AMD 5000 APU launching and could make a good case for a NAS plex server or Pfsense or Opnsense custom router

[Maverick009]

So AMD has finally revealed the Ryzen APU 5000 series processors, and the 5600G at 259.99 already looks very attractive. This would be decent for a NAS or Plex Server for multimedia content due to the Radeon Graphics on board and 6 Core/12 Thread CPU. It also makes a strong case for the DIY crowd when building an Opnsense or Pfsense router. One a little more performance, then step up to the 8 Core/16 Thread 5700G APU for only $100 more. Pair this up with a B550 based motherboard that carries Intel 1Gb or 2.5Gb NIC, and go from there. It will have enough processing power both on CPU and graphics side to handle all tasks in these types of uses. Also it is efficient at 65W total.


Let me know your thoughts.....

 

[RMerlin]

APUs won't be available until August. And with the silicon shortage issues, I suspect that they will be unobtanium for weeks, if not months at launch time.

 

[Tech9]

Way too much CPU for home firewall. I was running pfSense on a single CPU Xeon E3 server (4C/8T) in the past and never saw >30% CPU load with some crazy practically unusable Suricata rules on it. In normal conditions it could do >5Gbps firewall easily if given proper LAN interfaces. For Gigabit LAN it was good only for converting electricity into heat and noise. I don't use Plex and can't comment on this.

 

[Maverick009]

Way too much CPU for home firewall. I was running pfSense on a single CPU Xeon E3 server (4C/8T) in the past and never saw >30% CPU load with some crazy practically unusable Suricata rules on it. In normal conditions it could do >5Gbps firewall easily if given proper LAN interfaces. For Gigabit LAN it was good only for converting electricity into heat and noise. I don't use Plex and can't comment on this.

When you get into the meatier pieces of Pfsense and Opnsense memory and even CPU can be worth the load. Not as much on the graphics side, but having the graphics baked into the CPU, frees up a PCIe slot. If planning on doing multiple 2.5G-10G connections, the more cores/threads, the better it can be. I think the 6C/12T APU is that perfect balance, especially for heavy loads or multiple transfers at 2.5G+. 1Gbps transfers may not really see much lift.

Also I would think even an old Intel Xeon E3 CPU will be nearly double this APU, and not have close to the tech/security/IPC the 5600G would have and they would be in about same power envelope.

Now for Plex Server, it would be an ideal fit. This APU would handle and encode/decode multiple simultaneous streams with ease....Maybe I should of presented Title/talking points better lol...Pricewise this is the best performance/per watt ratio you can get. I even suspect you could target at least a 45W envelope as well, with the BIOS settings tweaked. I only worry about availability/price due to the market we are currently in as @RMerlin touched on.

 

[Tech9]

I believe very few home users currently have 10Gb WAN connection. Some may have 10Gb LAN connections. Multi cores/threads firewall is not needed, but a good 10Gb switch. Building a 6C/12T machine for home firewall is a hobby toy in my eyes. The only real benefit is the personal satisfaction - why not, if I can. I would use this APU only in a budget gaming PC. At least it will be doing something there. If I really need 10Gb capable firewall with 500 clients behind it, I would prefer all Intel server hardware, even if it's more expensive. I don't like mixing and matching at the system core.

 

[Mark070]

I don't know if I would like this cpu as a router cpu. I think it uses too much power. Personally, if I was to build a PFSense/OPNSense based machine, I would look at the I5-8250U as my first choice. I agree that this chip is more suited for a Plex machine and/or a budget gaming PC. Just my thoughts, could be wrong.

 

[Maverick009]

I don't know if I would like this cpu as a router cpu. I think it uses too much power. Personally, if I was to build a PFSense/OPNSense based machine, I would look at the I5-8250U as my first choice. I agree that this chip is more suited for a Plex machine and/or a budget gaming PC. Just my thoughts, could be wrong.

The I5-8250U is typically more expensive with less cores/threads. The Ryzen 5600G APU is in a 65W package but can be configured to lower power draw, or can get the 5600GE which is essentially same but already configured to draw less power with max tdp 35W. Both of those choices are with 2 additional cores/threads, better IPC, graphics, I/O. Pair it with a good B550 Motherboard and you have PCIe 4.0 for extra bandwidth now and in the future, and the better brand boards use Intel Ethernet instead of Realtek. It is a good price/performance APU for the DIY market, weather it be a Plex Server, Game Server, Firewall Router, NAS, etc. The next logical step above would be to go full EPYC but you loose integrated graphics as the only minor drawback, but gain I/O and may need a bigger case to accommodate based on usage/features. I see the Ryzen APU as a good medium for price/performance/power

 

[Maverick009]

I believe very few home users currently have 10Gb WAN connection. Some may have 10Gb LAN connections. Multi cores/threads firewall is not needed, but a good 10Gb switch. Building a 6C/12T machine for home firewall is a hobby toy in my eyes. The only real benefit is the personal satisfaction - why not, if I can. I would use this APU only in a budget gaming PC. At least it will be doing something there. If I really need 10Gb capable firewall with 500 clients behind it, I would prefer all Intel server hardware, even if it's more expensive. I don't like mixing and matching at the system core.

Yeah I was thinking more internal 10G on the LAN side along with if you do heavy LAN operations, it would be a good fit. WAN I can not say I really know anyone who has 10G for home use, and that is not a business. Even Comcast is right now just getting to 2G Internet. I can see maybe 5G in the next year or 2 as a possibility as they seem to be speeding up internet again lately, and cannot tell if it was just due to the pandemic, or this was semi in the plans already, as 2.5G modems were beginning to hit market. I also use Sensi on OpnSense and know that is core/thread happy and memory intensive, and why the APU/CPU part would be a good drop in to my network.

 

[Tech9]

Yeah I was thinking more internal 10G on the LAN side along with if you do heavy LAN operations, it would be a good fit.

Good fit for what? LAN traffic is switching, not routing. Your OPNSense firewall is for WAN connections only.

 

[Maverick009]

Good fit for what? LAN traffic is switching, not routing. Your OPNSense firewall is for WAN connections only.

Correct LAN traffic is switching and a good switch can handle it well. I should of been a little more clear too, as I was thinking of traffic going through 2 different subnets. In my case traffic still has to come back through the router to talk to the other subnet on a different NIC.

I could be wrong as I am quite a techie person but still new enough to Opnsense and Pfsense.

 

[Tech9]

L3 switching of VLANs is a better approach in this case. If you use some IPS/IDS on your firewall, don't process LAN traffic, let it run on WAN interface only. It may be interesting to watch what happens on the LAN side, but you don't expect to hack yourself with your own clients. This will lower the firewall load significantly. I mean you may have 10GB capable LAN network, but your firewall should be fine with much less processing power.

 

[Maverick009]

L3 switching of VLANs is a better approach in this case. If you use some IPS/IDS on your firewall, don't process LAN traffic, let it run on WAN interface only. It may be interesting to watch what happens on the LAN side, but you don't expect to hack yourself with your own clients. This will lower the firewall load significantly. I mean you may have 10GB capable LAN network, but your firewall should be fine with much less processing power.

I may have to look at it further. Will backup the config and look further at settings. I think the other part is I am currently running it on an old Core2Quad Q6600 CPU with 4GB DDR3 memory. When the time comes to upgrade, I will probably end up going to the Ryzen 5600G APU since I will be upgrading hardware at some point and it will future proof me for quite some time. If it was not for the case I would of used an old Ryzen 1700/Asus EATX motherboard I have sitting around but the case only fits up to a matx board and if I have to buy a motherboard, rather get most bang for buck .

Made Typo as all my systems use DDR4 now. This is the last piece of computer hardware I have using DDR3. Just noticed my mistake.

 

[Tech9]

Core2Quad Q6600 CPU with 4GB DDR4 memory

It's a good training platform, but you don't have DDR4 RAM inside for sure. Most were DDR2, some MBs offered DDR3 support. This PC with Intel 4-port NIC can actually do Gigabit just fine. Performance is not CPU related only. It depends on how the system hardware is set and what software you use. Software optimization example - changing Snort with Suricata. Suricata is multi-threaded, Snort is single-threaded. Example for hardware optimization - switched LAN traffic through two different NICs is going to affect data bus more, compared to single-multi port NIC with own controller on board. The drawbacks of Q6600 PC are the size, power consumption and the lack of AES-NI support. If you don't need super fast VPN speeds, you have space and the power consumption is no concern, this home made router/firewall will serve you well for years.

 

[Maverick009]

It's a good training platform, but you don't have DDR4 RAM inside for sure. Most were DDR2, some MBs offered DDR3 support. This PC with Intel 4-port NIC can actually do Gigabit just fine. Performance is not CPU related only. It depends on how the system hardware is set and what software you use. Software optimization example - changing Snort with Suricata. Suricata is multi-threaded, Snort is single-threaded. Example for hardware optimization - switched LAN traffic through two different NICs is going to affect data bus more, compared to single-multi port NIC with own controller on board. The drawbacks of Q6600 PC are the size, power consumption and the lack of AES-NI support. If you don't need super fast VPN speeds, you have space and the power consumption is no concern, this home made router/firewall will serve you well for years.

Thanks. Always good to talk with other tech savvy people and share experiences and what not. What you mentioned with power draw can be hit and miss with this CPU and one of the reasons to get better hardware that gives better performance/per watt, but AES-NI support would be a major reason I was looking at a hardware upgrade of sorts as well, especially since Pfsense was almost ready to make that jump with 2.5 and backed off for the moment and Opnsense could make that change at anytime themselves. Good to know Suricata is multithreaded. I can not always tell what is multithreaded or single threaded. between both distros.

 

[Tech9]

Slim case, PS, MB, CPU, low profile cooler, RAM, SSD, multi-port NIC etc. won't be cheap. Potential performance per watt may be excellent, if you need this performance. Otherwise you'll be only wasting watts and money. I came to this conclusion years ago and replaced 200 pounds 500W hardware with 10 pounds under 100W. My network performance is exactly the same minus the satisfaction when I was in "play and explore" mode. You can buy and play with whatever makes you happy, as long as it doesn't hurt your wallet and/or interfere with your main source of income.

 

[Maverick009]

Slim case, PS, MB, CPU, low profile cooler, RAM, SSD, multi-port NIC etc. won't be cheap. Potential performance per watt may be excellent, if you need this performance. Otherwise you'll be only wasting watts and money. I came to this conclusion years ago and replaced 200 pounds 500W hardware with 10 pounds under 100W. My network performance is exactly the same minus the satisfaction when I was in "play and explore" mode. You can buy and play with whatever makes you happy, as long as it doesn't hurt your wallet and/or interfere with your main source of income.

Absolutely agree. The AMD CPUs and more particular the APUs are well configurable especially in targeting the TDP limits you want. AMD has been very generous to allowing the power envelope to be adjusted with lower or higher TDP limits with minor configuration changes. That is why I am leaning on them for even this project. Also fits mu budget without breaking the bank. I use to play with multiple devices myself but time consuming and power draw was getting a little out of hand. I have pretty much condensed everything into a network rack and have only one main server running Windows Server 2019 and it acts as both my gaming server and multimedia NAS box powered by the Ryzen 2700 non-x variant 8C/16T CPU and X470 platform. One server that I can use to handle pretty much everything and run a couple virtual machines as needed too. The other server is just a slightly older HP laptop running a mobile Intel i5 5th Gen CPU with 6GB DDR3L and running Ubuntu Server. That is more of a testbed and for Asterisk VOIP.

The higherend equipment is all found in the gaming/multimedia PCs

The firewall pretty much connects the LAN and WAN together and probably the most power hungry and least powerful equipment I have in that rack