This is one that we have had in the queue for some time. We decided that this one does not need its own video. Today we are going to look at the N5095 version of the 4x 2.5GbE firewall line that we reviewed previously on STH. We are going to keep this shorter since we are going to focus more on the changes between this and the other units we have reviewed in this series.
Topton Intel N5095 4x 2.5GbE Firewall Overview
If you want to see the previous ones in this series, check out the N6005 version here.
Both Patrick and I have ours and they have been running, but there are many quirks to the N6005 ones that you can find in this mega-thread. There are also the Intel Celeron N5105 4x 2.5GbE options we reviewed. The video for that is here.
The N5095 units have become hard to find as these go through new revisions constantly. Perhaps that makes sense. From our N6005 review, our ranking guidance is:
And in this review, we are going to see why. The barebones N5095 unit was $219 versus $228 for the N5105. The AliExpress listing we purchased this from has already changed.
That is not bad for a 4x 2.5GbE machine with a processor installed. At the same time, one still needs to add RAM and a SSD or 2.5″ drive to get a system that is really usable so the cost is more. It is not quite the Netgate 4100 cost, but for a firewall, it also does not have pfSense+ installed.
For the quick answer on why this was far from our favorite, the primary reason is just the power consumption and pricing compared to the N5105. From the perspective of looking at new models, we think this would inform our decisions on N5105 v. N5095 more generally.
Let us get to the hardware and see why this is our lowest-rated version in the trio of options.
Living in Europe, I do appreciate your concern for the power consumption of the device!
However, I’m not sure your advice is sound.
Short variant: in an appliance context the max power consumption isn’t nearly as significant as the average power consumption for the job its doing–and that may be neglegable for those different bins.
All these Jasper Lake variants (perhaps even the dual cores) are most likely made from the same set of dice and just binned for outright defects, higher voltage requirements or even pure market segmentation.
In the case of voltage bins, that’s typically chips requiring higher voltages to overcome less than perfect transistores or interconnects, but it could also be chips that simply won’t run reliably at higher clocks.
In the first case an N5095 is liklely to consume more Watts than a N6005 at identical CPU core clocks. In the second case there might be no difference, though typically the two cases aren’t really isolated from one another.
These being 24×7 appliances, idle power consumption is really the bigger factor and the principal reason you should pay close attention to the power supply and it’s efficiency. Yet for the Jasper Lake SoCs, I’d expect very little difference. The difference in power consumption only really comes into play as these chips rev to near maximum clocks. And there somewhat like its Rocket Lake cousins, Jasper Lakes is happy to go into power consumption territory where no Atom has gone before: My J5005 based systems tend to stick pretty close to the 10Watt TDP mark they officially have, while my Jasper Lake N6005 NUC has been observed to really burn the 28Watt PL2 TDP the BIOS allocates by default.
Well, unlike my fully passive J5005 Mini-ITX systems (which never throttle!), it also has a fan…
But at least on the NUC BIOS you can tell it to keep it down and make do with 12 Watts PL2 and 10 Watts PL1, at which point it sure won’t be using more than a N5095, but it might not be much faster either (well Atoms are no speed daemons anyway).
Essentially with the N6005 you get a bit more choice and flexibility: you can let it rip near the maximum speed at the cost of the extra power or you can tone it down, if efficiency really were your top concern. You can’t change your mind with the 5095 and open up that throttle once you notice that that nice new broadband bandwidth update fails to make it through your firewall.
But even without restricting the BIOS TDP setting, chances are the practical difference in terms of power consumption between the top bin Jasper Lake and its lower variants won’t be noticeable, because if you operate them near those top clocks for extended periods of time, you’re most likely using the wrong platform: at 28 Watts a Core mobile part will give you more performance per Watt because that’s operating near its peak efficiency point there, than an Atom that’s left that point far behind and has little left to give except heat.
A couple of years ago I had to migrate from an J1900 Atom to a Kaby Lake i7-7700T Core CPU (35 Watt TDP) for my pfSense firewall , because with all the Suricata rulesets active, an Atom was quite overwhelmed and throttling the broadband bandwith, so be sure to measure realistically before you buy.
My only real comment is that the ranking on the first page is unclear, you put the N5095 at the top when in reality it was worst to best. So I started the article wondering why the ranking was backwards. Perhaps some refinement to qualify the order of the ranking could improve it a bit!
I want to give you my input on this, I bought this one, to use it as a router (VM in Proxmox, PCI passthrough), besides a router, I will host a Pihole, Home assistant, and an Unifi Controller, so 4 VM in total.
Also, I got a micro PC(Noname as this one) with just two NICs to do the same.
For the 4 ports I got branded memory and SSD, and for the 2 ports, I got it populated with Noname memory and SSD.
BOTH of them are not stable, the VM is crashing every few days, proxmox still works but the machines are crashing randomly, I disabled qemu guest agent and the crashes are happening half as much but still there, I have a lot of experience with proxmox with hundreds of VM hosted on it but I never saw this.
I will ditch them and return to Dell/Lenovo mini and micro PCs, even if they are a few generations behind. before those, I had a Dell 3020 that ran for more than two years without problems.
If you have thoughts please share them 🙂
Thanks for reading, I hope it helps.
I feel like I’m getting lost here.
I want to ditch my UniFi USG-3 in favor of going more opensource with PfSense.
I watched multiple of these fanless router videos so far and I still have no clue on what I should get.
4 ports should be fine, or maybe even 2 port, for WAN and LAN as I can do VLANing on my switches. Or is there a benefit in having a dedicated LAN port for each VLAN?
But I’m mainly getting lost at the CPU selection.
Should I go for N6005, N5105, i7-1165G7, or one of the i3/i5 options?
The system would probably run PfSense directly, maybe via Proxmox so I can save a back-up on my NAS. Some IDS/IPS would be nice, as well as VPN. PiHole already runs on my fanless Docker box (N5095).
I installed a protectelli (not sure of spelling) pfSense for my brother. Mostly game traffic (3 consoles, 720p streaming to multiple devices, then phones, and pc’s etc). Pretty sure we did the 4 port intel atom or something like that (not high end is the point). It does a great job and there are no regrets other than should have bought one for me too. It’s nice to have 4 ports.