your thread on cables. Very informative, I love that kind of stuff.

You mentioned in an earlier post that I should not plug this PC based router I plan to build directly to my modem. Why not?

You mentioned that the router was also going to be a file server. While in theory Linux and even Windows should be able to survive out on the open web, using your router as a file server also tends to leave you with a larger attack vector as extra daemons are running. I also indirectly assume that you will have personal info on the machine, having it directly on the net can be dangerous. While the Linux zealots will tell you that the OS is invincible on the internet, they would be doing you an injustice. I have had to clean up linux machines of infestations also. Most of the time they are running and cluttering up the user space of apache or the FTP daemon, they can sometimes elevate themselves and replace key parts of the OS with themselves.

More expensive switches tend to have more buffers and a faster back plane. However what Jack brings up is also valid. You have to be pushing the limits of home stuff for the enterprise stuff to really matter. It is rare that a single server serving 3-4 machines will ever hit that limit. Enterprise switches will have things like loop detection, vlans, port security etc. Generally managed switches will have more 'umpf' because they are expected to do more work than a dumb switch. All of this is moot however if you don't even stress a $25 home switch.

 

[Mothergoose729]

OP youhave to spend time doing some learning.

I have the feeling that in part you put together a system that is based on words that you heard rather than a real understanding of what it means.

For your purpose if you do need a Giga Switch, this is what you need.

5 Ports - http://www.newegg.com/Product/Produc...82E16833156250

Or.

8 Ports - http://www.newegg.com/Product/Produc...82E16833156251

Paying more for a switch would not benefit you at all.

I won't argue with you there. I really didn't know what I was doing when I built my first PC either. I figured it out in the end

You mentioned that the router was also going to be a file server. While in theory Linux and even Windows should be able to survive out on the open web, using your router as a file server also tends to leave you with a larger attack vector as extra daemons are running. I also indirectly assume that you will have personal info on the machine, having it directly on the net can be dangerous. While the Linux zealots will tell you that the OS is invincible on the internet, they would be doing you an injustice. I have had to clean up linux machines of infestations also. Most of the time they are running and cluttering up the user space of apache or the FTP daemon, they can sometimes elevate themselves and replace key parts of the OS with themselves.

More expensive switches tend to have more buffers and a faster back plane. However what Jack brings up is also valid. You have to be pushing the limits of home stuff for the enterprise stuff to really matter. It is rare that a single server serving 3-4 machines will ever hit that limit. Enterprise switches will have things like loop detection, vlans, port security etc. Generally managed switches will have more 'umpf' because they are expected to do more work than a dumb switch. All of this is moot however if you don't even stress a $25 home switch.

I just want to have the right hardware the first time and do it right. Then I can decide what I want to do with it after that. You mention security as being an issue, somebody else I talked to said it could be another potential point of failure. If I run these extraneous services within virtual machines would my privacy still be intact? Would my data still be vulnerable in this case? BTW you have been a lot of help, I really appreciate it.

 

[imagoon]

I won't argue with you there. I really didn't know what I was doing when I built my first PC either. I figured it out in the end



I just want to have the right hardware the first time and do it right. Then I can decide what I want to do with it after that. You mention security as being an issue, somebody else I talked to said it could be another potential point of failure. If I run these extraneous services within virtual machines would my privacy still be intact? Would my data still be vulnerable in this case? BTW you have been a lot of help, I really appreciate it.

Harder to say. With ESXi you could get creative with the nics and be pretty secure. IE Nic port 1 is bonded to virtual switch 1 that is only attached to 'nic 1' of the router virtual machine. 'Nic 2' of the router VM can feed virtual switch 2 where the file server VM is attached and then attached to physical nic 2. Should be safer as long you make sure the management network ports are inside on vswitch 2. Obviously this is ESXi specific so change the plan based on the virtual software.

As second thought though... not sure how well Atom runs ESXi though.

 

[Mothergoose729]

Harder to say. With ESXi you could get creative with the nics and be pretty secure. IE Nic port 1 is bonded to virtual switch 1 that is only attached to 'nic 1' of the router virtual machine. 'Nic 2' of the router VM can feed virtual switch 2 where the file server VM is attached and then attached to physical nic 2. Should be safer as long you make sure the management network ports are inside on vswitch 2. Obviously this is ESXi specific so change the plan based on the virtual software.

As second thought though... not sure how well Atom runs ESXi though.

Thanks imagoon. I think I need to get the hardware and start messing with stuff, then I can ask more specific and intelligent questions. You have been a lot of help.

 

[Apocalypse23]

Another suggestion and question regarding a home server. Would it be possible to look in to something like this?:

Acer Aspire Easystore H340 Home Server Intel Atom 2GB 1TB GBLAN 4 Bay Hotswap Windows Home Server

http://ncix.com/products/?sku=37196&...nufacture=Acer

or a

Acer Aspire Easystore H340 Home Server Intel Atom N230 2GB 2TB GBLAN Windows Home Server

http://ncix.com/products/?sku=47760&vpn=PG.T170W.022&manufacture=Acer

On a side note: My client is interested in setting one of these up, he wants to install Quickbooks on it for accounting for his business...does anyone think this could work?

 

[James Bond]

Acers new form factors are so pimp

 

[imagoon]

On a side note: My client is interested in setting one of these up, he wants to install Quickbooks on it for accounting for his business...does anyone think this could work?

Depends on how quickbooks is setup. Server / pseudo server / or data share. I have no idea if WHS can run quickbooks in server mode. IT should handle pseudo server fine (but that mode can have issues.) data share should work, however I would be careful with duplication as it might corrupt the database.

 

[Mothergoose729]

I have one last question; how much memory do you think this type of server needs? I am thinking about 1gb? Might there be need for more?

EDIT: Nevermind, after thinking about it long and hard I have decided to convert my dedicated linux machine to the task. It has 2gb of memory and a dual core processor, it doesn't make sense for me to buy and build yet another computer.

 

[n0cmonkey]

I just want to have the right hardware the first time and do it right. Then I can decide what I want to do with it after that. You mention security as being an issue, somebody else I talked to said it could be another potential point of failure. If I run these extraneous services within virtual machines would my privacy still be intact? Would my data still be vulnerable in this case? BTW you have been a lot of help, I really appreciate it.

Virtualization does not help security. It's another attack vector.

 

[JackMDS]

Depends on how quickbooks is setup. Server / pseudo server / or data share. I have no idea if WHS can run quickbooks in server mode. IT should handle pseudo server fine (but that mode can have issues.) data share should work, however I would be careful with duplication as it might corrupt the database.

Some new Quickbooks stuff for WHS was released few weeks ago.

1GB might be good, to be safe I would put 2GB.

 

[imagoon]

Virtualization does not help security. It's another attack vector.

It helps security if you use it properly. Something like ESX can be made 'more secure' in the sense that if an exploit exists in the VM systems you can patch it, which is not always an option for the hardware. As long as you do not do something stupid like putting the service console out on the internet the attack vector risk is minimal at best. Any time you add more software you do tend to open the door just a little bit more but it is no different that the various hardware exploits out there like using baseboard management to alter memory etc. From the advisories I get, most have been DoS attacks against the hypervisors.

Note I only really follow VmWare ESX as that is what I use here.

 

[n0cmonkey]

It helps security if you use it properly. Something like ESX can be made 'more secure' in the sense that if an exploit exists in the VM systems you can patch it, which is not always an option for the hardware. As long as you do not do something stupid like putting the service console out on the internet the attack vector risk is minimal at best. Any time you add more software you do tend to open the door just a little bit more but it is no different that the various hardware exploits out there like using baseboard management to alter memory etc. From the advisories I get, most have been DoS attacks against the hypervisors.

Note I only really follow VmWare ESX as that is what I use here.

There have been a few VM escape exploits out there. VMs are so complex that there is inevitably going to be a lot of security issues with them (and stability issues, too many of the VM options are too broken to run OpenBSD well).
Hardware's the same way. The more complex it is the more likely for there to be security issues. Too many bad driver and firmware writers, and too much secret sauce.
Why wouldn't you be able to patch a bare metal hardware system when you can patch the same system in VM?

EDIT: (I haven't looked for a while, so my info is old) There hasn't been a good way to monitor intra-vm traffic either.

 

[imagoon]

There have been a few VM escape exploits out there. VMs are so complex that there is inevitably going to be a lot of security issues with them (and stability issues, too many of the VM options are too broken to run OpenBSD well).
Hardware's the same way. The more complex it is the more likely for there to be security issues. Too many bad driver and firmware writers, and too much secret sauce.
Why wouldn't you be able to patch a bare metal hardware system when you can patch the same system in VM?

EDIT: (I haven't looked for a while, so my info is old) There hasn't been a good way to monitor intra-vm traffic either.

Old hardware no longer being firmware updated etc. ESX(i) vSwitches be monitored extensively but it is provided by 3rd parties. They made the vSwitch a module. You can now load a 'cisco switch' etc in to there and get all the support a normal cisco catalyst would have etc. I think HP makes one also.

 

[n0cmonkey]

Old hardware no longer being firmware updated etc.

Toss it.

ESX(i) vSwitches be monitored extensively but it is provided by 3rd parties. They made the vSwitch a module. You can now load a 'cisco switch' etc in to there and get all the support a normal cisco catalyst would have etc. I think HP makes one also.

Ahh, I'll have to look for it. Might be interesting to play with.

 

[imagoon]

Toss it.

Those of us in the real world don't always have that option.

 

[n0cmonkey]

Those of us in the real world don't always have that option.

Come live with me in my fairy tale world of rainbows and unicorns!

No, seriously, if the manufacturer doesn't think it's worth putting out updates for, and it has serious security problems, toss it. It isn't worth the time or effort.

And in case you meant "it isn't an option because we have to recycle computer parts," that's what I meant.

And I am a bit confused as to how running a pseudo OS (hypervisor) on broken hardware is going to be any better than running a full OS. It's still broken hardware.