{"video_id":"QvtIVuG0-XQ","title":"Our BIG network upgrade! - OPNsense DEC4280","channel":"ShortCircuit","show":"ShortCircuit","published_at":"2024-05-04T14:58:16Z","duration_s":1083,"segments":[{"start_s":0.0,"end_s":5.2,"text":"Today today is a very special day for today. We have a brown box on ShortCircuit","speaker":null,"is_sponsor":0},{"start_s":5.2,"end_s":10.44,"text":"You know what that means that means networking and this is a fun one. This is the oh god","speaker":null,"is_sponsor":0},{"start_s":10.44,"end_s":13.6,"text":"I don't know how to say it decisio deciso I'm gonna go with this","speaker":null,"is_sponsor":0},{"start_s":13.6,"end_s":21.52,"text":"Deciso for the rest of this video But this is a router and a pretty cool one because it's designed to run open source firmer in particular","speaker":null,"is_sponsor":0},{"start_s":21.52,"end_s":29.2,"text":"You can see it right there open sense or opn sense However, you want to say it which is a fork of pf sense and I much prefer it over pf sense for a number of reasons","speaker":null,"is_sponsor":0},{"start_s":29.2,"end_s":36.08,"text":"But the main thing is that this device is made by the company that manages the open sense open source router project","speaker":null,"is_sponsor":0},{"start_s":36.88,"end_s":41.88,"text":"It's pretty big. I mean right off the bat. We've got a getting started sheet of paper","speaker":null,"is_sponsor":0},{"start_s":41.88,"end_s":48.28,"text":"What does it tell you to do pre-installed the open sense business edition? That is the commercial paid version that gives you a few extra things","speaker":null,"is_sponsor":0},{"start_s":48.28,"end_s":53.4,"text":"We'll talk about that a bit later and then we've got the power cables standard C 13 to C 14 because this is meant to go in a","speaker":null,"is_sponsor":0},{"start_s":53.8,"end_s":57.88,"text":"Rack I guess and PDU's usually don't have normal plugs","speaker":null,"is_sponsor":0},{"start_s":57.88,"end_s":64.6,"text":"Oh, they do give you the normal power cables and then just a USB mini be very simple packaging. There's not a whole lot in here","speaker":null,"is_sponsor":0},{"start_s":66.8,"end_s":69.56,"text":"This is the DC 4280 from","speaker":null,"is_sponsor":0},{"start_s":70.12,"end_s":74.96,"text":"Decisio, what did I say? I was gonna call it deck deck IO. I don't know in terms of ports","speaker":null,"is_sponsor":0},{"start_s":74.96,"end_s":81.24,"text":"We've got four SFP 28 25 gig ports for SFP plus 10 gigabit ports and for","speaker":null,"is_sponsor":0},{"start_s":81.56,"end_s":85.68,"text":"RJ 45 base 2.5 gig ports. There's a USB over here","speaker":null,"is_sponsor":0},{"start_s":85.68,"end_s":90.24,"text":"We've got a console port for serial connection to power indicators for the power supplies","speaker":null,"is_sponsor":0},{"start_s":90.24,"end_s":97.6,"text":"And I think this is a reset button probably and then all that's left. I guess is this grill airflow. It's 3d printed though","speaker":null,"is_sponsor":0},{"start_s":97.6,"end_s":101.24,"text":"That's super cool. What's around back dual redundant power supplies?","speaker":null,"is_sponsor":0},{"start_s":101.24,"end_s":104.6,"text":"I mean, I guess they probably are serviceable from inside, but they're not hot swap","speaker":null,"is_sponsor":0},{"start_s":104.64,"end_s":113.44,"text":"They do have individual power buttons and there are two of them, which is nice We've got a grounding screw and then fans a big part of the design of this thing according to their website","speaker":null,"is_sponsor":0},{"start_s":113.44,"end_s":119.68,"text":"Is that they spent a bunch of time modeling the airflow and cooling so that this could use the least amount of","speaker":null,"is_sponsor":0},{"start_s":120.12,"end_s":127.04,"text":"Energy possible on cooling not being wasteful and also cooling it well because there's a fair bit of hardware in here","speaker":null,"is_sponsor":0},{"start_s":127.04,"end_s":131.04,"text":"I guess we should just open it up, right? Hopefully I don't break it because I would like to try it later","speaker":null,"is_sponsor":0},{"start_s":131.04,"end_s":134.76,"text":"I was like, I'm gonna be smart and bring the knock to a screwdriver","speaker":null,"is_sponsor":0},{"start_s":135.4,"end_s":139.88,"text":"LTTstore.com that has Torx bits. I didn't check if they were the right Torx bits","speaker":null,"is_sponsor":1},{"start_s":140.04,"end_s":148.12,"text":"The only CPU information they list is epic 3000 CPU the fastest epic 3000 CPU available for the most demanding network loads on","speaker":null,"is_sponsor":1},{"start_s":148.44,"end_s":154.72,"text":"This specific one, so it's a 16 core dual die chip also inside is 64 gigabytes of DDR4 memory","speaker":null,"is_sponsor":0},{"start_s":154.72,"end_s":161.48,"text":"Which we are going to see in like actually seconds and a 1 terabyte NVMe SSD, which is a fair bit of storage","speaker":null,"is_sponsor":0},{"start_s":161.68,"end_s":168.04,"text":"For a router warranty void if seal broken. Come on guys. What is this?","speaker":null,"is_sponsor":0},{"start_s":168.84,"end_s":172.28,"text":"That's a lot of these are apparently development units, so","speaker":null,"is_sponsor":0},{"start_s":173.6,"end_s":178.04,"text":"It could be ever so slightly different from the production hardware, but from my understanding","speaker":null,"is_sponsor":0},{"start_s":178.04,"end_s":184.54,"text":"I believe they did do some 3d printed stuff for this which I think is what these are. That's cool","speaker":null,"is_sponsor":0},{"start_s":184.56,"end_s":190.44,"text":"Wow, this is very like Clean I want to take the front off too because I can't really see everything. Oh god","speaker":null,"is_sponsor":0},{"start_s":190.44,"end_s":194.84,"text":"Oh god, there's different sizes and screws now two different types of screws is not that bad","speaker":null,"is_sponsor":0},{"start_s":194.84,"end_s":197.24,"text":"I mean, they're the same threading. These are just shorties","speaker":null,"is_sponsor":0},{"start_s":198.64,"end_s":205.32,"text":"Hey, there we go. Damn. That's pretty. We got the power supplies over here as I suspected they are internal","speaker":null,"is_sponsor":0},{"start_s":205.32,"end_s":209.52,"text":"They are not hot swap per se, but they do appear to be easily swap","speaker":null,"is_sponsor":0},{"start_s":209.96,"end_s":214.0,"text":"There's these big chunky connectors that run from each power supply to the board","speaker":null,"is_sponsor":0},{"start_s":214.08,"end_s":220.08,"text":"They do have little screws connecting them, but you just disconnect those screws. I imagine and it will just come out","speaker":null,"is_sponsor":0},{"start_s":220.36,"end_s":224.04,"text":"Let's find out. Hey, there we go. Yeah, okay, so those are pretty easy to swap","speaker":null,"is_sponsor":0},{"start_s":224.56,"end_s":229.56,"text":"12 volts sixteen point seven amps. So that works out to like what a hundred and eighty watts or something like that","speaker":null,"is_sponsor":0},{"start_s":229.8,"end_s":236.24,"text":"200 watts each Okay, cool. I see what they mean about like optimized cooling. Hey, they made their own","speaker":null,"is_sponsor":0},{"start_s":237.0,"end_s":243.4,"text":"3d print things. Why what is this? Do you see this? This is so strange. Why does it have that shape?","speaker":null,"is_sponsor":0},{"start_s":243.4,"end_s":247.96,"text":"Does this like reduce turbulence or something? I know it like on their product page","speaker":null,"is_sponsor":0},{"start_s":247.96,"end_s":253.16,"text":"They have a photo of the airflow simulation like the fluid dynamics and it looks very","speaker":null,"is_sponsor":0},{"start_s":254.28,"end_s":259.8,"text":"smooth Cool, I guess they're 93% efficient power supplies. What else we got?","speaker":null,"is_sponsor":0},{"start_s":259.8,"end_s":265.16,"text":"Is there anything about the cooling in here aside from just this the sick photo? It's a 42 dba. It's pretty quiet","speaker":null,"is_sponsor":0},{"start_s":265.44,"end_s":272.64,"text":"It's not like dead silent But if you were in an office space with some people talking you you definitely wouldn't be able to hear it","speaker":null,"is_sponsor":0},{"start_s":272.64,"end_s":276.88,"text":"Or if it's in a closet, you're not gonna have any issues there. How do these come in?","speaker":null,"is_sponsor":0},{"start_s":279.08,"end_s":285.08,"text":"Oh ouchie that didn't feel very nice these bits just butt up against the motherboard and then there's nubbins","speaker":null,"is_sponsor":0},{"start_s":285.16,"end_s":289.92,"text":"Let's stick into the fan holes. So this is just like friction vibing here cool simple","speaker":null,"is_sponsor":0},{"start_s":289.92,"end_s":292.4,"text":"I like that you don't need screwdriver to take that apart","speaker":null,"is_sponsor":0},{"start_s":292.92,"end_s":296.56,"text":"But also it was a little finicky to get in and out. You got RAM here. What's the RAM?","speaker":null,"is_sponsor":0},{"start_s":297.24,"end_s":301.32,"text":"Transcend 16 Gigabyte unbuffered 3200 megatransfer per second","speaker":null,"is_sponsor":0},{"start_s":302.16,"end_s":308.56,"text":"And then what's the SSD also transcend? It's a 1 terabyte. Is it like decent? I don't know. I'm sure it's fine","speaker":null,"is_sponsor":0},{"start_s":308.56,"end_s":312.6,"text":"There is two slots though. You could put a second one in there and then like raid them. That's cool","speaker":null,"is_sponsor":0},{"start_s":312.6,"end_s":318.52,"text":"I think when you install open sense, there is an option to boot it from ZFS. Cool. Yeah, I would slap another SSD in here","speaker":null,"is_sponsor":0},{"start_s":318.52,"end_s":321.96,"text":"Although now that I'm thinking about it. This is a very expensive device","speaker":null,"is_sponsor":0},{"start_s":321.96,"end_s":326.64,"text":"There probably should just be two SSDs in here or at least give you the option to order it with two","speaker":null,"is_sponsor":0},{"start_s":326.64,"end_s":329.88,"text":"There's a slot there seems like an opportunity to make some money. Ah","speaker":null,"is_sponsor":0},{"start_s":330.84,"end_s":336.36,"text":"We've got absolute chungus heat sinks over here. Oh, hey, look what we can see the inside of the","speaker":null,"is_sponsor":0},{"start_s":337.44,"end_s":343.24,"text":"The duct it's a less advanced shape than I was thinking. Oh looking in the fans. You want to swap the fan? Oh","speaker":null,"is_sponsor":0},{"start_s":343.92,"end_s":349.92,"text":"Just slides out of there. I would like to see the CPU. Let's see the CPU these screws on this heat sink don't have springs","speaker":null,"is_sponsor":0},{"start_s":349.92,"end_s":354.6,"text":"It's just hard mounted. Those are non ferrous screws. Okay, great use ferrous screws","speaker":null,"is_sponsor":0},{"start_s":355.24,"end_s":359.64,"text":"They have magnetic capabilities meaning you can pick them up when you drop them","speaker":null,"is_sponsor":0},{"start_s":361.08,"end_s":366.56,"text":"Hey, look at that. That's a CPU. It's definitely like an embedded one. It's not","speaker":null,"is_sponsor":0},{"start_s":367.2,"end_s":371.04,"text":"Socketed I don't think we're gonna get any information by scraping off the goop","speaker":null,"is_sponsor":0},{"start_s":371.08,"end_s":375.04,"text":"But that's what it looks like. Do I scrape off the goop? I might scrape off the goop","speaker":null,"is_sponsor":0},{"start_s":375.04,"end_s":383.48,"text":"Look at that. This is AMD epic you bastards It's an epic embedded 3451 max turbo frequency of 3 gigahertz wonderful now","speaker":null,"is_sponsor":0},{"start_s":383.48,"end_s":386.8,"text":"I need to make it have goop again. Yeah, there's lots of goop on here","speaker":null,"is_sponsor":0},{"start_s":386.8,"end_s":392.48,"text":"I'd rather just like reuse their existing goop. I wouldn't recommend this usually but this is like a brand new device","speaker":null,"is_sponsor":0},{"start_s":392.48,"end_s":397.44,"text":"So it's probably fine But also don't do this. Let's put this back on","speaker":null,"is_sponsor":0},{"start_s":398.88,"end_s":402.04,"text":"There we go. Okay, that's how you do that case you were wondering","speaker":null,"is_sponsor":0},{"start_s":403.04,"end_s":405.04,"text":"Okay, how do I get this one?","speaker":null,"is_sponsor":0},{"start_s":407.32,"end_s":409.32,"text":"We have to take the motherboard out for that","speaker":null,"is_sponsor":0},{"start_s":412.52,"end_s":414.52,"text":"Yeah, there we go. Okay, cool","speaker":null,"is_sponsor":0},{"start_s":416.84,"end_s":422.52,"text":"What is this this is an easy easy 810 C. I am one that makes sense the 810","speaker":null,"is_sponsor":0},{"start_s":422.52,"end_s":425.72,"text":"This is an Intel Nick. It's a network card for what though. Oh","speaker":null,"is_sponsor":0},{"start_s":426.64,"end_s":430.76,"text":"Right, right This is the 100 gig","speaker":null,"is_sponsor":0},{"start_s":431.4,"end_s":439.92,"text":"Network card just in chip form this powers the 425 gig ports the 10 gig ports run off of the SOC","speaker":null,"is_sponsor":0},{"start_s":439.92,"end_s":444.04,"text":"To my understanding along with these RJ45 ports, but they needed a little more horsepower","speaker":null,"is_sponsor":0},{"start_s":444.68,"end_s":449.2,"text":"To run this 100 gig and they're using an Intel 810. I found something that'll be perfect for this","speaker":null,"is_sponsor":0},{"start_s":449.48,"end_s":452.84,"text":"Obviously our thermals just in general now are completely","speaker":null,"is_sponsor":0},{"start_s":453.72,"end_s":461.04,"text":"invalid But I've got some of the Honeywell PTM 7950 phase change thermal pads that we actually sell in LTT Store now","speaker":null,"is_sponsor":0},{"start_s":461.4,"end_s":466.92,"text":"This stuff is super cool. You put it on and it's like a solid and then once it heats up","speaker":null,"is_sponsor":1},{"start_s":466.92,"end_s":472.76,"text":"It turns into a goo and kind of fills all the crevices, but this stuff is like damn near indestructible","speaker":null,"is_sponsor":0},{"start_s":472.76,"end_s":478.4,"text":"I think it can handle like a hundred and fifty degrees Celsius for a thousand hours or something crazy like that","speaker":null,"is_sponsor":0},{"start_s":478.44,"end_s":487.6,"text":"Which is perfect for this Application because I know that this thermal paste pad goop stuff is not gonna have any problems down the road","speaker":null,"is_sponsor":0},{"start_s":487.6,"end_s":489.6,"text":"Okay, it's on there Honeywell on there","speaker":null,"is_sponsor":0},{"start_s":491.52,"end_s":495.52,"text":"Okay Pro tip don't take that off","speaker":null,"is_sponsor":0},{"start_s":496.28,"end_s":503.6,"text":"Other than that we got power distribution on the back. That's in Nick SOC RAM storage power supply hookups","speaker":null,"is_sponsor":0},{"start_s":503.76,"end_s":507.24,"text":"Lots of ports. Let's put this thing back together turn it on and","speaker":null,"is_sponsor":0},{"start_s":508.28,"end_s":517.88,"text":"route some packets Very quickly. Hopefully. Okay. I think it's back together. I hope seemingly I don't have any more part. Oh, damn it. I","speaker":null,"is_sponsor":0},{"start_s":519.44,"end_s":525.68,"text":"Know how it gets airflow now. I wasn't really looking but these are exhaust fans, which means it's gonna pull in air","speaker":null,"is_sponsor":1},{"start_s":526.24,"end_s":531.08,"text":"all along the front here all around all those ports and","speaker":null,"is_sponsor":1},{"start_s":531.52,"end_s":537.44,"text":"Then it just happens to get sucked through in a few particular places now if you're wondering why I have this thing","speaker":null,"is_sponsor":1},{"start_s":537.44,"end_s":540.28,"text":"I'm not just doing a ShortCircuit on this because it's cool","speaker":null,"is_sponsor":0},{"start_s":540.68,"end_s":548.52,"text":"I'm I'm also doing it because of that It's because we're gonna be using these as our routers for the office and I say routers because we have two of them","speaker":null,"is_sponsor":0},{"start_s":549.44,"end_s":554.24,"text":"Let's turn it on very curious to see how loud this thing is. Hopefully we didn't modify that in any way","speaker":null,"is_sponsor":0},{"start_s":555.12,"end_s":561.2,"text":"That's super not that loud and there's actually quite a bit of airflow coming through this considering the noise level. Let's hook it up","speaker":null,"is_sponsor":0},{"start_s":561.2,"end_s":565.56,"text":"Okay, so ports zero is assigned to LAN address. Oh","speaker":null,"is_sponsor":0},{"start_s":566.44,"end_s":572.92,"text":"Good, there is actually a port labeled zero. Okay, and port one is assigned to when it uses DHCP to obtain an IP address","speaker":null,"is_sponsor":0},{"start_s":573.2,"end_s":580.24,"text":"So we will plug in That this is our incoming internet connection into when which means this box should now have internet","speaker":null,"is_sponsor":0},{"start_s":580.24,"end_s":586.72,"text":"And then we need something to plug into zero We've made some changes. We now have two computers on the table. This is my test bench","speaker":null,"is_sponsor":0},{"start_s":586.72,"end_s":594.4,"text":"It's an epic 70 402p with a connect x6 card dual 25 gig and then we have a mini form MSO one","speaker":null,"is_sponsor":0},{"start_s":594.4,"end_s":600.12,"text":"Which is a 3,900 h kind of laptop based little mini computer, which has the same network card in it as well","speaker":null,"is_sponsor":0},{"start_s":600.12,"end_s":607.24,"text":"We're gonna be using this one as like a Server and this one as like a client so we can run just a basic speed test","speaker":null,"is_sponsor":0},{"start_s":607.52,"end_s":613.52,"text":"Through this box just to see what it can do because supposedly this thing can firewall at 60 gigabit","speaker":null,"is_sponsor":0},{"start_s":613.52,"end_s":617.72,"text":"Which is quite a bit it can also do threat protection at 7.5 gigabit","speaker":null,"is_sponsor":0},{"start_s":617.72,"end_s":620.96,"text":"Which is pretty cool like IPS IDS with presumably suricata","speaker":null,"is_sponsor":0},{"start_s":620.96,"end_s":625.64,"text":"I just want to be able to test if we can do like 50 gig between the two","speaker":null,"is_sponsor":0},{"start_s":625.64,"end_s":628.36,"text":"I don't have a way to really like easily plug in","speaker":null,"is_sponsor":0},{"start_s":629.0,"end_s":632.28,"text":"60 gig per client into each of these and like","speaker":null,"is_sponsor":0},{"start_s":632.76,"end_s":636.44,"text":"Combine those at least in a way that will be quick for me to do on set","speaker":null,"is_sponsor":0},{"start_s":636.64,"end_s":641.52,"text":"So it's just gonna be 50 gig, but realistically that's still a lot to be frank","speaker":null,"is_sponsor":0},{"start_s":641.76,"end_s":645.92,"text":"So let's try it now that I'm thinking about it. This mini's form right here. I","speaker":null,"is_sponsor":0},{"start_s":646.68,"end_s":652.4,"text":"Think is 600 bucks us maybe and this network card you can get used for like a hundred bucks","speaker":null,"is_sponsor":0},{"start_s":652.4,"end_s":657.16,"text":"It has half as many ports. You only have two 25 gigs and two 10 gigs","speaker":null,"is_sponsor":0},{"start_s":657.16,"end_s":663.56,"text":"But pretty cost-effective option considering the cost of this obviously few downsides there, but","speaker":null,"is_sponsor":0},{"start_s":664.24,"end_s":671.22,"text":"Yeah, okay, so this should have a DHCP server on it by default. Hey, there we go. Let's go through the wizard host name","speaker":null,"is_sponsor":0},{"start_s":671.46,"end_s":677.94,"text":"Thicky domain name. Damn. We'll use Google DNS. It's a pretty basic setup wizard","speaker":null,"is_sponsor":0},{"start_s":677.94,"end_s":685.22,"text":"It's enough to get you with a DHCP range and your WAN connected, but it's not really gonna go beyond that","speaker":null,"is_sponsor":0},{"start_s":686.14,"end_s":692.06,"text":"Especially for what we're gonna try to do with bonding a bunch of connections. This is a it's pretty basic","speaker":null,"is_sponsor":0},{"start_s":692.58,"end_s":695.62,"text":"This is what open sense looks like if you're familiar with pfSense","speaker":null,"is_sponsor":0},{"start_s":695.62,"end_s":699.14,"text":"It's basically the same interface a lot of the menus are the same","speaker":null,"is_sponsor":0},{"start_s":699.14,"end_s":702.62,"text":"But you just take the menus from the top bar and bloop onto the side","speaker":null,"is_sponsor":0},{"start_s":702.62,"end_s":707.66,"text":"I personally think it's a little easier to get around and I just like the fact that it's more up to date","speaker":null,"is_sponsor":0},{"start_s":708.3,"end_s":713.14,"text":"But I could spend literally like three hours going through every single menu","speaker":null,"is_sponsor":0},{"start_s":713.34,"end_s":719.46,"text":"So I'm not gonna do that. I'll show you a couple quick ones. We've got the dashboard here in firewall","speaker":null,"is_sponsor":0},{"start_s":719.46,"end_s":722.62,"text":"We can see our firewall rules. I've created a couple networks already for the test","speaker":null,"is_sponsor":0},{"start_s":722.62,"end_s":726.26,"text":"We're gonna do in a little bit. So ignore that. We've got interfaces","speaker":null,"is_sponsor":0},{"start_s":726.26,"end_s":729.22,"text":"You can list them all and set assignments. You can","speaker":null,"is_sponsor":0},{"start_s":730.14,"end_s":732.82,"text":"create VLANs and aggregates and","speaker":null,"is_sponsor":0},{"start_s":733.22,"end_s":736.74,"text":"Connective VPN like open ppn or ipsec. You can","speaker":null,"is_sponsor":0},{"start_s":737.38,"end_s":743.7,"text":"Control your DHCP server here. This is what the settings for DHCP server look like if you've used open sense or pfSense before","speaker":null,"is_sponsor":0},{"start_s":743.7,"end_s":748.9,"text":"These will look very familiar to you We're currently using unbound DNS and that's what this looks like","speaker":null,"is_sponsor":0},{"start_s":748.9,"end_s":753.7,"text":"So if you're more interested in the ins and outs of open sense as a firewall and routing software","speaker":null,"is_sponsor":0},{"start_s":754.02,"end_s":758.5,"text":"There's lots of other videos We'll link to some down below that are cool that give you a good overview of it","speaker":null,"is_sponsor":0},{"start_s":758.5,"end_s":761.9,"text":"But broadly it's a fast secure open source","speaker":null,"is_sponsor":0},{"start_s":763.02,"end_s":768.06,"text":"Self-hostable routing firewall software. It should be running open sense business edition by default","speaker":null,"is_sponsor":0},{"start_s":768.26,"end_s":771.58,"text":"You can just switch it over to the non-business edition if you want","speaker":null,"is_sponsor":0},{"start_s":771.58,"end_s":777.86,"text":"But it does come with a one-year license for free with it and then after that it's a hundred and forty nine euros you get","speaker":null,"is_sponsor":0},{"start_s":778.46,"end_s":782.3,"text":"Access to a integrated GOIP database, which you can already kind of get for free","speaker":null,"is_sponsor":0},{"start_s":782.3,"end_s":788.14,"text":"But it's just easier you get a virtualization image of it, which is again just kind of easier","speaker":null,"is_sponsor":0},{"start_s":789.18,"end_s":793.3,"text":"Open central that could be useful for you if you have a bunch of these or even just two","speaker":null,"is_sponsor":0},{"start_s":793.38,"end_s":800.94,"text":"It's like a centralized monitoring setup So you can have multiple of them exposed and kind of one one dashboard and other than that","speaker":null,"is_sponsor":0},{"start_s":800.94,"end_s":808.98,"text":"It's basically a an e-book that tells you how to use it better and a 20% discount if you want support","speaker":null,"is_sponsor":0},{"start_s":808.98,"end_s":813.78,"text":"But the other thing is you're just kind of supporting an open source project, which is cool on its own","speaker":null,"is_sponsor":0},{"start_s":813.78,"end_s":820.1,"text":"And we've been running the business edition for like over a year now And not to say that we had any issues with the normal version the community edition","speaker":null,"is_sponsor":0},{"start_s":820.46,"end_s":825.3,"text":"But it is nice to just kind of have a little bit more peace of mind when you're updating it knowing that it should","speaker":null,"is_sponsor":0},{"start_s":825.82,"end_s":832.54,"text":"Just be fine We have everybody's favorite flex optics universal direct attached cables. These things are awesome","speaker":null,"is_sponsor":0},{"start_s":832.54,"end_s":837.3,"text":"They come unprogrammed or you can order them programmed if you want you have to pay a little bit of a fee","speaker":null,"is_sponsor":0},{"start_s":837.3,"end_s":845.34,"text":"But the basic thing is you can program this cable to be recognized as any number of other vendors cables","speaker":null,"is_sponsor":0},{"start_s":845.34,"end_s":851.14,"text":"I could program this side to be Cisco and this side to be Dell and this side to be Mellanox","speaker":null,"is_sponsor":0},{"start_s":851.34,"end_s":854.14,"text":"Whatever you want to do so that when I plug this cable in","speaker":null,"is_sponsor":0},{"start_s":854.94,"end_s":859.06,"text":"It thinks it's a Mellanox cable and this side while we're plugging into an Intel mix","speaker":null,"is_sponsor":0},{"start_s":859.06,"end_s":863.78,"text":"So I'll tell it that it's an Intel cable and both devices think that they're using supported cables","speaker":null,"is_sponsor":0},{"start_s":863.98,"end_s":872.58,"text":"They should just work. It's very nice You can run into situations where if you have like let's say a Dell switch and you're having problems and you contact support","speaker":null,"is_sponsor":0},{"start_s":872.58,"end_s":876.62,"text":"They're gonna see oh, that's not a Dell cable. Sorry. We're not gonna support that","speaker":null,"is_sponsor":0},{"start_s":877.46,"end_s":883.1,"text":"This way they don't know not that I'm endorsing lying to your support reps, but it's a it's a consideration","speaker":null,"is_sponsor":0},{"start_s":883.58,"end_s":889.46,"text":"So let's program some They put little stickers on here so you can tell which side is which if you program them differently","speaker":null,"is_sponsor":0},{"start_s":889.46,"end_s":893.58,"text":"If you plug a fiber transceiver into the flex box, it'll actually tell you the light levels","speaker":null,"is_sponsor":0},{"start_s":893.58,"end_s":899.1,"text":"you can also use it as like a a Light meter if you're having problems with your fiber","speaker":null,"is_sponsor":0},{"start_s":899.1,"end_s":903.3,"text":"You think you're not getting enough gain just plug it in to whatever transceiver you're using and they'll tell you exactly","speaker":null,"is_sponsor":0},{"start_s":903.3,"end_s":908.16,"text":"We've got everything cabled up with two of our 25 gig flex optics cables to each","speaker":null,"is_sponsor":0},{"start_s":908.7,"end_s":914.86,"text":"Computer our minis forum and my test bench. I've installed proxmox 8.1 on both of them and set up a container","speaker":null,"is_sponsor":0},{"start_s":915.5,"end_s":921.02,"text":"Each with its own network. So we've got really four networks one per cable here","speaker":null,"is_sponsor":0},{"start_s":921.38,"end_s":927.14,"text":"Then I installed I perf and started running it. So now in theory. I see blinking lights","speaker":null,"is_sponsor":0},{"start_s":927.14,"end_s":931.62,"text":"There is traffic on all four nicks. So if we go to our dashboard here, there you go","speaker":null,"is_sponsor":0},{"start_s":932.58,"end_s":940.58,"text":"25 gig in on each interface 25 gig out. That's total 50 gigabit. That's a that's a fair bit of traffic","speaker":null,"is_sponsor":0},{"start_s":940.58,"end_s":942.58,"text":"I mean considering we're at","speaker":null,"is_sponsor":0},{"start_s":944.3,"end_s":948.26,"text":"29% CPU usage mind you this is with an MTU of 9000","speaker":null,"is_sponsor":0},{"start_s":948.26,"end_s":952.94,"text":"I suspect if we went to a normal MTU Which is like the max packet size you would","speaker":null,"is_sponsor":0},{"start_s":953.78,"end_s":957.1,"text":"Probably have quite a bit more CPU usage. It is","speaker":null,"is_sponsor":0},{"start_s":957.74,"end_s":964.06,"text":"Going through the firewall. It is passing rules. We're technically passing traffic kind of like inter VLAN routing","speaker":null,"is_sponsor":0},{"start_s":964.06,"end_s":970.38,"text":"But really it's inter network routing inter subnet routing because each of these is its own subnet slash network","speaker":null,"is_sponsor":0},{"start_s":971.18,"end_s":974.62,"text":"The traffic has to get passed. Look at all those packets","speaker":null,"is_sponsor":0},{"start_s":975.62,"end_s":980.74,"text":"They're routing to places. I mean in terms of the rest of it clearly. It's it's quite fast","speaker":null,"is_sponsor":0},{"start_s":981.46,"end_s":986.22,"text":"It's not getting any louder. I think my test bench is louder the knock to a fans on there","speaker":null,"is_sponsor":0},{"start_s":986.22,"end_s":992.9,"text":"I don't I don't notice any sort of ramp up. We go to temperatures. It says it's vibing at like 50 degrees Celsius","speaker":null,"is_sponsor":0},{"start_s":992.9,"end_s":998.18,"text":"That's not bad. Remember we did take the heat sink off. So those numbers mean pretty much nothing. Yeah, it's a router","speaker":null,"is_sponsor":0},{"start_s":998.34,"end_s":1006.78,"text":"It rips The hardware is pretty cool I like that it's built by a company that makes cool software. I do wish it had two SSDs though","speaker":null,"is_sponsor":0},{"start_s":1006.78,"end_s":1008.98,"text":"I guess I haven't said the price yet. It's","speaker":null,"is_sponsor":0},{"start_s":1010.06,"end_s":1013.9,"text":"6000 euros which is Whoo","speaker":null,"is_sponsor":0},{"start_s":1013.9,"end_s":1022.9,"text":"That's a lot of money When you compare to other offerings like if you were to buy a fortigate for instance that can do similar throughput","speaker":null,"is_sponsor":0},{"start_s":1022.9,"end_s":1025.98,"text":"You know, it's not out to lunch, but it is","speaker":null,"is_sponsor":0},{"start_s":1026.9,"end_s":1034.26,"text":"It's a fair bit of money Especially considering this minis forum right here if you're to buy that with 32 gigs of RAM and a 1 terabyte SSD","speaker":null,"is_sponsor":0},{"start_s":1034.42,"end_s":1041.52,"text":"It's 830 US dollars plus you buy like a dual port 25 gig nick or you could do a hundred gig nick and split that into four","speaker":null,"is_sponsor":0},{"start_s":1041.52,"end_s":1049.74,"text":"25 gigs like this box has You know, you're looking at a thousand maybe 1200 US dollars. It's a hefty premium to pay","speaker":null,"is_sponsor":0},{"start_s":1049.74,"end_s":1055.54,"text":"I don't know that I would buy a product like this for me It's always been very much a DIY approach, but it's still very cool","speaker":null,"is_sponsor":0},{"start_s":1055.54,"end_s":1059.18,"text":"And it's awesome to see a company that we like that makes good software make some cool hardware","speaker":null,"is_sponsor":0}],"full_text":"Today today is a very special day for today. We have a brown box on ShortCircuit You know what that means that means networking and this is a fun one. This is the oh god I don't know how to say it decisio deciso I'm gonna go with this Deciso for the rest of this video But this is a router and a pretty cool one because it's designed to run open source firmer in particular You can see it right there open sense or opn sense However, you want to say it which is a fork of pf sense and I much prefer it over pf sense for a number of reasons But the main thing is that this device is made by the company that manages the open sense open source router project It's pretty big. I mean right off the bat. We've got a getting started sheet of paper What does it tell you to do pre-installed the open sense business edition? That is the commercial paid version that gives you a few extra things We'll talk about that a bit later and then we've got the power cables standard C 13 to C 14 because this is meant to go in a Rack I guess and PDU's usually don't have normal plugs Oh, they do give you the normal power cables and then just a USB mini be very simple packaging. There's not a whole lot in here This is the DC 4280 from Decisio, what did I say? I was gonna call it deck deck IO. I don't know in terms of ports We've got four SFP 28 25 gig ports for SFP plus 10 gigabit ports and for RJ 45 base 2.5 gig ports. There's a USB over here We've got a console port for serial connection to power indicators for the power supplies And I think this is a reset button probably and then all that's left. I guess is this grill airflow. It's 3d printed though That's super cool. What's around back dual redundant power supplies? I mean, I guess they probably are serviceable from inside, but they're not hot swap They do have individual power buttons and there are two of them, which is nice We've got a grounding screw and then fans a big part of the design of this thing according to their website Is that they spent a bunch of time modeling the airflow and cooling so that this could use the least amount of Energy possible on cooling not being wasteful and also cooling it well because there's a fair bit of hardware in here I guess we should just open it up, right? Hopefully I don't break it because I would like to try it later I was like, I'm gonna be smart and bring the knock to a screwdriver LTTstore.com that has Torx bits. I didn't check if they were the right Torx bits The only CPU information they list is epic 3000 CPU the fastest epic 3000 CPU available for the most demanding network loads on This specific one, so it's a 16 core dual die chip also inside is 64 gigabytes of DDR4 memory Which we are going to see in like actually seconds and a 1 terabyte NVMe SSD, which is a fair bit of storage For a router warranty void if seal broken. Come on guys. What is this? That's a lot of these are apparently development units, so It could be ever so slightly different from the production hardware, but from my understanding I believe they did do some 3d printed stuff for this which I think is what these are. That's cool Wow, this is very like Clean I want to take the front off too because I can't really see everything. Oh god Oh god, there's different sizes and screws now two different types of screws is not that bad I mean, they're the same threading. These are just shorties Hey, there we go. Damn. That's pretty. We got the power supplies over here as I suspected they are internal They are not hot swap per se, but they do appear to be easily swap There's these big chunky connectors that run from each power supply to the board They do have little screws connecting them, but you just disconnect those screws. I imagine and it will just come out Let's find out. Hey, there we go. Yeah, okay, so those are pretty easy to swap 12 volts sixteen point seven amps. So that works out to like what a hundred and eighty watts or something like that 200 watts each Okay, cool. I see what they mean about like optimized cooling. Hey, they made their own 3d print things. Why what is this? Do you see this? This is so strange. Why does it have that shape? Does this like reduce turbulence or something? I know it like on their product page They have a photo of the airflow simulation like the fluid dynamics and it looks very smooth Cool, I guess they're 93% efficient power supplies. What else we got? Is there anything about the cooling in here aside from just this the sick photo? It's a 42 dba. It's pretty quiet It's not like dead silent But if you were in an office space with some people talking you you definitely wouldn't be able to hear it Or if it's in a closet, you're not gonna have any issues there. How do these come in? Oh ouchie that didn't feel very nice these bits just butt up against the motherboard and then there's nubbins Let's stick into the fan holes. So this is just like friction vibing here cool simple I like that you don't need screwdriver to take that apart But also it was a little finicky to get in and out. You got RAM here. What's the RAM? Transcend 16 Gigabyte unbuffered 3200 megatransfer per second And then what's the SSD also transcend? It's a 1 terabyte. Is it like decent? I don't know. I'm sure it's fine There is two slots though. You could put a second one in there and then like raid them. That's cool I think when you install open sense, there is an option to boot it from ZFS. Cool. Yeah, I would slap another SSD in here Although now that I'm thinking about it. This is a very expensive device There probably should just be two SSDs in here or at least give you the option to order it with two There's a slot there seems like an opportunity to make some money. Ah We've got absolute chungus heat sinks over here. Oh, hey, look what we can see the inside of the The duct it's a less advanced shape than I was thinking. Oh looking in the fans. You want to swap the fan? Oh Just slides out of there. I would like to see the CPU. Let's see the CPU these screws on this heat sink don't have springs It's just hard mounted. Those are non ferrous screws. Okay, great use ferrous screws They have magnetic capabilities meaning you can pick them up when you drop them Hey, look at that. That's a CPU. It's definitely like an embedded one. It's not Socketed I don't think we're gonna get any information by scraping off the goop But that's what it looks like. Do I scrape off the goop? I might scrape off the goop Look at that. This is AMD epic you bastards It's an epic embedded 3451 max turbo frequency of 3 gigahertz wonderful now I need to make it have goop again. Yeah, there's lots of goop on here I'd rather just like reuse their existing goop. I wouldn't recommend this usually but this is like a brand new device So it's probably fine But also don't do this. Let's put this back on There we go. Okay, that's how you do that case you were wondering Okay, how do I get this one? We have to take the motherboard out for that Yeah, there we go. Okay, cool What is this this is an easy easy 810 C. I am one that makes sense the 810 This is an Intel Nick. It's a network card for what though. Oh Right, right This is the 100 gig Network card just in chip form this powers the 425 gig ports the 10 gig ports run off of the SOC To my understanding along with these RJ45 ports, but they needed a little more horsepower To run this 100 gig and they're using an Intel 810. I found something that'll be perfect for this Obviously our thermals just in general now are completely invalid But I've got some of the Honeywell PTM 7950 phase change thermal pads that we actually sell in LTT Store now This stuff is super cool. You put it on and it's like a solid and then once it heats up It turns into a goo and kind of fills all the crevices, but this stuff is like damn near indestructible I think it can handle like a hundred and fifty degrees Celsius for a thousand hours or something crazy like that Which is perfect for this Application because I know that this thermal paste pad goop stuff is not gonna have any problems down the road Okay, it's on there Honeywell on there Okay Pro tip don't take that off Other than that we got power distribution on the back. That's in Nick SOC RAM storage power supply hookups Lots of ports. Let's put this thing back together turn it on and route some packets Very quickly. Hopefully. Okay. I think it's back together. I hope seemingly I don't have any more part. Oh, damn it. I Know how it gets airflow now. I wasn't really looking but these are exhaust fans, which means it's gonna pull in air all along the front here all around all those ports and Then it just happens to get sucked through in a few particular places now if you're wondering why I have this thing I'm not just doing a ShortCircuit on this because it's cool I'm I'm also doing it because of that It's because we're gonna be using these as our routers for the office and I say routers because we have two of them Let's turn it on very curious to see how loud this thing is. Hopefully we didn't modify that in any way That's super not that loud and there's actually quite a bit of airflow coming through this considering the noise level. Let's hook it up Okay, so ports zero is assigned to LAN address. Oh Good, there is actually a port labeled zero. Okay, and port one is assigned to when it uses DHCP to obtain an IP address So we will plug in That this is our incoming internet connection into when which means this box should now have internet And then we need something to plug into zero We've made some changes. We now have two computers on the table. This is my test bench It's an epic 70 402p with a connect x6 card dual 25 gig and then we have a mini form MSO one Which is a 3,900 h kind of laptop based little mini computer, which has the same network card in it as well We're gonna be using this one as like a Server and this one as like a client so we can run just a basic speed test Through this box just to see what it can do because supposedly this thing can firewall at 60 gigabit Which is quite a bit it can also do threat protection at 7.5 gigabit Which is pretty cool like IPS IDS with presumably suricata I just want to be able to test if we can do like 50 gig between the two I don't have a way to really like easily plug in 60 gig per client into each of these and like Combine those at least in a way that will be quick for me to do on set So it's just gonna be 50 gig, but realistically that's still a lot to be frank So let's try it now that I'm thinking about it. This mini's form right here. I Think is 600 bucks us maybe and this network card you can get used for like a hundred bucks It has half as many ports. You only have two 25 gigs and two 10 gigs But pretty cost-effective option considering the cost of this obviously few downsides there, but Yeah, okay, so this should have a DHCP server on it by default. Hey, there we go. Let's go through the wizard host name Thicky domain name. Damn. We'll use Google DNS. It's a pretty basic setup wizard It's enough to get you with a DHCP range and your WAN connected, but it's not really gonna go beyond that Especially for what we're gonna try to do with bonding a bunch of connections. This is a it's pretty basic This is what open sense looks like if you're familiar with pfSense It's basically the same interface a lot of the menus are the same But you just take the menus from the top bar and bloop onto the side I personally think it's a little easier to get around and I just like the fact that it's more up to date But I could spend literally like three hours going through every single menu So I'm not gonna do that. I'll show you a couple quick ones. We've got the dashboard here in firewall We can see our firewall rules. I've created a couple networks already for the test We're gonna do in a little bit. So ignore that. We've got interfaces You can list them all and set assignments. You can create VLANs and aggregates and Connective VPN like open ppn or ipsec. You can Control your DHCP server here. This is what the settings for DHCP server look like if you've used open sense or pfSense before These will look very familiar to you We're currently using unbound DNS and that's what this looks like So if you're more interested in the ins and outs of open sense as a firewall and routing software There's lots of other videos We'll link to some down below that are cool that give you a good overview of it But broadly it's a fast secure open source Self-hostable routing firewall software. It should be running open sense business edition by default You can just switch it over to the non-business edition if you want But it does come with a one-year license for free with it and then after that it's a hundred and forty nine euros you get Access to a integrated GOIP database, which you can already kind of get for free But it's just easier you get a virtualization image of it, which is again just kind of easier Open central that could be useful for you if you have a bunch of these or even just two It's like a centralized monitoring setup So you can have multiple of them exposed and kind of one one dashboard and other than that It's basically a an e-book that tells you how to use it better and a 20% discount if you want support But the other thing is you're just kind of supporting an open source project, which is cool on its own And we've been running the business edition for like over a year now And not to say that we had any issues with the normal version the community edition But it is nice to just kind of have a little bit more peace of mind when you're updating it knowing that it should Just be fine We have everybody's favorite flex optics universal direct attached cables. These things are awesome They come unprogrammed or you can order them programmed if you want you have to pay a little bit of a fee But the basic thing is you can program this cable to be recognized as any number of other vendors cables I could program this side to be Cisco and this side to be Dell and this side to be Mellanox Whatever you want to do so that when I plug this cable in It thinks it's a Mellanox cable and this side while we're plugging into an Intel mix So I'll tell it that it's an Intel cable and both devices think that they're using supported cables They should just work. It's very nice You can run into situations where if you have like let's say a Dell switch and you're having problems and you contact support They're gonna see oh, that's not a Dell cable. Sorry. We're not gonna support that This way they don't know not that I'm endorsing lying to your support reps, but it's a it's a consideration So let's program some They put little stickers on here so you can tell which side is which if you program them differently If you plug a fiber transceiver into the flex box, it'll actually tell you the light levels you can also use it as like a a Light meter if you're having problems with your fiber You think you're not getting enough gain just plug it in to whatever transceiver you're using and they'll tell you exactly We've got everything cabled up with two of our 25 gig flex optics cables to each Computer our minis forum and my test bench. I've installed proxmox 8.1 on both of them and set up a container Each with its own network. So we've got really four networks one per cable here Then I installed I perf and started running it. So now in theory. I see blinking lights There is traffic on all four nicks. So if we go to our dashboard here, there you go 25 gig in on each interface 25 gig out. That's total 50 gigabit. That's a that's a fair bit of traffic I mean considering we're at 29% CPU usage mind you this is with an MTU of 9000 I suspect if we went to a normal MTU Which is like the max packet size you would Probably have quite a bit more CPU usage. It is Going through the firewall. It is passing rules. We're technically passing traffic kind of like inter VLAN routing But really it's inter network routing inter subnet routing because each of these is its own subnet slash network The traffic has to get passed. Look at all those packets They're routing to places. I mean in terms of the rest of it clearly. It's it's quite fast It's not getting any louder. I think my test bench is louder the knock to a fans on there I don't I don't notice any sort of ramp up. We go to temperatures. It says it's vibing at like 50 degrees Celsius That's not bad. Remember we did take the heat sink off. So those numbers mean pretty much nothing. Yeah, it's a router It rips The hardware is pretty cool I like that it's built by a company that makes cool software. I do wish it had two SSDs though I guess I haven't said the price yet. It's 6000 euros which is Whoo That's a lot of money When you compare to other offerings like if you were to buy a fortigate for instance that can do similar throughput You know, it's not out to lunch, but it is It's a fair bit of money Especially considering this minis forum right here if you're to buy that with 32 gigs of RAM and a 1 terabyte SSD It's 830 US dollars plus you buy like a dual port 25 gig nick or you could do a hundred gig nick and split that into four 25 gigs like this box has You know, you're looking at a thousand maybe 1200 US dollars. It's a hefty premium to pay I don't know that I would buy a product like this for me It's always been very much a DIY approach, but it's still very cool And it's awesome to see a company that we like that makes good software make some cool hardware"}