WEBVTT

00:00:00.000 --> 00:00:05.200
Today today is a very special day for today. We have a brown box on ShortCircuit

00:00:05.200 --> 00:00:10.440
You know what that means that means networking and this is a fun one. This is the oh god

00:00:10.440 --> 00:00:13.600
I don't know how to say it decisio deciso I'm gonna go with this

00:00:13.600 --> 00:00:21.520
Deciso for the rest of this video But this is a router and a pretty cool one because it's designed to run open source firmer in particular

00:00:21.520 --> 00:00:29.200
You can see it right there open sense or opn sense However, you want to say it which is a fork of pf sense and I much prefer it over pf sense for a number of reasons

00:00:29.200 --> 00:00:36.080
But the main thing is that this device is made by the company that manages the open sense open source router project

00:00:36.880 --> 00:00:41.880
It's pretty big. I mean right off the bat. We've got a getting started sheet of paper

00:00:41.880 --> 00:00:48.280
What does it tell you to do pre-installed the open sense business edition? That is the commercial paid version that gives you a few extra things

00:00:48.280 --> 00:00:53.400
We'll talk about that a bit later and then we've got the power cables standard C 13 to C 14 because this is meant to go in a

00:00:53.800 --> 00:00:57.880
Rack I guess and PDU's usually don't have normal plugs

00:00:57.880 --> 00:01:04.600
Oh, they do give you the normal power cables and then just a USB mini be very simple packaging. There's not a whole lot in here

00:01:06.800 --> 00:01:09.560
This is the DC 4280 from

00:01:10.120 --> 00:01:14.960
Decisio, what did I say? I was gonna call it deck deck IO. I don't know in terms of ports

00:01:14.960 --> 00:01:21.240
We've got four SFP 28 25 gig ports for SFP plus 10 gigabit ports and for

00:01:21.560 --> 00:01:25.680
RJ 45 base 2.5 gig ports. There's a USB over here

00:01:25.680 --> 00:01:30.240
We've got a console port for serial connection to power indicators for the power supplies

00:01:30.240 --> 00:01:37.600
And I think this is a reset button probably and then all that's left. I guess is this grill airflow. It's 3d printed though

00:01:37.600 --> 00:01:41.240
That's super cool. What's around back dual redundant power supplies?

00:01:41.240 --> 00:01:44.600
I mean, I guess they probably are serviceable from inside, but they're not hot swap

00:01:44.640 --> 00:01:53.440
They do have individual power buttons and there are two of them, which is nice We've got a grounding screw and then fans a big part of the design of this thing according to their website

00:01:53.440 --> 00:01:59.680
Is that they spent a bunch of time modeling the airflow and cooling so that this could use the least amount of

00:02:00.120 --> 00:02:07.040
Energy possible on cooling not being wasteful and also cooling it well because there's a fair bit of hardware in here

00:02:07.040 --> 00:02:11.040
I guess we should just open it up, right? Hopefully I don't break it because I would like to try it later

00:02:11.040 --> 00:02:14.760
I was like, I'm gonna be smart and bring the knock to a screwdriver

00:02:15.400 --> 00:02:19.880
LTTstore.com that has Torx bits. I didn't check if they were the right Torx bits

00:02:20.040 --> 00:02:28.120
The only CPU information they list is epic 3000 CPU the fastest epic 3000 CPU available for the most demanding network loads on

00:02:28.440 --> 00:02:34.720
This specific one, so it's a 16 core dual die chip also inside is 64 gigabytes of DDR4 memory

00:02:34.720 --> 00:02:41.480
Which we are going to see in like actually seconds and a 1 terabyte NVMe SSD, which is a fair bit of storage

00:02:41.680 --> 00:02:48.040
For a router warranty void if seal broken. Come on guys. What is this?

00:02:48.840 --> 00:02:52.280
That's a lot of these are apparently development units, so

00:02:53.600 --> 00:02:58.040
It could be ever so slightly different from the production hardware, but from my understanding

00:02:58.040 --> 00:03:04.540
I believe they did do some 3d printed stuff for this which I think is what these are. That's cool

00:03:04.560 --> 00:03:10.440
Wow, this is very like Clean I want to take the front off too because I can't really see everything. Oh god

00:03:10.440 --> 00:03:14.840
Oh god, there's different sizes and screws now two different types of screws is not that bad

00:03:14.840 --> 00:03:17.240
I mean, they're the same threading. These are just shorties

00:03:18.640 --> 00:03:25.320
Hey, there we go. Damn. That's pretty. We got the power supplies over here as I suspected they are internal

00:03:25.320 --> 00:03:29.520
They are not hot swap per se, but they do appear to be easily swap

00:03:29.960 --> 00:03:34.000
There's these big chunky connectors that run from each power supply to the board

00:03:34.080 --> 00:03:40.080
They do have little screws connecting them, but you just disconnect those screws. I imagine and it will just come out

00:03:40.360 --> 00:03:44.040
Let's find out. Hey, there we go. Yeah, okay, so those are pretty easy to swap

00:03:44.560 --> 00:03:49.560
12 volts sixteen point seven amps. So that works out to like what a hundred and eighty watts or something like that

00:03:49.800 --> 00:03:56.240
200 watts each Okay, cool. I see what they mean about like optimized cooling. Hey, they made their own

00:03:57.000 --> 00:04:03.400
3d print things. Why what is this? Do you see this? This is so strange. Why does it have that shape?

00:04:03.400 --> 00:04:07.960
Does this like reduce turbulence or something? I know it like on their product page

00:04:07.960 --> 00:04:13.160
They have a photo of the airflow simulation like the fluid dynamics and it looks very

00:04:14.280 --> 00:04:19.800
smooth Cool, I guess they're 93% efficient power supplies. What else we got?

00:04:19.800 --> 00:04:25.160
Is there anything about the cooling in here aside from just this the sick photo? It's a 42 dba. It's pretty quiet

00:04:25.440 --> 00:04:32.640
It's not like dead silent But if you were in an office space with some people talking you you definitely wouldn't be able to hear it

00:04:32.640 --> 00:04:36.880
Or if it's in a closet, you're not gonna have any issues there. How do these come in?

00:04:39.080 --> 00:04:45.080
Oh ouchie that didn't feel very nice these bits just butt up against the motherboard and then there's nubbins

00:04:45.160 --> 00:04:49.920
Let's stick into the fan holes. So this is just like friction vibing here cool simple

00:04:49.920 --> 00:04:52.400
I like that you don't need screwdriver to take that apart

00:04:52.920 --> 00:04:56.560
But also it was a little finicky to get in and out. You got RAM here. What's the RAM?

00:04:57.240 --> 00:05:01.320
Transcend 16 Gigabyte unbuffered 3200 megatransfer per second

00:05:02.160 --> 00:05:08.560
And then what's the SSD also transcend? It's a 1 terabyte. Is it like decent? I don't know. I'm sure it's fine

00:05:08.560 --> 00:05:12.600
There is two slots though. You could put a second one in there and then like raid them. That's cool

00:05:12.600 --> 00:05:18.520
I think when you install open sense, there is an option to boot it from ZFS. Cool. Yeah, I would slap another SSD in here

00:05:18.520 --> 00:05:21.960
Although now that I'm thinking about it. This is a very expensive device

00:05:21.960 --> 00:05:26.640
There probably should just be two SSDs in here or at least give you the option to order it with two

00:05:26.640 --> 00:05:29.880
There's a slot there seems like an opportunity to make some money. Ah

00:05:30.840 --> 00:05:36.360
We've got absolute chungus heat sinks over here. Oh, hey, look what we can see the inside of the

00:05:37.440 --> 00:05:43.240
The duct it's a less advanced shape than I was thinking. Oh looking in the fans. You want to swap the fan? Oh

00:05:43.920 --> 00:05:49.920
Just slides out of there. I would like to see the CPU. Let's see the CPU these screws on this heat sink don't have springs

00:05:49.920 --> 00:05:54.600
It's just hard mounted. Those are non ferrous screws. Okay, great use ferrous screws

00:05:55.240 --> 00:05:59.640
They have magnetic capabilities meaning you can pick them up when you drop them

00:06:01.080 --> 00:06:06.560
Hey, look at that. That's a CPU. It's definitely like an embedded one. It's not

00:06:07.200 --> 00:06:11.040
Socketed I don't think we're gonna get any information by scraping off the goop

00:06:11.080 --> 00:06:15.040
But that's what it looks like. Do I scrape off the goop? I might scrape off the goop

00:06:15.040 --> 00:06:23.480
Look at that. This is AMD epic you bastards It's an epic embedded 3451 max turbo frequency of 3 gigahertz wonderful now

00:06:23.480 --> 00:06:26.800
I need to make it have goop again. Yeah, there's lots of goop on here

00:06:26.800 --> 00:06:32.480
I'd rather just like reuse their existing goop. I wouldn't recommend this usually but this is like a brand new device

00:06:32.480 --> 00:06:37.440
So it's probably fine But also don't do this. Let's put this back on

00:06:38.880 --> 00:06:42.040
There we go. Okay, that's how you do that case you were wondering

00:06:43.040 --> 00:06:45.040
Okay, how do I get this one?

00:06:47.320 --> 00:06:49.320
We have to take the motherboard out for that

00:06:52.520 --> 00:06:54.520
Yeah, there we go. Okay, cool

00:06:56.840 --> 00:07:02.520
What is this this is an easy easy 810 C. I am one that makes sense the 810

00:07:02.520 --> 00:07:05.720
This is an Intel Nick. It's a network card for what though. Oh

00:07:06.640 --> 00:07:10.760
Right, right This is the 100 gig

00:07:11.400 --> 00:07:19.920
Network card just in chip form this powers the 425 gig ports the 10 gig ports run off of the SOC

00:07:19.920 --> 00:07:24.040
To my understanding along with these RJ45 ports, but they needed a little more horsepower

00:07:24.680 --> 00:07:29.200
To run this 100 gig and they're using an Intel 810. I found something that'll be perfect for this

00:07:29.480 --> 00:07:32.840
Obviously our thermals just in general now are completely

00:07:33.720 --> 00:07:41.040
invalid But I've got some of the Honeywell PTM 7950 phase change thermal pads that we actually sell in LTT Store now

00:07:41.400 --> 00:07:46.920
This stuff is super cool. You put it on and it's like a solid and then once it heats up

00:07:46.920 --> 00:07:52.760
It turns into a goo and kind of fills all the crevices, but this stuff is like damn near indestructible

00:07:52.760 --> 00:07:58.400
I think it can handle like a hundred and fifty degrees Celsius for a thousand hours or something crazy like that

00:07:58.440 --> 00:08:07.600
Which is perfect for this Application because I know that this thermal paste pad goop stuff is not gonna have any problems down the road

00:08:07.600 --> 00:08:09.600
Okay, it's on there Honeywell on there

00:08:11.520 --> 00:08:15.520
Okay Pro tip don't take that off

00:08:16.280 --> 00:08:23.600
Other than that we got power distribution on the back. That's in Nick SOC RAM storage power supply hookups

00:08:23.760 --> 00:08:27.240
Lots of ports. Let's put this thing back together turn it on and

00:08:28.280 --> 00:08:37.880
route some packets Very quickly. Hopefully. Okay. I think it's back together. I hope seemingly I don't have any more part. Oh, damn it. I

00:08:39.440 --> 00:08:45.680
Know how it gets airflow now. I wasn't really looking but these are exhaust fans, which means it's gonna pull in air

00:08:46.240 --> 00:08:51.080
all along the front here all around all those ports and

00:08:51.520 --> 00:08:57.440
Then it just happens to get sucked through in a few particular places now if you're wondering why I have this thing

00:08:57.440 --> 00:09:00.280
I'm not just doing a ShortCircuit on this because it's cool

00:09:00.680 --> 00:09:08.520
I'm I'm also doing it because of that It's because we're gonna be using these as our routers for the office and I say routers because we have two of them

00:09:09.440 --> 00:09:14.240
Let's turn it on very curious to see how loud this thing is. Hopefully we didn't modify that in any way

00:09:15.120 --> 00:09:21.200
That's super not that loud and there's actually quite a bit of airflow coming through this considering the noise level. Let's hook it up

00:09:21.200 --> 00:09:25.560
Okay, so ports zero is assigned to LAN address. Oh

00:09:26.440 --> 00:09:32.920
Good, there is actually a port labeled zero. Okay, and port one is assigned to when it uses DHCP to obtain an IP address

00:09:33.200 --> 00:09:40.240
So we will plug in That this is our incoming internet connection into when which means this box should now have internet

00:09:40.240 --> 00:09:46.720
And then we need something to plug into zero We've made some changes. We now have two computers on the table. This is my test bench

00:09:46.720 --> 00:09:54.400
It's an epic 70 402p with a connect x6 card dual 25 gig and then we have a mini form MSO one

00:09:54.400 --> 00:10:00.120
Which is a 3,900 h kind of laptop based little mini computer, which has the same network card in it as well

00:10:00.120 --> 00:10:07.240
We're gonna be using this one as like a Server and this one as like a client so we can run just a basic speed test

00:10:07.520 --> 00:10:13.520
Through this box just to see what it can do because supposedly this thing can firewall at 60 gigabit

00:10:13.520 --> 00:10:17.720
Which is quite a bit it can also do threat protection at 7.5 gigabit

00:10:17.720 --> 00:10:20.960
Which is pretty cool like IPS IDS with presumably suricata

00:10:20.960 --> 00:10:25.640
I just want to be able to test if we can do like 50 gig between the two

00:10:25.640 --> 00:10:28.360
I don't have a way to really like easily plug in

00:10:29.000 --> 00:10:32.280
60 gig per client into each of these and like

00:10:32.760 --> 00:10:36.440
Combine those at least in a way that will be quick for me to do on set

00:10:36.640 --> 00:10:41.520
So it's just gonna be 50 gig, but realistically that's still a lot to be frank

00:10:41.760 --> 00:10:45.920
So let's try it now that I'm thinking about it. This mini's form right here. I

00:10:46.680 --> 00:10:52.400
Think is 600 bucks us maybe and this network card you can get used for like a hundred bucks

00:10:52.400 --> 00:10:57.160
It has half as many ports. You only have two 25 gigs and two 10 gigs

00:10:57.160 --> 00:11:03.560
But pretty cost-effective option considering the cost of this obviously few downsides there, but

00:11:04.240 --> 00:11:11.220
Yeah, okay, so this should have a DHCP server on it by default. Hey, there we go. Let's go through the wizard host name

00:11:11.460 --> 00:11:17.940
Thicky domain name. Damn. We'll use Google DNS. It's a pretty basic setup wizard

00:11:17.940 --> 00:11:25.220
It's enough to get you with a DHCP range and your WAN connected, but it's not really gonna go beyond that

00:11:26.140 --> 00:11:32.060
Especially for what we're gonna try to do with bonding a bunch of connections. This is a it's pretty basic

00:11:32.580 --> 00:11:35.620
This is what open sense looks like if you're familiar with pfSense

00:11:35.620 --> 00:11:39.140
It's basically the same interface a lot of the menus are the same

00:11:39.140 --> 00:11:42.620
But you just take the menus from the top bar and bloop onto the side

00:11:42.620 --> 00:11:47.660
I personally think it's a little easier to get around and I just like the fact that it's more up to date

00:11:48.300 --> 00:11:53.140
But I could spend literally like three hours going through every single menu

00:11:53.340 --> 00:11:59.460
So I'm not gonna do that. I'll show you a couple quick ones. We've got the dashboard here in firewall

00:11:59.460 --> 00:12:02.620
We can see our firewall rules. I've created a couple networks already for the test

00:12:02.620 --> 00:12:06.260
We're gonna do in a little bit. So ignore that. We've got interfaces

00:12:06.260 --> 00:12:09.220
You can list them all and set assignments. You can

00:12:10.140 --> 00:12:12.820
create VLANs and aggregates and

00:12:13.220 --> 00:12:16.740
Connective VPN like open ppn or ipsec. You can

00:12:17.380 --> 00:12:23.700
Control your DHCP server here. This is what the settings for DHCP server look like if you've used open sense or pfSense before

00:12:23.700 --> 00:12:28.900
These will look very familiar to you We're currently using unbound DNS and that's what this looks like

00:12:28.900 --> 00:12:33.700
So if you're more interested in the ins and outs of open sense as a firewall and routing software

00:12:34.020 --> 00:12:38.500
There's lots of other videos We'll link to some down below that are cool that give you a good overview of it

00:12:38.500 --> 00:12:41.900
But broadly it's a fast secure open source

00:12:43.020 --> 00:12:48.060
Self-hostable routing firewall software. It should be running open sense business edition by default

00:12:48.260 --> 00:12:51.580
You can just switch it over to the non-business edition if you want

00:12:51.580 --> 00:12:57.860
But it does come with a one-year license for free with it and then after that it's a hundred and forty nine euros you get

00:12:58.460 --> 00:13:02.300
Access to a integrated GOIP database, which you can already kind of get for free

00:13:02.300 --> 00:13:08.140
But it's just easier you get a virtualization image of it, which is again just kind of easier

00:13:09.180 --> 00:13:13.300
Open central that could be useful for you if you have a bunch of these or even just two

00:13:13.380 --> 00:13:20.940
It's like a centralized monitoring setup So you can have multiple of them exposed and kind of one one dashboard and other than that

00:13:20.940 --> 00:13:28.980
It's basically a an e-book that tells you how to use it better and a 20% discount if you want support

00:13:28.980 --> 00:13:33.780
But the other thing is you're just kind of supporting an open source project, which is cool on its own

00:13:33.780 --> 00:13:40.100
And we've been running the business edition for like over a year now And not to say that we had any issues with the normal version the community edition

00:13:40.460 --> 00:13:45.300
But it is nice to just kind of have a little bit more peace of mind when you're updating it knowing that it should

00:13:45.820 --> 00:13:52.540
Just be fine We have everybody's favorite flex optics universal direct attached cables. These things are awesome

00:13:52.540 --> 00:13:57.300
They come unprogrammed or you can order them programmed if you want you have to pay a little bit of a fee

00:13:57.300 --> 00:14:05.340
But the basic thing is you can program this cable to be recognized as any number of other vendors cables

00:14:05.340 --> 00:14:11.140
I could program this side to be Cisco and this side to be Dell and this side to be Mellanox

00:14:11.340 --> 00:14:14.140
Whatever you want to do so that when I plug this cable in

00:14:14.940 --> 00:14:19.060
It thinks it's a Mellanox cable and this side while we're plugging into an Intel mix

00:14:19.060 --> 00:14:23.780
So I'll tell it that it's an Intel cable and both devices think that they're using supported cables

00:14:23.980 --> 00:14:32.580
They should just work. It's very nice You can run into situations where if you have like let's say a Dell switch and you're having problems and you contact support

00:14:32.580 --> 00:14:36.620
They're gonna see oh, that's not a Dell cable. Sorry. We're not gonna support that

00:14:37.460 --> 00:14:43.100
This way they don't know not that I'm endorsing lying to your support reps, but it's a it's a consideration

00:14:43.580 --> 00:14:49.460
So let's program some They put little stickers on here so you can tell which side is which if you program them differently

00:14:49.460 --> 00:14:53.580
If you plug a fiber transceiver into the flex box, it'll actually tell you the light levels

00:14:53.580 --> 00:14:59.100
you can also use it as like a a Light meter if you're having problems with your fiber

00:14:59.100 --> 00:15:03.300
You think you're not getting enough gain just plug it in to whatever transceiver you're using and they'll tell you exactly

00:15:03.300 --> 00:15:08.160
We've got everything cabled up with two of our 25 gig flex optics cables to each

00:15:08.700 --> 00:15:14.860
Computer our minis forum and my test bench. I've installed proxmox 8.1 on both of them and set up a container

00:15:15.500 --> 00:15:21.020
Each with its own network. So we've got really four networks one per cable here

00:15:21.380 --> 00:15:27.140
Then I installed I perf and started running it. So now in theory. I see blinking lights

00:15:27.140 --> 00:15:31.620
There is traffic on all four nicks. So if we go to our dashboard here, there you go

00:15:32.580 --> 00:15:40.580
25 gig in on each interface 25 gig out. That's total 50 gigabit. That's a that's a fair bit of traffic

00:15:40.580 --> 00:15:42.580
I mean considering we're at

00:15:44.300 --> 00:15:48.260
29% CPU usage mind you this is with an MTU of 9000

00:15:48.260 --> 00:15:52.940
I suspect if we went to a normal MTU Which is like the max packet size you would

00:15:53.780 --> 00:15:57.100
Probably have quite a bit more CPU usage. It is

00:15:57.740 --> 00:16:04.060
Going through the firewall. It is passing rules. We're technically passing traffic kind of like inter VLAN routing

00:16:04.060 --> 00:16:10.380
But really it's inter network routing inter subnet routing because each of these is its own subnet slash network

00:16:11.180 --> 00:16:14.620
The traffic has to get passed. Look at all those packets

00:16:15.620 --> 00:16:20.740
They're routing to places. I mean in terms of the rest of it clearly. It's it's quite fast

00:16:21.460 --> 00:16:26.220
It's not getting any louder. I think my test bench is louder the knock to a fans on there

00:16:26.220 --> 00:16:32.900
I don't I don't notice any sort of ramp up. We go to temperatures. It says it's vibing at like 50 degrees Celsius

00:16:32.900 --> 00:16:38.180
That's not bad. Remember we did take the heat sink off. So those numbers mean pretty much nothing. Yeah, it's a router

00:16:38.340 --> 00:16:46.780
It rips The hardware is pretty cool I like that it's built by a company that makes cool software. I do wish it had two SSDs though

00:16:46.780 --> 00:16:48.980
I guess I haven't said the price yet. It's

00:16:50.060 --> 00:16:53.900
6000 euros which is Whoo

00:16:53.900 --> 00:17:02.900
That's a lot of money When you compare to other offerings like if you were to buy a fortigate for instance that can do similar throughput

00:17:02.900 --> 00:17:05.980
You know, it's not out to lunch, but it is

00:17:06.900 --> 00:17:14.260
It's a fair bit of money Especially considering this minis forum right here if you're to buy that with 32 gigs of RAM and a 1 terabyte SSD

00:17:14.420 --> 00:17:21.520
It's 830 US dollars plus you buy like a dual port 25 gig nick or you could do a hundred gig nick and split that into four

00:17:21.520 --> 00:17:29.740
25 gigs like this box has You know, you're looking at a thousand maybe 1200 US dollars. It's a hefty premium to pay

00:17:29.740 --> 00:17:35.540
I don't know that I would buy a product like this for me It's always been very much a DIY approach, but it's still very cool

00:17:35.540 --> 00:17:39.180
And it's awesome to see a company that we like that makes good software make some cool hardware