AMD Ryzen 4x 2.5GbE Internal Hardware Overview
The clamshell chassis has four screws on each side. Once those eight screws are removed with the side panels, one can open the chassis. Here we can see the bottom fan along with the bottom portion of the chassis.
Here is a look at the CW56-58 motherboard without memory or storage installed.
For memory, we get two SODIMM slots.
Our unit came with a single Yue Tiger 16GB DDR4-3200 DIMM. This constrained performance considerably, as we will discuss in our performance section.
Here is a look at the unit configured with the memory and storage as it looked when we opened the unit:
The SSD was a Ranxiana SSD, but it did not look anywhere near as exciting as the one we found in one of the New Fanless 4x 2.5GbE Intel N5105 i226-V firewalls we tested.
One may have noticed that in the fully configured system, there was another M.2 slot. Here is another angle:
The second M.2 slot is powered by this “H” board (perhaps it is an “I”?)
Here is the extension board out of the chassis. This works at PCIe Gen3 speeds, but it is unlikely we will see this design with PCIe Gen5 motherboards in the future.
Inside the unit, we can see the CPU heatsink/ fan unit on top of the motherboard, along with a block extending to the Intel i226-V NICs for cooling. We can also see the bottom components and fan. What may confuse some is that some of these units are marketed with three M.2 SSD slots. If you think you can spot the third on the left side of this photo, you are correct.
This third slot extends out towards the edge of the case. It does not seem overly practical, but it is physically there. We tested this and showed in the video a WD Blue NVMe SSD working in this slot, albeit with no way to secure the drive.
The CPU in our unit was an 8-core/16-thread AMD Ryzen 7 5825U. This is a very powerful processor for this class of system and is in another league of performance and power consumption from some of the lower-end firewalls we have reviewed previously based on Jasper Lake.
One other area that we did a quick visual inspection non was the cooling. Here one can see the heatsink side of the chassis and also the gap between the motherboard and the heatsink.
Our unit was staying under 81C max and the visual inspection seemed to indicate that at least this unit has its heatsink applied to the CPU, so we are going to say this was effective. Some of the older firewalls had gaps between the CPUs and the blocks that were attached to the metal chassis.
Next, let us get to performance as there was a lot to this one.
This one looks like a bit of a missed opportunity. I assume that someone thought that preserving external similarity to the atom-based router boxes was important; but it’s not desperately obvious what the actual benefit is, while the drawbacks in terms of thermals, fans, deeply weird m.2 layout, etc. are all pretty blatant.
Especially with either an intake or an exhaust on nearly every side this thing already requires more room than its size suggests, in the sense that if you tried to pack them side-by-side or stack them they’d likely complain; so a slightly larger enclosure would be no real sacrifice and allow a much nicer layout, ideally consolidation to a single larger fan, etc.
According to AMD
the Ryzen 7 5825U processor has ECC memory support.
Does this particular platform support ECC memory?
I would guess the side facing port is for an eGPU adapter. Why bring a router and PC to the LAN party when you can do it all with one?
What I miss from all of these mini-pc firewalls is a kvm option either serial like with the APU boards, or AMT iKVM which can be locked to a specific port (users less power than an full blown IPMI port) as I would not want it to be on the WAN port.
Having 3 display options is not intersting for a firewall.
Yes I know about the RPi KVM options but that is an additional 100-200€ on the price.
@fuzzyfuzzyfungus: The difference between the 10 Watt TDP of an Atom and the 15 Watt TDP on a Tiger Lake or Ryzen 3 SoC doesn’t seem like much on paper. So like you I’ve felt let down, when truly passive variants failed to appear.
But when you dig a little deeper and look at what companies like Akasa have to do to create a truly passive chassis for those chips, it becomes much more obvious that active cooling is a lot cheaper.
These “15 Watt” parts not only support a 28Watt setting but will actually turbo to 50 Watts (Ryzen) or 64 Watts (Tiger Lake) with both presets. They can be told not to, but then you simply get the near Atom performance, not your money’s worth.
I quite like the fans. Big slow moving fans are great to cover TDPs in this range without being noticeable: that’s typically passive enough for me. Yes, there is dust buildup over the years, but even I give my truly passive Atoms a spring cleaning.
@Patrick: Geekbench runs every one of its sub-benchmarks only for a couple of seconds, so you’ll get max turbo clocks on pretty much all of them. At that point, there is no real difference for the 5800U between the 15 and 28Watt settings, because Geekbench just runs on pure turbo.
RAM speed is even more essential for the iGPU, so using anything less than DDR4-3200 dual channel on these SoCs is crippling performance–unless it’s bored anyway.
Chances are that as a mere firewall it is going to be that quite often, unless your Suricata ruleset is extensive and the users in your small office, appartment block or Internet café are near saturating those 2.5Gbit links.
To me most of these small boxes are naturally micro-servers and that means running the firewall as a VM side-by-side with a few others for NextCloud, Plex, or some smart-home stuff. And there the ability to run a true DMZ on two ports (Internet + LAN switch), apps and storage on the two others has a box like this seem very attractive.
There is a lot of connectivity to be had these days with adapters that have an M.2 cable on one end. E.g. I use it to connect a 10Gbit Aquantia NIC on a box that doesn’t have a proper PCIe x4 slot left over, but the eGPU sounds like another interesting option.
Honestly, I’d be rather grateful for them to provide the option to utilize all the SoC’s built-in PCIe lanes instead of letting them go waste, simply because they don’t fit the design or have mainstream appeal.
@Eric Olson: ECC support for the Barcelo 5825U is a *great* find, thank you! I got a 5825U based notebook for one of my sons, that obviously doesn’t have ECC LPDDR4 RAM soldered on: so far I had only seen 100MHz higher clock… Official support for 64GB RAM seems a paper-only change, but who knows… interestingly there are also 4 additional PCIe lanes on the Barcelo…
All that has this little box appear in very different light and I can see myself itching to get my hands on one.
But even more I’d probably like a mini-ITX variant of the board with the same SoC soldered on, some SATA ports for a set of HDDs and the ability to add a 10GBit NIC one way or another. That could replace a Xeon-D 1581 that’s starting to feel a little sluggish…
Patric, mentioned in the video companion for this article that “TF” is often used to label “MicroSD” slots in China. I wager more is play than simpler licensing.
While the difference between “MicroSD” and “TF” is minimal to me I wager it is a lot larger for people in the chinese market. Many of which I assume would only see these characters as symbols.
“In this case, the TF slot is a MicroSD card slot without the vendor paying for licensing the MicroSD name.”
Timing was lucky. I took delivery of one on the same day of this review. I went for the 5600U option. I’ve installed proxmox on an SSD 2.5 drive. My unit didn’t come with the second fan which is optional I believe. I’ve also put a small 256GB nvme drive. Just for testing I’ve inserted a microSD card and it shows fine in the OS with a lsblk.
I’m installing opnsense on it as VM. Right now I need to see how to give the config file from the baremetal one to the VM.
I purchased one of these because I previously bought one with a N5105 and it was overheating and my OPNSense PVE VM would lock up. It’s working well for me with Crucial RAM and Samsung SSD. I won’t mess with off brand memory/storage.
Let me know if anyone knows how to update the BIOS. I hypothesis that the vendor ships a development BIOS. I’d prefer to run something that’s less complex.
Good (bare bones w/ 5825U): https://www.aliexpress.com/item/3256804600750691.html
Overheats (bare bones w/ N5105): https://www.aliexpress.com/item/3256804173757529.html
@Eric Olson: according to Aliexpress product pages the platform doesn’t support ECC memory. Unfortunately. I would be happy to see it here too…
I have a small fanless PC to run pfSense on. It doesn’t have as powerful a CPU as the ones that STH has been testing recently, but I decided to put a fan on it and see what happened.
It’s one of those add-on cooling fans that’s USB-powered. It came with a small wall wart that I plugged in so that I’m not powering it off the power supply of the mini PC. I laid it on top of the mini PC. It has rubber bumpers so it won’t mar anything or move around due to vibration.
I tried it with airflow blowing onto the top heatsink of the mini PC and also the opposite direction so that the fan is pulling up through the heatsink.
Blowing down onto the heatsink worked much better in my case. The fan has reduced the reported temps by about 15 °C. It doesn’t run that hot without the fan, but I feel that the reduced operating temperature could be beneficial in terms of reliability and longevity over the long term. The question then is whether it’s cost-effective? The fan was about US$10. It came with a speed control and I have that turned almost all the way down. It’s been silent. (The fan claims to have dual ball-bearings, and I’ll see how well it holds up in use.) I haven’t measured the power draw of the fan yet, but from what I’ve read I’m thinking a Watt or two?
Will the added cost of the fan and the power to run it pay for itself in added longevity for the device? I’m not sure. It provides a reassuring feeling to me though, and perhaps that’s worth the added cost. 🙂
Everyone has to make the same decisions and calculations for themselves, especially when they have mini PCs with more powerful CPUs than mine (which is a J3170). The mini PC tested in this article obviously makes that decision for you by including a cooling fan.
I assume that some or all of the CPUs used in these mini PCs will thermal-throttle, or at least not boost as much if they’re running hot? I wonder if that is an issue for most people?
Whats the point of 2.5gbit? When are these things gonna get 10gbit?
I was able to have the second fan and also a SSD working. In fact I just pulled out the board inside a 2.5 SSD (in many smaller models there is only a small board in it) and got this board securely set on the side.
I’m running Proxmox 7.3 but I am currently struggling to get GPU passthrough to a Windows 11 VM. Do you have any clue on the config to use?
Do these boards have a (software) Raid 1 for the 2 M2 SSDs? (something like Intel Rapid Storage raids)
I’m using this box with Proxmox and it is getting very hot. Seems like the PWM function is not working. At reboot or in the bios the fans are at full speed, but once in Proxmox they remain off.
I tried to adjust in the bios the temps for the fan but it makes no difference.
Any idea how to fix this?
I ran a Geekbench on this box with a Ryzen 7 5800U.
Here are the results: https://browser.geekbench.com/v5/cpu/19660849
Yann which bios version do you have?
I managed to find the BIOS files for this (via changwang.com).. https://www.changwang.com/down/76.html has the updated 10/2022 version and a link to the original version. FYI the bios link was found via williamlam’s page on using ESXI on this device.
There’s also a link to a proper datasheet for the motherboard, but it’s full of Chinese characters in the link so copying it html encoded the link, but here it is. I tested and it loaded ok for me (I had to navigate through their odd site to find it): https://changwang.oss-cn-hangzhou.aliyuncs.com/%E4%BA%A7%E5%93%81%E8%A7%84%E6%A0%BC%E4%B9%A6/%E8%BF%B7%E4%BD%A0%E4%B8%BB%E6%9C%BA%E7%B3%BB%E5%88%97/AMD-R5-5600U,R7-5800U,R7-5825U%E4%BA%A7%E5%93%81%E8%A7%84%E6%A0%BC%E4%B9%A6/%E7%95%85%E7%BD%91AMD-R5-5600U,R7-5800U,R7-5825U%E4%BA%A7%E5%93%81%E8%A7%84%E6%A0%BC%E4%B9%A6.pdf
I put some faster DDR4 16-20-20-40 1.35V RAM in it but could not find a way to increase the RAM Voltage. I emailed CWWK and got this back:
“Hello, because our motherboard is of the notebook type, this feature is not open”
Its to bad. I currently using it as a remote box unless I need more power then I have my main system on a smart switch and fire that up to log into.
This summer this is going firewall with full snort paid rule base AND added wifi AX210. It will become one node of the network and current Asus router will be downgrade to AP.
Hi everybody and many thanks to the STH team.
I have setup ProxMox 7.3-1 with Linux kernel 6.2.6 on one of these AMD Mini PCs with a Rizen 7 5825U, 32 GB of RAM and a 1TB Samsung 980 nvme. Up until now everything seems to work like a charm, the two fans do sound like they spin up when the CPU load increases, the four 2.5GB Ethernet interfaces work fine too and I didn’t experience any reboots or kernel panics.
one owner of 5800u running unraid host + k8s VM + gpu passtrough.
Highly recommend to replace thermal paste for quality one, 20-30ºC drop easily.
For those who wants to passtrough to VM the amd gpu you need the vbios, the vbios can be extracted from changwang Bios and using VBiosFinder to extract it, I can use it to transcode it within the VM but I got black screen.
Probably this dmesg error could be related
[ 3.851669] [drm] Unsupported Connector type:21!
If someone was able to passtrough entirely VM would be nice to share how 🙂