My current internet setup is like this (which is common for most people).
fiber line from ISP <-> ISP fiber modem <-> Personal wifi router <-> switch
This is working fine with no issues. But I need to power two devices. I want to reduce this to a single device.
fiber line from ISP <-> Modem+Firewall PC <-> Switch <-> AP1,AP2...
From my initial research, what I need is an SFP module which can be attached to a PC which supports SFP. OPNsense should be able to handle most SFP modules.
What is the community’s take on this? Is this worth the effort? Can I find a mini-PC which supports SFP? Will it be cost effective?
Just use the fiber modem, it’s gonna be a huge pain and fight with your ISP to use your own modem likely.
It very strongly depends on which ISP they have. There’s a few that make it easy. There’s a much larger number that can be hacked by a competent pc person (which I’ve done). There’s also a small amount who have worked to make it impossible / hard to do, and don’t have any public info on the process.
My ISP is att fiber, and all I had to do was change the vlan id on the outgoing side and match the ip settings to make it work. I used the guides from https://pon.wiki/ to do it, and the discord is also incredibly helpful.
Of note, this used to be impossible / very difficult so you’ll still find forum posts saying it can’t be done. However, a couple nerds have changed that over the past two years so make sure your info is up to date before deciding it can’t be done for your specific setup.
Shit really? That’s awesome
I checked this route but fiber modem are currently rare. There are only few WiFi 6/7 routers which accepts fiber. My ISP on the other hand is quite friendly. They initially provided me with a fiber modem, which sucked as it was quite old, so I told them to give me a simple modem as I have my own ethernet wifi router. They replaced it the next day.
You cannot just buy any SFP module and have it work. Most ISPs deploy a “special” (at least compared to normal point to point fiber links) that lets them serve multiple customers out of one port in their office. This is called a Passive Optical Network and requires specialized modules on both ends. There are ways to make a specific SFP work as an ONT and by cloning certain identifiers from the ONT to make the ISP think their box is still there.
This is a lot of effort and from my research, could stop working randomly in some cases.
Mine has been running flawlessly for nearly two years now. ISPs are lazy and only change things when they’re forced to.
Those two devices are likely very low power arm devices. I wouldn’t be surprised if a mini pc consumes more power than those two devices. If power is your concern you should probably measure how much they’re actually pulling.
I dunno, my newest cable modem chews up a boatload of power for no good reason - really pisses me off.
It uses more power (50w) than my 2019 SFF desktop I run as a server, with an 8TB drive (20w).
I know because they both sit on their own smart switches.
50w… holy shit!
My server with 1 SSD, 3 HDDs running multiple docker containers doesn’t usually pull more than 35-40w.
My router tops out at 8w and my wireless access point at 5w IIRC.
My consumer broadband router (which acts as a WAP, modem, and router) looks like it’s rated for a 36W power supply. Putting a Kill-A-Watt wattmeter on it shows it currently using about 14W.
I would definitely complain. That sounds defective.
Its spec’d for that
Holy moly, what modem is that??
This is something I completely forgot to account for. I heard that some SFP modules (10G) can consume a lot of power. I think the devices are pretty low powered. I’ll have to get a smartmeter and rethink the setup. Thanks a lot!
Older 10G SFP+ models were definitely power hungry. I think they’ve gotten better since then, but I haven’t really looked into how much better.
Maybe correct? Though my cable modem gobbles down some 15W… Without even doing the Wifi… So, I bet this isn’t a universal truth, as a Mini-PC will comsume less and provide all kinds of extra services, networking, NAS…
Wow, that’s a power hungry modem… But, look into the power usage of those sfp modules. They can be ~10w on their own.
Yeah, they often get quite warm. Some day I’ll be in the same situation as OP. And I can’t wait to throw out that supid modem. No clue, though what kind of SFP the fiber provider requires. I mean there’s quite a selection available…
This is working fine with no issues.
It seems like a lot of time and effort with no upside except having one device in the place of two. Is there more you are hoping to accomplish with this proposed change?
I eventually want to learn OPNsense, play with VLANs, per-device monitoring, adblocking right at the firewall itself. I will purchase a PC for the firewall for sure. So was thinking would it be better if adding an SFP to it would future proof it. But power is a concern.
You can certainly do all that learning with or without directly connecting the fiber to your firewall pc. For a mini pc you will likely need to get a USB to SFP adapter. If you want to go that route I suggest searching for compatible hardware recommendations and get a USB to SFP that has worked well for others.
Personally I would stick with the ISP modem. In any case, happy learning!
Follow the guides at https://pon.wiki/ for replacing your ISP modem with a sfp module running custom firmware. The sfp module will require some sort of active cooling, I bought a 3D printed bracket and fan from their discord server. You can also get a sfp to Ethernet media converter if your firewall does not have sfp: https://www.amazon.com/gp/aw/d/B0FCFWGWHT
These work great as a firewall: https://www.ebay.com/itm/358186631570 8 cores with the n355. I split up the cores to run multiple VMs and docker containers. I passed through all the network interfaces to the opnsense VM. It also has 2 m.2 slots(pcie 1x) I use for mirroring 2 64GB intel optane ssds in a zpool.
Excellent resources! Both the wiki and the miniPC! Thanks.
I was once thinking of virtualizing OPNsense but heard it’s a lot of pain during the setup and throughput can suffer. But I shall keep this is mind.
Most fiber services register the sfp/sfp+ module. it is much cheaper, easier and usually not against the terms of service to just use the isp-provided sfp in your own routing device instead of messing with OLT settingw and custom firmware on a $160 WAS.
Is this worth the effort?
In terms of electricity cost?
I wouldn’t do it myself.
If you want to know whether it’s going to save money, you want to see how much power it uses — you can use a wattmeter, or look up the maximum amount on the device ratings to get an upper end. Look up how much you’re paying per kWh in electricity. Price the hardware. Put a price on your labor. Then you can get an estimate.
My guess, without having any of those numbers, is that it probably isn’t.
Thanks for the suggestion, I need to get a wattmeter. The ISP modem looks low-powered but it can crank out 500 Mbps.
500Mbps isn’t a measurement of electrical consumption
I meant that it’s quite efficient. It uses those 15W mobile adaptors for power but still can deliver consistent 500 Mbps.
This may not be so easy, what protocol does the ISP use over fibre? Honestly the network card that you will probably need might already pull more than the modem.
what protocol does the ISP use over fibre?
Any way to figure this out? The modem they have provided looks like a layer 2 bridge, i.e., it just converts optical frames to ethernet frames. The login/auth process happens on my router.
Honestly the network card that you will probably need might already pull more than the modem
I have a feeling that this is true. I’ll check.
what protocol does the ISP use over fibre?
Any way to figure this out?
This is a good place to start. https://pon.wiki/
Unrelated but do you guys get pussy? Feels like everyone in this sub is a virgin
I’ll ask your mom.
Better yet, LemmyShemmy should ask his mom - no reason to do his work for him
LMAO! I’ve often wondered myself. There is a lot of crankiness. Seems like it could be solved by some wild monkey sex with your significant other.
Protectli sells opnsense firewalls with SFP+ support. Make sure these can handle gigabit data rates.
You can also terminate SFP with a switch and route that at L2 (VLAN) level to your firewall’s NIC.
deleted by creator
