Today we are going to have a review of a small system that is particularly interesting. This is the Intel i226-V fanless unit that has 4x 2.5GbE NICs. Over 2022, we have tested a number of AliExpress-sourced 2.5GbE units for use as firewalls and virtualization nodes. There is a newer revision of these units, and we wanted to discuss some of the pros and cons in our standard review format for these.
New Fanless 4x 2.5GbE Intel N5105 i226-V Node Overview
Since we are a bit behind in these reviews, we have started reviewing the units in pairs. We have a video for the Intel N5105 4x i225 V4 generation and the very similar i226 generation. Here is that combined video:
As always, we suggest opening this in its own YouTube browser, tab, or app for a better viewing experience. This is the first video on our new set, and we are using our YouTube memberships to fund buying new units like these to review.
We are going to focus on the newer 4x Intel i226-V version in today’s article, but expect the i225 V4 version to get a main site piece sometime around the US Thanksgiving holiday.
These units we configured with 16GB of memory and a 256GB NVMe SSD. The impact of that is that these units were more expensive than the barebones systems we normally get them for. We purchased this unit for $312.72, but then through AliExpress coupon magic, the total shipped price was only $306.78, and we DHL shipped these units at an additional charge.
Without the SSD and RAM, these can usually be had for under $170 these days, so it is less expensive just to add this yourself. You can get a name-brand SSD and RAM for their systems. The SSDs and RAM that come pre-configured in these are not known to be the most reliable. Still, it had been a while, so we wanted to check on these.
In this unit, we saw the Yue Tiger 16GB SODIMM (we have seen Yue Tiger memory before.) We also got a Ranxiana SSD. Let us just say, this is one of the more unique M.2 NVMe SSD designs we have seen.
We also ordered the Intel Celeron N5105 in these. That is really the sweet spot between the N5095 and N6005. It has lower power operation, thus lower operating costs, and a lower purchase price than the N6005, but at a very solid discount.
Still, for around $300 we received a ready-to-go system with OPNsense pre-installed. We would highly recommend installing your own operating system whether that is OPNsense, Proxmox VE, or pfSense (more on pfSense later.) These are coming from a third party vendor, not the OS vendor, so we always suggest re-installing.
Let us get to the hardware.
On one hand these devices appear designed to serve as firewalls. On the other hand security and buying unbranded stuff on AliExpress may not go well together. Is there any way to audit the firmware (and hardware) on these devices?
@Eric Olson: It would probably be both challenging and expensive to fully quiet one’s doubts(especially given that some sort of malice could be sprinkled randomly across a mostly legitimate run of products, or reserved for customers of interest, so you couldn’t rely on test samples to be 100% representative); but there are definitely some options that are a lot better than nothing:
Vendor page says that the system uses an AMI UEFI build; and while there is a a certain amount of platform-specific mystery to UEFI builds(there is ‘tianocore’, which is Intel’s open source UEFI implementation; but that mostly covers higher level stuff and sometimes gets partially incorporated into the firmware that actually ships; it doesn’t actually boot anything on its own); but there are also a bunch of utilities aimed at examining, dumping, and modifying well-known BIOS and UEFI vendor firmwares that have been put together over time. UEFI firmware also tends to be stored on a relatively obvious i2c or SPI flash chip that, if all else fails, can simply be desoldered and read out externally.
It’s deeply nontrivial to prove what a binary blob is up to; but if you are more or less narrowly focused on hunting for anomalies it probably helps that you can reasonably assume that the vendor was looking to bring up a Jasper Lake platform at relatively low cost and minimum fuss(rather than trying to implement a bunch of firmware-based ‘value add’/product differentiation), so odds are good, though not perfect, that the firmware pretty closely resembles that of other low cost/ODM Jasper Lake boards; allowing you to focus your examination on anything that stands out: any curious UEFI programs, runtime services, etc.
Skilled work, and not necessarily cheap, but not a matter of fundamentally unknowable mystery.
As for hardware, similar question of how much you want to spend and what sort of sampling process you want to use: it will be relatively hard for anything to hide from a full destructive analysis(desolder everything, x-ray the board and the chips, decap any chips that remain mysterious); but that’s reasonably expensive and skilled work; and since it’s destructive you can’t do it to the units you actually want to use; just a number of test samples dictated by your tolerance for the risk that the units you end up using end up differing from the units you test.
Realistically, if you are firewalling something where it matters that much you are probably better off just spending more and starting with gear whose provenance is more to your liking: it’ll end up being cheaper than trying to take gear you strongly distrust and prove its honesty.
If you want to indulge some lighter-weight paranoia firmware dumping is relatively accessible and nondestructive; and (both because of the proliferation of dev tools resulting from every x86 board needing it, and from OS and bootloader devs trying to understand and cope with really eccentric firmware) tools and expertise for at least some level of firmware poking are comparatively widely available; so you could certainly do some of that if you wanted.
Hardware level validation, beyond the basic inspection for really odd looking rework, is probably impractical(viable; but destructive and far more expensive than the system is worth).
Is the Type-C port USB 3 capable, or just USB 2.0?
Thanks for the great review and writeup!
@darkfiber in Aliexpress’s vendo page says that USB-C is capable of display so I think is USB 3.2, maybe STH can update with this test
Which processor is more energy efficient at low load? n5105 or pentium 7505? Does anyone have information?
The store on Ali has options with pentium, which supports up to 64GB of memory and has slightly better performance. But I can’t find information of power consumption. And I can’t make the final choice.
Link to the unit
For evaluating security, simplest thing is to put the unit on an isolated subnet, and look for any spurious traffic. An adversary needs a means to get control, and extract data. This means the network.
If the BIOS (without software loaded) generates network traffic, that would need a look.
While we can imagine more elaborate scenarios (Bruce Schneier would call them “Movie Plot Threats”), the most likely is a simple call-home, which could then be used for more elaborate payloads.
Hi hoping someone here can help. I have this exact unit, but I can’t get it to power on.
I bought it without RAM, and bought separetely (new) – from Samsung M471A2K43DB1-CTD.
I.e. 2666Mhz, DDR4, SODIMM, non-ECC (as recommended on the page).
Now, when I power on, after a few seconds I get a single beep, then it power cycles, and repeats. Same beep every time I manually turn it off and on. Sometimes when I leave it on it won’t continue beeping (power LED on), but it’s not appearing on the monitor.
I couldn’t find any information at all on the motherboard to tell what the beep means. I would like to think it isn’t the memory – bought two sticks and tried both separately and together, in all slot configurations.
The reviews on these units are interesting but I feel like they lack a very relevant part in the benchmark section: the network performance analysis.
Are they capable of delivering the 2.5Gbps performance? On all ports? Simultaneously? What is the CPU usage and energy consumption in those cases? How much the performance will drop with some firewall rules, or using openvswitch?
For me, it is much more useful to know these things, as I would use the device as a switch in a home network, than knowing how fast it can compile Python.
I hope you consider including this analysis in the future reviews. Thanks!
not Ranxiana SSD, it’s FanXiang SSD 🙂
Agreed with gmj. Networking performance is hard to judge from Linux kernel compile time benchmarks.
Would you run pfsense/opensense baremetal on these or even with proxmox? Or will that be too tough on the N5105?
Hey,
On the view it says that the system will support 32gb, but on Intel’s page it is said that this processor will only support 16gb.
Have you guys tried it with 32gb?
Best,
Francis
I just picked up one of those guys (although mines the n6005 model). This thing is a beast! Handles everything no problem in Proxmox and also it looks like I got an updated backplate as mine seems to allow for a 80mm fan on the back. Picture below
https://imgur.com/a/a7vtaVh
It looks like is using a non-standard fan header. Has anyone tried attaching a fan to it?
Stupid question…If you do opt to mount a 40mm fan on these things, do you mount it as an intake or exhaust fan?
@Josh T, I ordered a Topton Model-A N5105 and paid extra for the 40mm fan. They installed it as exhaust.
@Trevin Corkery, I bought the unit with fan installed, it has a short adapter cable.
@Francis Augusto I used Crucial CT2K16G4SFRA32A which is 2x 16GB 3200. System came up with 32GB RAM at 2933. I haven’t tried pushing it to 3200 yet.
Hi! Great video! Got a few questions as I’m new to these appliances and want to run OPNSense at home:
1- Can I use only one ram sodimm Vs 2, I have a spare 16gb-3200 gathering dust
2- Where can I find the manual? I tried (I really did) to get my hands on it and can’t find it
@JPH you can run one SODIMM. It wouldn’t hurt to try the one you’ve got.
Sorry, I haven’t looked too hard, but I’ve not seen any links to manuals for this system.
A couple of learnings as a noob to pfSense that might help others getting started.
– This particular system, with Intel i226-V NICs (ID 0x125C) should be supported by pfSense 2.6.0 according to the list. I didn’t try it, I went straight to 2.7.0 development snap shot. It worked.
– If you intend to use pfSense Plus, its complicated. I could not find a way to do it without virtualization, other possibly using a USB NIC. The problem is, you must install pfSense 2.6.0, then install your key, select the Upgrade branch, and it will want to install 22.01 which has no support for i226 NICs. You might be able to use a USB NIC to get from 22.01 to 22.05, but it complicates things so I wiped the drive and installed Proxmox.
– In Proxmox, when setting up the VM for pfSense, I followed some instructions that said to use the e1000 virtual NICs. When I used those, I would get huge CPU spikes with network traffic. Using the VirtIO NICs fixed it. I also used Spice for the display (as recommended by pfSense instructions), and “HOST” for processor, also recommended in pfSense instructions.
– Idle CPU utilization is around 1%-2%. That’s with about 40 things attached to the network and streaming YouTube. It spikes to up to 25% running Internet Speedtest on my 1Gbps fiber Internet. I gave the VM 4GB RAM and 3 cores. Its currently using 13% of the RAM.
So my conclusion is, this makes a fine system for a home network router. The N5105 has enough power for my basic needs. We’ll see how it goes when I start adding plug-ins and more VMs.
@Darryl,
Do you have a picture of the shoft fan adapter or the pinout please?
Thanks
I bought one of these based on the STH review, but I bought the bare bones unit. I see that it actually arrived with a riser/expander that offsets the M.2 WiFi slot over to a full M.2 2280 slot that sits between the top M.2 2280 slot and the RAM slots. It appears that I could install my NVME drive in in either location (physically). Do you know if there’s any difference in PCIe lanes available to each slot? Do they both connect directly to the CPU?
Is it intentional that STH often does not prominently link to the actual AliExpress item being reviewed?
The cynic in me wonders if this is done to boost “engagement”:
I have read this article 3x and watched the video twice. I even clicked the hyperlink on the AliExpress screenshot, which cutely brings up a larger version (I’d hoped it linked to the item on AliExpress).
Scooter it is, but perhaps for a different reason, and one that we are changing. I was getting sick of how many folks on the web and YT were plugging VERY bad products (like things that do not work at all) and using affiliate links. Also, many of the folks reviewing mini PCs are getting paid and not disclosing it. We get offers all the time, and the companies mention the folks they are paying, which is how I know this is happening.
My thought was, we are just going to avoid that by not linking. As you rightly noticed, the downside is that then we do not link to the products we review, hence why we are changing that. The 2.5GbE switch review buyer’s guide was the first in that series.
These units are gettignpopbut anyone is having the connection dripping issue the i225 and i226 is having on desktop motherboard or is this fix in these firewall appliances?