4x 2.5GbE Intel Pentium N5105 Fanless Power Consumption
For power, we saw a major upgrade. Instead of the generic “Replacement AC Adapter”, we now have a LiteON unit with regulatory markings and everything.
The impact of this was huge. Our idle ranged in the 6.4-6.7W range. Maximum power consumption briefly hit 20W but was usually under 18W. We have seen users swap out the old generic power supplies for these to save money over time on power. For some of our readers with inexpensive power, 4W makes little difference. In some places in Europe, when prices can reach $7/ year per watt, 4W adds up quickly. If you want to see the unit boot and idle, you can see that in the accompanying video, along with another one of the power supply options we had.
Key Lessons Learned
On the key lessons learned, first is naturally the new power supply being a huge upgrade. Since we just covered that and the fact that the N5105 is our best value pick, let us move to some of the more important features.
The move to the CPU side NICs is one that appears to have helped thermals.
Those NICs being Intel i226-V NICs instead of Intel i225-V had a unique impact. OPNsense worked out of the box, as did Promxox VE. We could even virtualize the firewalls in these. pfSense was a bit more challenging.
Will just looked at the larger Core i7 units and found they are great virtualization nodes using VMware ESXi and pfSense.
The Intel i226-V’s are not supported in the current pfSense CE 2.6. They are supported in pfSense CE 2.7 development. If you want to run pfSense bare metal or with pass-through NICs, the i225-V is probably the better option until pfSense 2.7 hits release.
Also, while we still think it is a better value to get name-brand low-power SODIMMs and NVMe SSDs, the Ranxiana one sure looks unique.
Final Words
Between Patrick and I, we now have 20+ of these units running. I have to say, I wish all of them were this new spec. The WiFi being under the M.2 is clearly not ideal, but the NIC changes and the overall systems feel like they are getting better.
Running all of these units is interesting since it allows one to run a Proxmox VE cluster distributed if you have adequate networking. 6.5W with the better power supply is a very reasonable idle power consumption figure for something like this. Adding only a few units allows for a silent cluster to be built, while not having the same impact of a 200W+ larger system. At the same time, having a single larger system feels like the better option when there are a dozen of these running. After all, only being four cores means that the OS is taking up extra resources on each machine and the amount of stranded capacity goes up.
Still, it has been great to see these units evolve over the past year. In the video, we not only show the i225-V version but also the J6413 units that have arrived and that we will review next. Our next piece in this series, though, will be much more exciting than a 4x 2.5GbE system.
On one hand these devices appear designed to serve as firewalls. On the other hand security and buying unbranded stuff on AliExpress may not go well together. Is there any way to audit the firmware (and hardware) on these devices?
@Eric Olson: It would probably be both challenging and expensive to fully quiet one’s doubts(especially given that some sort of malice could be sprinkled randomly across a mostly legitimate run of products, or reserved for customers of interest, so you couldn’t rely on test samples to be 100% representative); but there are definitely some options that are a lot better than nothing:
Vendor page says that the system uses an AMI UEFI build; and while there is a a certain amount of platform-specific mystery to UEFI builds(there is ‘tianocore’, which is Intel’s open source UEFI implementation; but that mostly covers higher level stuff and sometimes gets partially incorporated into the firmware that actually ships; it doesn’t actually boot anything on its own); but there are also a bunch of utilities aimed at examining, dumping, and modifying well-known BIOS and UEFI vendor firmwares that have been put together over time. UEFI firmware also tends to be stored on a relatively obvious i2c or SPI flash chip that, if all else fails, can simply be desoldered and read out externally.
It’s deeply nontrivial to prove what a binary blob is up to; but if you are more or less narrowly focused on hunting for anomalies it probably helps that you can reasonably assume that the vendor was looking to bring up a Jasper Lake platform at relatively low cost and minimum fuss(rather than trying to implement a bunch of firmware-based ‘value add’/product differentiation), so odds are good, though not perfect, that the firmware pretty closely resembles that of other low cost/ODM Jasper Lake boards; allowing you to focus your examination on anything that stands out: any curious UEFI programs, runtime services, etc.
Skilled work, and not necessarily cheap, but not a matter of fundamentally unknowable mystery.
As for hardware, similar question of how much you want to spend and what sort of sampling process you want to use: it will be relatively hard for anything to hide from a full destructive analysis(desolder everything, x-ray the board and the chips, decap any chips that remain mysterious); but that’s reasonably expensive and skilled work; and since it’s destructive you can’t do it to the units you actually want to use; just a number of test samples dictated by your tolerance for the risk that the units you end up using end up differing from the units you test.
Realistically, if you are firewalling something where it matters that much you are probably better off just spending more and starting with gear whose provenance is more to your liking: it’ll end up being cheaper than trying to take gear you strongly distrust and prove its honesty.
If you want to indulge some lighter-weight paranoia firmware dumping is relatively accessible and nondestructive; and (both because of the proliferation of dev tools resulting from every x86 board needing it, and from OS and bootloader devs trying to understand and cope with really eccentric firmware) tools and expertise for at least some level of firmware poking are comparatively widely available; so you could certainly do some of that if you wanted.
Hardware level validation, beyond the basic inspection for really odd looking rework, is probably impractical(viable; but destructive and far more expensive than the system is worth).
Is the Type-C port USB 3 capable, or just USB 2.0?
Thanks for the great review and writeup!
@darkfiber in Aliexpress’s vendo page says that USB-C is capable of display so I think is USB 3.2, maybe STH can update with this test
Which processor is more energy efficient at low load? n5105 or pentium 7505? Does anyone have information?
The store on Ali has options with pentium, which supports up to 64GB of memory and has slightly better performance. But I can’t find information of power consumption. And I can’t make the final choice.
Link to the unit
For evaluating security, simplest thing is to put the unit on an isolated subnet, and look for any spurious traffic. An adversary needs a means to get control, and extract data. This means the network.
If the BIOS (without software loaded) generates network traffic, that would need a look.
While we can imagine more elaborate scenarios (Bruce Schneier would call them “Movie Plot Threats”), the most likely is a simple call-home, which could then be used for more elaborate payloads.
Hi hoping someone here can help. I have this exact unit, but I can’t get it to power on.
I bought it without RAM, and bought separetely (new) – from Samsung M471A2K43DB1-CTD.
I.e. 2666Mhz, DDR4, SODIMM, non-ECC (as recommended on the page).
Now, when I power on, after a few seconds I get a single beep, then it power cycles, and repeats. Same beep every time I manually turn it off and on. Sometimes when I leave it on it won’t continue beeping (power LED on), but it’s not appearing on the monitor.
I couldn’t find any information at all on the motherboard to tell what the beep means. I would like to think it isn’t the memory – bought two sticks and tried both separately and together, in all slot configurations.
The reviews on these units are interesting but I feel like they lack a very relevant part in the benchmark section: the network performance analysis.
Are they capable of delivering the 2.5Gbps performance? On all ports? Simultaneously? What is the CPU usage and energy consumption in those cases? How much the performance will drop with some firewall rules, or using openvswitch?
For me, it is much more useful to know these things, as I would use the device as a switch in a home network, than knowing how fast it can compile Python.
I hope you consider including this analysis in the future reviews. Thanks!
not Ranxiana SSD, it’s FanXiang SSD 🙂
Agreed with gmj. Networking performance is hard to judge from Linux kernel compile time benchmarks.
Would you run pfsense/opensense baremetal on these or even with proxmox? Or will that be too tough on the N5105?
Hey,
On the view it says that the system will support 32gb, but on Intel’s page it is said that this processor will only support 16gb.
Have you guys tried it with 32gb?
Best,
Francis
I just picked up one of those guys (although mines the n6005 model). This thing is a beast! Handles everything no problem in Proxmox and also it looks like I got an updated backplate as mine seems to allow for a 80mm fan on the back. Picture below
https://imgur.com/a/a7vtaVh
It looks like is using a non-standard fan header. Has anyone tried attaching a fan to it?
Stupid question…If you do opt to mount a 40mm fan on these things, do you mount it as an intake or exhaust fan?
@Josh T, I ordered a Topton Model-A N5105 and paid extra for the 40mm fan. They installed it as exhaust.
@Trevin Corkery, I bought the unit with fan installed, it has a short adapter cable.
@Francis Augusto I used Crucial CT2K16G4SFRA32A which is 2x 16GB 3200. System came up with 32GB RAM at 2933. I haven’t tried pushing it to 3200 yet.
Hi! Great video! Got a few questions as I’m new to these appliances and want to run OPNSense at home:
1- Can I use only one ram sodimm Vs 2, I have a spare 16gb-3200 gathering dust
2- Where can I find the manual? I tried (I really did) to get my hands on it and can’t find it
@JPH you can run one SODIMM. It wouldn’t hurt to try the one you’ve got.
Sorry, I haven’t looked too hard, but I’ve not seen any links to manuals for this system.
A couple of learnings as a noob to pfSense that might help others getting started.
– This particular system, with Intel i226-V NICs (ID 0x125C) should be supported by pfSense 2.6.0 according to the list. I didn’t try it, I went straight to 2.7.0 development snap shot. It worked.
– If you intend to use pfSense Plus, its complicated. I could not find a way to do it without virtualization, other possibly using a USB NIC. The problem is, you must install pfSense 2.6.0, then install your key, select the Upgrade branch, and it will want to install 22.01 which has no support for i226 NICs. You might be able to use a USB NIC to get from 22.01 to 22.05, but it complicates things so I wiped the drive and installed Proxmox.
– In Proxmox, when setting up the VM for pfSense, I followed some instructions that said to use the e1000 virtual NICs. When I used those, I would get huge CPU spikes with network traffic. Using the VirtIO NICs fixed it. I also used Spice for the display (as recommended by pfSense instructions), and “HOST” for processor, also recommended in pfSense instructions.
– Idle CPU utilization is around 1%-2%. That’s with about 40 things attached to the network and streaming YouTube. It spikes to up to 25% running Internet Speedtest on my 1Gbps fiber Internet. I gave the VM 4GB RAM and 3 cores. Its currently using 13% of the RAM.
So my conclusion is, this makes a fine system for a home network router. The N5105 has enough power for my basic needs. We’ll see how it goes when I start adding plug-ins and more VMs.
@Darryl,
Do you have a picture of the shoft fan adapter or the pinout please?
Thanks
I bought one of these based on the STH review, but I bought the bare bones unit. I see that it actually arrived with a riser/expander that offsets the M.2 WiFi slot over to a full M.2 2280 slot that sits between the top M.2 2280 slot and the RAM slots. It appears that I could install my NVME drive in in either location (physically). Do you know if there’s any difference in PCIe lanes available to each slot? Do they both connect directly to the CPU?
Is it intentional that STH often does not prominently link to the actual AliExpress item being reviewed?
The cynic in me wonders if this is done to boost “engagement”:
I have read this article 3x and watched the video twice. I even clicked the hyperlink on the AliExpress screenshot, which cutely brings up a larger version (I’d hoped it linked to the item on AliExpress).
Scooter it is, but perhaps for a different reason, and one that we are changing. I was getting sick of how many folks on the web and YT were plugging VERY bad products (like things that do not work at all) and using affiliate links. Also, many of the folks reviewing mini PCs are getting paid and not disclosing it. We get offers all the time, and the companies mention the folks they are paying, which is how I know this is happening.
My thought was, we are just going to avoid that by not linking. As you rightly noticed, the downside is that then we do not link to the products we review, hence why we are changing that. The 2.5GbE switch review buyer’s guide was the first in that series.
These units are gettignpopbut anyone is having the connection dripping issue the i225 and i226 is having on desktop motherboard or is this fix in these firewall appliances?