New Fanless 4x 2.5GbE Intel N5105 i226-V Firewall Tested

14
4x Intel I226 V4 Web Cover
4x Intel I226 V4 Web Cover

Today we are going to have a review of a small system that is particularly interesting. This is the Intel i226-V fanless unit that has 4x 2.5GbE NICs. Over 2022, we have tested a number of AliExpress-sourced 2.5GbE units for use as firewalls and virtualization nodes. There is a newer revision of these units, and we wanted to discuss some of the pros and cons in our standard review format for these.

New Fanless 4x 2.5GbE Intel N5105 i226-V Node Overview

Since we are a bit behind in these reviews, we have started reviewing the units in pairs. We have a video for the Intel N5105 4x i225 V4 generation and the very similar i226 generation. Here is that combined video:

As always, we suggest opening this in its own YouTube browser, tab, or app for a better viewing experience. This is the first video on our new set, and we are using our YouTube memberships to fund buying new units like these to review.

We are going to focus on the newer 4x Intel i226-V version in today’s article, but expect the i225 V4 version to get a main site piece sometime around the US Thanksgiving holiday.

Topton Intel N5105 4x 2.5GbE I226 Internal Overview Configured
Topton Intel N5105 4x 2.5GbE I226 Internal Overview Configured

These units we configured with 16GB of memory and a 256GB NVMe SSD. The impact of that is that these units were more expensive than the barebones systems we normally get them for. We purchased this unit for $312.72, but then through AliExpress coupon magic, the total shipped price was only $306.78, and we DHL shipped these units at an additional charge.

AiliExpress N5105 4x I226V Order
AiliExpress N5105 4x I226V Order

Without the SSD and RAM, these can usually be had for under $170 these days, so it is less expensive just to add this yourself. You can get a name-brand SSD and RAM for their systems. The SSDs and RAM that come pre-configured in these are not known to be the most reliable. Still, it had been a while, so we wanted to check on these.

Topton Intel N5105 4x 2.5GbE I226 Yue Tiger 16GB SODIMM
Topton Intel N5105 4x 2.5GbE I226 Yue Tiger 16GB SODIMM

In this unit, we saw the Yue Tiger 16GB SODIMM (we have seen Yue Tiger memory before.) We also got a Ranxiana SSD. Let us just say, this is one of the more unique M.2 NVMe SSD designs we have seen.

Topton Intel N5105 4x 2.5GbE I226 Ranxiana 256GB NVMe SSD
Topton Intel N5105 4x 2.5GbE I226 Ranxiana 256GB NVMe SSD

We also ordered the Intel Celeron N5105 in these. That is really the sweet spot between the N5095 and N6005. It has lower power operation, thus lower operating costs, and a lower purchase price than the N6005, but at a very solid discount.

Still, for around $300 we received a ready-to-go system with OPNsense pre-installed. We would highly recommend installing your own operating system whether that is OPNsense, Proxmox VE, or pfSense (more on pfSense later.) These are coming from a third party vendor, not the OS vendor, so we always suggest re-installing.

Let us get to the hardware.

14 COMMENTS

  1. On one hand these devices appear designed to serve as firewalls. On the other hand security and buying unbranded stuff on AliExpress may not go well together. Is there any way to audit the firmware (and hardware) on these devices?

  2. @Eric Olson: It would probably be both challenging and expensive to fully quiet one’s doubts(especially given that some sort of malice could be sprinkled randomly across a mostly legitimate run of products, or reserved for customers of interest, so you couldn’t rely on test samples to be 100% representative); but there are definitely some options that are a lot better than nothing:

    Vendor page says that the system uses an AMI UEFI build; and while there is a a certain amount of platform-specific mystery to UEFI builds(there is ‘tianocore’, which is Intel’s open source UEFI implementation; but that mostly covers higher level stuff and sometimes gets partially incorporated into the firmware that actually ships; it doesn’t actually boot anything on its own); but there are also a bunch of utilities aimed at examining, dumping, and modifying well-known BIOS and UEFI vendor firmwares that have been put together over time. UEFI firmware also tends to be stored on a relatively obvious i2c or SPI flash chip that, if all else fails, can simply be desoldered and read out externally.

    It’s deeply nontrivial to prove what a binary blob is up to; but if you are more or less narrowly focused on hunting for anomalies it probably helps that you can reasonably assume that the vendor was looking to bring up a Jasper Lake platform at relatively low cost and minimum fuss(rather than trying to implement a bunch of firmware-based ‘value add’/product differentiation), so odds are good, though not perfect, that the firmware pretty closely resembles that of other low cost/ODM Jasper Lake boards; allowing you to focus your examination on anything that stands out: any curious UEFI programs, runtime services, etc.

    Skilled work, and not necessarily cheap, but not a matter of fundamentally unknowable mystery.

    As for hardware, similar question of how much you want to spend and what sort of sampling process you want to use: it will be relatively hard for anything to hide from a full destructive analysis(desolder everything, x-ray the board and the chips, decap any chips that remain mysterious); but that’s reasonably expensive and skilled work; and since it’s destructive you can’t do it to the units you actually want to use; just a number of test samples dictated by your tolerance for the risk that the units you end up using end up differing from the units you test.

    Realistically, if you are firewalling something where it matters that much you are probably better off just spending more and starting with gear whose provenance is more to your liking: it’ll end up being cheaper than trying to take gear you strongly distrust and prove its honesty.

    If you want to indulge some lighter-weight paranoia firmware dumping is relatively accessible and nondestructive; and (both because of the proliferation of dev tools resulting from every x86 board needing it, and from OS and bootloader devs trying to understand and cope with really eccentric firmware) tools and expertise for at least some level of firmware poking are comparatively widely available; so you could certainly do some of that if you wanted.

    Hardware level validation, beyond the basic inspection for really odd looking rework, is probably impractical(viable; but destructive and far more expensive than the system is worth).

  3. @darkfiber in Aliexpress’s vendo page says that USB-C is capable of display so I think is USB 3.2, maybe STH can update with this test

  4. Which processor is more energy efficient at low load? n5105 or pentium 7505? Does anyone have information?
    The store on Ali has options with pentium, which supports up to 64GB of memory and has slightly better performance. But I can’t find information of power consumption. And I can’t make the final choice.

  5. For evaluating security, simplest thing is to put the unit on an isolated subnet, and look for any spurious traffic. An adversary needs a means to get control, and extract data. This means the network.

    If the BIOS (without software loaded) generates network traffic, that would need a look.

    While we can imagine more elaborate scenarios (Bruce Schneier would call them “Movie Plot Threats”), the most likely is a simple call-home, which could then be used for more elaborate payloads.

  6. Hi hoping someone here can help. I have this exact unit, but I can’t get it to power on.

    I bought it without RAM, and bought separetely (new) – from Samsung M471A2K43DB1-CTD.
    I.e. 2666Mhz, DDR4, SODIMM, non-ECC (as recommended on the page).

    Now, when I power on, after a few seconds I get a single beep, then it power cycles, and repeats. Same beep every time I manually turn it off and on. Sometimes when I leave it on it won’t continue beeping (power LED on), but it’s not appearing on the monitor.

    I couldn’t find any information at all on the motherboard to tell what the beep means. I would like to think it isn’t the memory – bought two sticks and tried both separately and together, in all slot configurations.

  7. The reviews on these units are interesting but I feel like they lack a very relevant part in the benchmark section: the network performance analysis.

    Are they capable of delivering the 2.5Gbps performance? On all ports? Simultaneously? What is the CPU usage and energy consumption in those cases? How much the performance will drop with some firewall rules, or using openvswitch?

    For me, it is much more useful to know these things, as I would use the device as a switch in a home network, than knowing how fast it can compile Python.

    I hope you consider including this analysis in the future reviews. Thanks!

  8. Would you run pfsense/opensense baremetal on these or even with proxmox? Or will that be too tough on the N5105?

  9. Hey,

    On the view it says that the system will support 32gb, but on Intel’s page it is said that this processor will only support 16gb.

    Have you guys tried it with 32gb?

    Best,

    Francis

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.