Our BIG network upgrade! - OPNsense DEC4280

today today is a very special day for

today we have a brown box on short

circuit you know what that means that

means networking and this is a fun one

this is the oh God I don't know how to

say it deio deiso I'm going to go with

deiso for the rest of this video but

this is a router and a pretty cool one

because it's designed to run open source

firmware in particular you can see it

right there open sense or OPN sense

however you want to say it which is a

fork of pfSense and I much prefer it

over pfSense for a number of reasons but

the main thing is this device is made by

the company that manages the open sense

open source router

project it's pretty big I mean right off

the bat we've got a getting started

sheet of paper what does it tell you to

do pre-installs with open sense Business

Edition that is the commercial paid

version that gives you a few extra

things we'll talk about that a bit later

and then we've got the power cables

standard C13 to c14 because this is

meant to go in a rack I guess and pdus

usually don't have normal plugs oh they

do give you the normal power cables and

then just a USB mini very simple

packaging there's not a whole lot in

here this is the DC 4280 from deio what

did I say I was going to call it de deio

I don't know in terms of ports we've got

four sfp28 25 gig ports four SFP plus 10

GB ports and four RJ45 base 2.5 gig

ports there's a USB over here we've got

a console port for serial connection two

power indicators for the power supplies

and I think that this is a reset button

probably and then all that's left I

guess is this Grill airf flow it's 3D

printed though that's super cool what's

around back dual redundant power

supplies I mean I guess they probably

are serviceable from inside but they're

not hot swap they do have individual

power buttons and there are two of them

which is nice we've got a grounding

screw and then fans a big part of the

design of this thing according to their

website is that they spent a bunch of

time modeling the air flow and cooling

so that this could use the least amount

of energy possible on cooling not being

wasteful and also cooling it well

because there's a fair bit of Hardware

in here I guess we should just open it

up right hopefully I don't break it cuz

I would like to try it later I was like

I'm going to be smart and bring the no

to a screwdriver LT store.com that has

torque spits I didn't check if they were

the right torque spits the only CPU

information they list is epic 3000 CPU

the fastest epic 3000 CPU available for

the most demanding Network loads on this

specific one so it's a 16 core dual die

chip also inside is 64 GB of ddr4 memory

which we are going to see in like

actually seconds and a 1 TB mvme SSD

which is a fair bit of storage um for a

router warranty void if seal broken come

on guys what is this that's a load of

these are apparently development units

so um it could be ever so slightly

different from the production Hardware

but from my understanding I believe they

did do some 3D printed stuff for this

which I think is what these are that's

cool wow this is very like clean I want

to take the front off too cuz I can't

really see everything oh God oh God

there's different sizes of screws now

two different types of screws is not

that bad I mean there's the same

threading these are just shorties

beautiful hey there we go damn that's

pretty we got the power supplies over

here as I suspected they are internal

they are not hot swap per se but they do

appear to be easily swap there's these

big chunky connectors that run from each

power supply to the board they do have

little screws connecting them but you

just disconnect those screws I imagine

and it will just come out let's find out

hey there we go yeah okay so those are

pretty easy to swap 12 Vol 16.7 amps so

that works out to like what 180 Watts or

something like that 200 watts each okay

cool I see what they mean about like

optimized cooling hey they made their

own 3D print things why what is this do

you see this this is so strange why does

it have that shape does this like reduce

turbulence or something I know like on

their product page they have a photo of

the airflow simulation like the fluid

dynamics and it looks very smooth cool I

guess they're 93% efficient power

supplies what else we got is there

anything about the cooling in here aside

from just this sick photo it's a 42 DBA

it's pretty quiet it's not like dead

silent but if you were in an office

space with some people talking you you

definitely wouldn't be able to hear it

or if it's in a closet you're not going

to have any issues there how do these

come in what the heck oh ouchie that

didn't feel very nice these bits just

butt up against the motherboard and then

there's nubbins that stick into the fan

holes so this is just like friction

vibing here cool simple I like that you

don't need screwdriver to take that

apart but also it was a little finicky

to get in and out we got Ram here what's

the ram transcend 16 GB unbuffered 3200

megat transfers per second put that back

in and then what's the SSD also

transcend it's a 1 TB is it like decent

I don't know I'm sure it's fine there is

two slots though you could put a second

one in there and then like raid them

that's cool I think when you install

open sense there is an option to boot it

from ZFS cool yeah I would slap another

SSD in here although now that I'm

thinking about it this is a very

expensive device there probably should

just be two ssds in here or at least

give you the option to order it with two

there's a slot there seems like an

opportunity to make some money

I don't know we've got absolute chungus

heat sinks over here oh hey look we can

see the inside of

the the duct it's a less Advanced shape

than I was thinking oh look and then the

fans you want to swap the fan oh just

slides out of there I would like to see

the CPU let's see the CPU these screws

on this heat sink don't have Springs

it's just hard mounted those are nonfer

screws okay great use Ferris screws they

have magnetic capabilities meaning you

can pick them up when you drop them

hey look at that that's a CPU it's

definitely like a an embedded one it's

not socketed I don't think we're going

to get any information by scraping off

the goop but that's what it looks like

do I scrape off the goop I might scrape

off the goop look at that just says AMD

epic you bastards it's an epic embedded

3451 max turbo frequency of 3 GHz

wonderful now I need to make it have

goop again no there's lots of goop on

here I'd rather just like reuse their

existing goop I wouldn't recommend this

usually but this is like a brand new

device so it's probably fine but also

don't do this let's put this back

on there we go okay that's how you do

that in case you were

wondering okay how do I get this one

out probably have to take the

motherboard out for

that yeah there we go okay

cool what is this this is an EZ e 810 C1

that makes sense the A10 this is an

Intel uh Nick it's a network card for

what though all right right this is the

100 Gig network card just in chip form

this Powers the 4 25 gig ports the 10

gig ports run off of the S so to my

understanding along with these RJ45

ports but they needed a little more

horsepower to run this 100 Gig and

they're using an Intel 810 I found

something that would be perfect for this

um obviously our thermals just in

general now are completely

invalid but I've got some of the honey

well PTM 7950 phase change thermal pads

that we actually sell in LTT store now

uh this stuff is super cool you put it

on and it's like a solid and then once

it heats up it turns into a goo and kind

of fills all the crevices but this stuff

is like damn near indestructible I think

it can handle like 150° C for 1,000

hours or something crazy like that which

is perfect for this application because

I know that this thermal paste pad goop

stuff is not going to have any problems

down the road okay it's on there honey

well on

there there we go

okay Pro tip don't take that

off other than that we got power

distribution on the back that's a Nick

so RAM storage power supply hookups lots

of ports let's put this thing back

together turn it on and uh route some

packets

very quickly hopefully but not before

this message from our sponsor pulseway

managing your it system shouldn't be

difficult and our sponsor pulseway makes

performing important actions on your

system simpler while having complete

visibility into your network from

anywhere all you need is pulseway on

your phone and you can monitor manage

and troubleshoot your workstations it

works on any operating system so take

control of your servers and it systems

with pulseway today by trying out a

commitment free trial at the link down

below okay I think it's back together I

hope seemingly I don't have any more

part oh damn

it I know how it gets airf flow now I

wasn't really looking but these are

exhaust fans which means it's going to

pull in air all along the front

here all around all those ports and then

it just happens to get sucked through in

a few particular places now if you're

wondering why I have this thing I'm not

just doing a short circuit on this

because it's cool I'm I'm also doing it

because of that um it's because we're

going to be using these as our routers

for the office and I say routers because

we have two of them let's turn it on

very curious to see how loud this thing

is hopefully we didn't modify that in

anyway that's super not that loud and

there's actually quite a bit of air flow

coming through this considering the

noise level let's hook it up okay so

ports zero is assigned to land

address oh good there is actually a port

labeled zero okay and Port one is

assigned to W and uses DHCP to obtain an

IP address so we will plug in that this

is our incoming internet connection into

Wan which means this box should now have

internet and then we need something to

plug into zero we've made some changes

we now have two computers on the table

this is my test bench it's an epic 70

402p with a connectx 6 card dual 25 gig

and then we have a mini form ms01 which

is a 13900 H kind of laptop based little

mini computer which has the same network

card in it as well we're going to be

using this one as like a server and this

one as like a client so we can run just

just a basic speed test through this box

just to see what it can do cuz

supposedly this thing can firewall at 60

gbit which is quite a bit it can also do

threat protection at 7.5 GB which is

pretty cool like IPS IDs with presumably

surcot I just want to be able to test if

we can do like 50 gig between the two I

don't have a way to really like easily

plug in 60 gig per client into each of

these and like combine those at least in

a a way that will be quick for me to on

set so it's just going to be 50 gig but

realistically that's still a lot to be

frank so let's try it now that I'm

thinking about it this mini form right

here I think is 600 bucks us maybe and

this network card you can get used for

like a 100 bucks it has half as many

ports you only have 2 25 gigs and 2 10

gigs but pretty cost effective option

considering the cost of this obviously

few downsides there but eh okay so this

should have DHCP server on it by default

hey there we go let's go through the

wizard host name thicky domain name damn

we'll use Google DNS it's a pretty basic

Setup Wizard it's enough to get you with

a DHCP range and your when connected but

it's not really going to go beyond that

um especially for what we're going to

try to do with bonding a bunch of

connections this is uh it's pretty basic

this is what open sense looks like if

you're familiar with PF sense it's

basically the same interface a lot of

the menus are the same but you just take

the menus from the top bar and bloop

onto the side I personally think it's a

little easier to get around and I just

like the fact that it's more up to dat

but I could spend literally like 3 hours

going through every single menu so I'm

not going to do that I'll show you a

couple quick ones we've got the

dashboard here uh in firewall we can see

our firewall rules I've created a couple

networks already for the test we're

going to do in a little bit so ignore

that we've got inter spes you can list

them all and set assignments you can

create vlans and Aggregates and connect

to VPN like open PPN or IP SEC you can

control your DHCP server here this is

what the settings for DHCP server look

like if you've used open sense or

pfSense before these will look very

familiar to you we're currently using

Unbound DNS and that's what this looks

like so if you're more interested in the

ins and outs of open sense as a firewall

and routing software there's lots of

other videos we'll link to down below

that are cool that give you a good

overview of it but broadly it's a fast

secure open source self hostable routing

firewall software it should be running

open sense Business Edition by default

uh you can just switch it over to the

non-b bus edition if you want but it

does come with a one-year license for

free with it and then after that it's

€149 you get access to a integrated goip

database which you can already kind of

get for free but it's just easier you

get a virtualization image of it which

is again just kind of easier uh open

Central that could be useful for you if

you have a bunch of these or even just

two it's like a centralized monitoring

setup so you can have multiple of them

exposed in kind of one One dashboard and

other than that it's basically uh a an

ebook that tells you how to use it

better and a 20% discount if you want

support but the other thing is you're

just kind of supporting an open source

project which is cool on its own we've

been running the business Edition for

like over a year now and not to say that

we had any issues with the normal

version the Community Edition um but it

is nice to just kind of have a little

bit more peace of mind when you're

updating it knowing that it should just

be fine we have everybody's favorite

Flex Optics Universal direct attach

cables these things are awesome they

come unprogrammed or you can order them

programmed if you want you have to pay a

little bit of a fee but the basic thing

is you can program this cable to be

recognized as any number of other vendor

cables I could

program this side to be Cisco and this

side to be Dell and this side to be

melanox whatever you want to do so that

when I plug this Cable in it thinks it's

a melanox cable and this side well we're

plugging into an Intel mix so I'll tell

it that it's an Intel cable and both

devices think that they're using

supported cables they should just work

it's very nice you can run into

situations where if you have like let's

say a Dell switch and you're having

problems and you contact support they're

going to see oh that's not a Dell cable

sorry we we're not going to support that

this way they don't know not that I'm

endorsing line to your support reps but

it's a it's a consideration so let's

program some uh they put little stickers

on here so you can tell which side is

which if you program them differently if

you plug a fiber transceiver into the

flex box it'll actually tell you the

light levels so you can also use it as

like a uh a light meter if you're having

problems with your fiber you think

you're not getting enough gain you just

plug it in to whatever transceiver

you're using and it'll tell you exactly

we've got everything cabled up with two

of our 20 5 gig Flex optics cables to

each computer our minis for them and my

test bench I've installed proxmox 8.1 on

both of them and set up a container each

with its own network so we've got really

four networks one per cable here then I

installed I perf and started running it

so now in theory I see blinking lights

there is traffic on all four Nicks so if

we go to our dashboard Here There You Go

25 gig in on each interface 25 gig out

that's total 50 gigabit that's uh that's

a fair bit of traffic I mean considering

we're at

209% CPU usage mind you this is with an

MTU of 9,000 I suspect if we went to a

normal MTU uh which is like the max

packet size you would probably have

quite a bit more CPU usage uh it is

going through the firewall it is passing

rules we're technically passing traffic

kind of like inter VLAN routing but

really it's inter Network routing inter

subnet routing because each of these is

its own subnet SL Network um the traffic

has to get pasted look at all those

packets they're routing to places I mean

in terms of the rest of it clearly it's

it's quite fast um it's not getting any

louder I think my test bench is louder

the knct to a fans on there I I don't I

don't notice any sort of ramp up if we

go to temperatures says it's vibing at

like 50° C that's not bad remember we

did take the heat sink off so those

numbers mean pretty much nothing yeah

it's a router it rips the hardware is

pretty cool I like that it's built by a

company that makes cool software I do

wish it had two ssds though I guess I

haven't said the price yet uh it's

€6,000 which

isoo that's a lot of

money when you compare to other

offerings like if you were to buy a

fortigate for instance that can do

similar throughput you know it it's not

out to lunch but it is it's a fair bit

of money especially considering this

minis Forum right here if you're to buy

that with 32 gigs of RAM and a 1

terabyte SSD it's

$830 plus you buy like a dual Port 25

gig Nick or you could do 100 Gig Nick

and split that into 425 gigs like this

box has um you know you're looking at

1,000 maybe

$1,200 it's a hefty premium to pay I

don't know that I would buy a product

like this for me it's always been very

much a DIY approach but it's still very

cool cool and it's awesome to see a

company that we like that makes good

software make some cool Hardware