I would like you opinion on running Nethserver 7.8 with a Ryzen 3100. At this very moment I am running it on a embedded motherboard with a Celeron J1900 and it is running fine but my operations were quite limited with not too many firewall rules.
The reason I am targeting an upgrade using Ryzen 3100 are :
Vastly outperforms the J1900 processor.
Would be able to handle a lot more load perhaps more than I would typically for a intelligent home with a few servers and 5 PCs.
Really is not an expensive CPU.
Any opinions from anyone running a Nethserver using Ryzen?
I mean… i am pretty sure that it will work with CentOS7, but i don’t know if kernel (currently 3.10.0-1127.19.1 ) can fully take advantage of the different chip/core architecture used by Zen platform and so on.
A little workaround? Virtualize.
I know, seems a bit overkill, but the underlying Hypervisor/OS could be quite newer on Kernel, and it could achieve full performance of the CPU allowing a “translation” to a “virtual CPU” with a bit more performance than real hardware with the old kernel.
In any case, as first thing: update your mainboard bios. Then start to play.
Nethserver will be on a physical machine, running alone. By servers I meant on the network but don’t expect that much traffic except internal traffic. The services run are basic.
Which is why I am also considering using a 3700X which is a 8 cores.
Take into account that right now, Nethserver 7.8 runs on a embedded CPU J1900 which has a very very low rank and it is able to do what I need from it at this very moment which is a firewall, openvpn and dns server. I would be very surprised if CentOS 8.0 would not leverage the Ryzen Architecture given it is the CPU of the hour.
I would do this if I intended to run it on a server along with other VMs, but I want this to be on a separate box and it seems like a huge waste of resources to install something like Proxmox just to run Nethserver on it.
Neth works just fine using Ryzen virtualized in my case. I’d tend to be more worried about your NICs on the board to make sure you get the fullest throughput/supported drivers.
I see you virtualized Nethserver under Xen using a 3600. Is Nethserver the only thing running on that box?
When it comes to NIC cards and driver issues that could still be the case even under a virtualized environment. But now you make me think that if I use something like Proxmox to virtualize Nethserver as my firewall solution, it would be easier to backup and bring to another system without having to worry about the dedicated hardware.
It just occurred to me to ask you this question. On that XEN Hypervisor Server, you only have Nethserver correct? It sounded as if you didn’t passthrough your NICs to your Nethserver but you could do that if you wanted to. But I’m guessing you created your network interfaces that you needed in Xen correct?
I have multiple nic assignments both physical and virtual for my Nethserver installs and you can see how I deploy them here. For my Xen based hypervisors I run everything on them from Windows 10 machines, Pfsense, Nethserver, FreeNas (with very specific conditions) and so forth. As @Andy_Wismer (someone I consider as a local Proxmox guru) would note though, the XCP-NG does not offer any docker like setup.
I’ve been following your discussion on and off for a while.
Yes, a co worker of mine happens to have a nifty AMD Ryzen Notebook.
For the kicks we did a trial installation of Proxmox last week on that notebook. 16 GB RAM is nice too, more could surely be used, but whatever - it runs nicely as Proxmox!
To “improve” performance we used an external USB3 adapter hooked SSD. (Didn’t want to ruin the Win10 Setup for testing). Still, performance was good.
We used a couple of test VMs we had on the NAS, win10, a Neth and OPNsense. All worked performant enough…
Thanks for your input. I have a Ryzen processor myself but it was more for a house application, using a 3100 processor which is 4 cores. Should be plenty of power I think. I may just upgrade my current workstation using a 3700X to a 5600X and just using the 3700X for my Nethserver which, FOR SURE would be overkill. But then Royce is having me consider installing Proxmox on that server and installing Nethserver under it which could be nice since I would benefit from being able to backup my nethserver and if ever I want to use it in another Proxmox environment I could (after making a few changes depending on hardware changes).
Now the question is, should I dedicate a NIC to it via passthrough or just create virtual NICs and have Nethserver use that? Which way would you go?
I’d let Proxmox worry about that. Passthru gets you a Gigabit NIC, wheras if Proxmox handles that for you, you get a 10 Gig NIC (Internally, but hey!).
All 30 of my clients are using Proxmox / NethServer that way, no one has performance issues!
A virtual Win10 gets a 100 Gig NIC - and can use that!
Unless this is a dedicated edge firewall/networking device (and even possibly then) I’d strongly encourage you to virtualize it irregardless of the hypervisor such as KVM, Proxmox, Xen, or ESXI.
Thanks to both of you, I both marked you as solutions for those interested in not just figuring out if a 3100 is enough but more for the virtualization part which I think makes a lot of sense to minimize migration efforts.
@Andy_Wismer Last but not least, a question for you Andy. Unless I’m using ZFS (which I don’t plan too since I will only be using 2 drives in there, one for proxmox and the other for Nethserver), I don’t really need to use ECC ram correct? I think ECC is more of a requirement if you use ZFS correct?
Even then (Using ZFS) It’s only a “strong” suggestion to use ECC RAM. If the price is OK, I endorse it too. But it’s not a must carved in rock!
Better question is does the mother board in use properly implement and support ECC RAM. Most Ryzen processors (not the 2000/3000G on board video processors that I can remember) do support it but motherboard support has been questionable at best. Some vendors say they “support” ECC RAM but do not properly implement it for the error correcting function the ECC ram was built for.
