Editing Introduction to a Self Managed Life: a 13 hour & 28 minute presentation by FUTO software (section)

== Choosing the Right Hardware ==

<span id="why-an-intel-nuc"></span>
=== Why an Intel NUC? ===

When searching for hardware to build a '''pfSense''' router, you’ll often come across a variety of mini PCs on platforms like Amazon. However, there are several issues with these options:

# '''Inconsistent Quality:''' You’ll find reputable brands like Mikrotik listed alongside unknown generic random stuff. I trust Mikrotik - I don’t trust random junk. Amazon allows random junk from unverified, untrusted vendors to show up routinely at the top of the search results.
# '''Unreliable Reviews:''' Amazon’s review system has known issues:
#* Reviews from [https://www.youtube.com/watch?v=qZCMislL6_I&list=PLkVbIsAWN2ls4fzQbP9fdW66tjcIs4JNQ&index=5&pp=gAQBiAQB unrelated products (e.g., digital picture frames) applied to air conditioners].
#* Vendors [https://www.youtube.com/watch?v=eS698R-bxuc&list=PLkVbIsAWN2ls4fzQbP9fdW66tjcIs4JNQ&index=4&pp=gAQBiAQB bribing customers for positive reviews] without consequences.
#* Potentially fake or misleading reviews.
# '''Safety Concerns:''' Amazon has a history of selling mislabeled or dangerous products, including:
#* [https://www.youtube.com/watch?v=B90_SNNbcoU&list=PLkVbIsAWN2ls4fzQbP9fdW66tjcIs4JNQ&index=2&pp=gAQBiAQB Incorrectly rated electrical fuses].
#* [https://www.youtube.com/watch?v=y83BS_mK9GE&list=PLkVbIsAWN2ls4fzQbP9fdW66tjcIs4JNQ&index=1&pp=gAQBiAQB Faulty electrical crimps].
#* Litter boxes that [https://www.dailydot.com/news/cat-stuck-in-automatic-litter-box/ kill cats].

…and the list goes on. This guide is going to be 600+ pages when done; do you want to do all of this work only to have the primary component be a piece of junk from a website that sells cat guillotines? No.

<span id="the-better-alternative-repurpose-an-old-desktop-pc"></span>
=== The Better Alternative: Repurpose an Old Desktop PC ===

Instead of risking your project with unknown mini PCs, consider using an old desktop computer:

# '''Reliability:''' A 10-12 year old desktop is likely more reliable than no-name mini PCs.
# '''Choice of Network Card:''' Desktop PCs offer PCI Express slots for additional network cards, so YOU can choose the network interface card for your setup. You often do not know what chipsets are used in the no-name-mini-PCs. '''pfSense''' &amp; other FreeBSD-based routers are sensitive to poor-quality chipsets.
# '''Cost-Effective:''' You can re-purpose an old desktop you already have &amp; save money on purchasing new hardware.

<span id="choosing-the-right-network-interface-cards-nics"></span>

=== Choosing the Right Network Interface Cards (NICs) ===

<gallery mode="packed-hover" heights=250 widths=400 perrow=2>
File:lu55028jxaty_tmp_12bd653b.png
File:lu55028jxaty_tmp_a186c0a7.png
File:lu55028jxaty_tmp_a7b91798.png
</gallery>

To transform your old desktop into a capable router:

# '''Add Quality NICs:''' Install high-quality network cards, preferably Intel-based.
# '''pfSense Compatibility:''' Check the '''pfSense''' forums for compatible chipsets and cards.
# '''Examples of Good NICs:'''
#* Intel X540.
#* Intel 350.

<span id="caution-when-purchasing-nics"></span>
=== Caution When Purchasing NICs ===

# '''Avoid Realtek at all costs:''' Read '''pfSense''' and FreeBSD forums to learn about the issues from people who use Realtek network interface cards. Sometimes you’ll get something working, but often you will get headaches and nightmares that are not worth the cost savings. Realtek network cards are best avoided in pfSense &amp; similar setups due to known issues with poor performance &amp; compatibility. Intel network interface cards are preferable for reliability &amp; better support in open-source projects like pfSense.

<blockquote>'''Note of Appreciation''': pfSense developers have created drivers for network interface chipsets like the 225 ([https://github.com/freebsd/freebsd-src/commit/517904de5ccac643589c71ac0d2751797f89e4f9 citation 1], [https://github.com/pfsense/FreeBSD-src/commit/9ffb4c0adab4853ab752ecda6a5ff59ea943af4e citation 2]) that didn’t exist before. Intel network interface cards are known to have better performance &amp; reliability in FreeBSD systems than Realtek chipsets. The ecosystem of open source firewalls are invested in providing support for these chipsets, providing solutions when the manufacturer doesn’t.

This is an excellent argument in favor of [https://www.reddit.com/r/PFSENSE/comments/uuigfy/is_the_intel_i225v_nic_ok/ paying money for open source software]. The igc driver for the i225 Intel network chip was made available to everyone! Commercial users, non-paying users of pfSense, and other FreeBSD based routers/firewalls all benefit from people paying for open source software. Top notch programmers wrote these drivers because they were able to pay their rent &amp; bills doing so.

When you pay for open source software, you are sending a message that it makes sense for top notch programmers to spend money developing open source code that doesn’t abuse you rather than going to work for facebook.
</blockquote>
<ol start="2" style="list-style-type: decimal;">
<li>'''Buy from Reputable Vendors:''' Avoid counterfeit products by purchasing from trusted sellers. There are many counterfeit cards out there.</li></ol>

<gallery mode="packed-hover" heights=250 widths=400 perrow=2>
File:lu55028jxaty_tmp_42645421.png
File:lu55028jxaty_tmp_3d7f0c6c.png
</gallery>

<ol start="3" style="list-style-type: decimal;">
<li>'''Vendors don’t know the difference:''' Many vendors selling knockoff cards do not even know they are doing it. Wholesale liquidators operate with low profit margins while selling a wide variety of equipment and lack the time and expertise to vet all of what they sell. As a result, many vendors sell counterfeit and fake Intel network cards.</li></ol>

* '''Recommended:''' ''The Art of Server'' on eBay ([https://www.ebay.com/str/theartofserver link])
* '''Example product:''' Intel X540 ([https://www.ebay.com/itm/166585171595 link])

'''Verify Compatibility:''' Make sure the card fits your PC’s available slots.

* Be wary of non-standard form factors or connectors.

'''HINT:''' Buying cards that are branded from server re-sellers is a good way to avoid fakes. For instance

<span id="dont-buy-digiorno"></span>

=== Don’t buy Digiorno ===

<gallery mode="packed-hover" heights=250 widths=400 perrow=2>
File:lu55028jxaty_tmp_19879e61.png
File:lu55028jxaty_tmp_be9591e5.png
File:lu55028jxaty_tmp_cb6dfb59.png
</gallery>

Buying used network cards, and used hardware, is ok. Actually, it’s encouraged; it’s a great way to buy better hardware than you’d otherwise be able to afford, and it avoids senseless waste. However, be careful to not buy Digiorno. There are amazing deals to be found in the used server world, but it is also a jungle ready to eat you alive if you’re naive enough to believe those crazy folks have any respect for the civilized world of standardized connectors.

'''Good vendors will be able to tell you the difference between normal hardware and Digiorno. If they do not know the difference, YOU DO NOT WANT TO BUY FROM THEM!'''

Building a DIY '''pfSense''' router with an old desktop PC and quality Intel NICs is likely to provide a more reliable and expandable solution than generic mini PCs. With a random mini PC, if you get a bad network interface card, you’re out of luck. With your old desktop PC, you can choose the network interface card. Want 2.5GbE? Get another card. Want 10 Gbps? Get another card. Want fiber? Get another card. Have a card with the wrong chipset? Swap in another card.

We are going down a 10+ hour rabbit hole of hell setting up all sorts of confusing, crazy GNU/Linux software. Even a 1% increase in the likelihood of this being more difficult as a result of random garbage Amazon hardware isn’t worth it to me for $100-$200 in savings.

I chose an Intel NUC because it has two quality NICs, and I was able to find one affordably. You do not have to buy the computer I bought to use as a router: this is your journey!

'''Note:''' There is no one “right” way to do this. As long as you use a stable, quality computer with GOOD network interface cards that the '''pfSense''' &amp; <code>FreeBSD</code> community approve of, you are set!

<gallery mode="packed-hover" heights=250 widths=400 perrow=2>
File:lu55028jxaty_tmp_62a48d1.png
File:lu55028jxaty_tmp_3759a8d9.png
File:lu55028jxaty_tmp_ac097d76.png
File:lu55028jxaty_tmp_1ae997fd.png
</gallery>

<span id="step-1-downloading-pfsense-and-preparing-a-bootable-usb-drive"></span>