Supermicro SuperServer E302-9D Review: A Fanless 10G pfSense Powerhouseby Ganesh T S on July 28, 2020 3:00 PM EST
- Posted in
Setup and Usage Impressions
Systems such as the SuperServer E302-9D are meant to be operated in a head-less manner (without a display attached). That said, the system does offer a VGA display output using the ASPEED AST2500 BMC SoC on board. The SoC also enables transfer of video-over-IP. Supermicro's user-friendly IPMI (Intelligent Platform Management Interface) implementation allows for users to interact with the E302-9D efficiently. A majority of Supermicro's set of IPMI features and tools cater to datacenter managers. In this section, however, we take a look at the implementation from a home-lab / developer's perspective - from setting up the system to its actual deployment and usage.
After installing the build components in the system, the unit was connected to the AC mains and its IPMI LAN port was connected to the management network. By default, the IPMI LAN port is capable of obtaining an IP from the DHCP server in the network. A knowledge of the IP allows users to directly navigate to that using any modern web browser. Access to the interface is protected ny a login. Recently, Supermicro started configuring unique BMC passwords for their rackmount systems. For embedded systems like the E302-9D, the ADMIN / ADMIN combination continues to work.
The gallery below presents some of the options available using the HTML interface. With modern browsers, it is possible to utilize the HTML5-based iKVM (Keyboard/Video/Mouse over IP) viewer.
Supermicro also offers a GUI software application in IPMIView (reliant on the OpenJDK runtime) that can be used for, among other things, discovery of Supermicro IPMI clients in the network. An overview of the capabilities offered by IPMIView for the SuperServer E302-9D is provided in the gallery above. The console relies on a Java-based iKVM viewer.
The BIOS options for the server can be configured via the iKVM interface. The video below presents a walkthrough of the available features.
The BIOS allows both UEFI and legacy boot options. It also allows the configuration of the priority sequence for the boot device within a single drive (at 5:32 in the above video). Boot overrides are also possible from within the BIOS.
Triple-Booting the E302-9D
The presence of 8 network ports (not considering the IPMI LAN port) in the system makes it a suitable candidate for use with a router / firewall distribution such as VyOS or pfSense. Developers and homelab enthusiasts have different platform preferences. In order to test out the behavior of the system across representative scenarios, we decided to set up a triple-boot configuration with Windows Server 2019 Standard x64, Ubuntu 20.04 LTS, and pfSense 2.4.5.
Three different bootable USB drives were created for the installation media for the three operating systems. The drives were physically connected to the system prior to triggering the installation via the iKVM console. It is also possible to mount images as virtual media - in this respect, the Java-based iKVM viewer works in a more user-friendly manner compared to the virtual media settings in the browser interface. Windows Server was installed first, followed by Ubuntu, and finally pfSense.
Setting up the triple-boot was fairly uneventful, with the main challenge related to modifying the grub config to allow visibility of all three OS installations. We were pleased to find that all network ports were up and running right out of the box, without the need for explicit driver installations.
Post Your CommentPlease log in or sign up to comment.
View All Comments
Jorgp2 - Thursday, July 30, 2020 - linkMaybe you should learn the difference between a switch and a router first.
newyork10023 - Thursday, July 30, 2020 - linkWhy do you people have to troll everywhere you go?
Gonemad - Wednesday, July 29, 2020 - linkOh boy. I once got Wi-Fi "AC" 5GHz, 5Gbps, and 5G mobile networks mixed once by my mother. It took a while to explain those to her.
Don't use 10G to mean 10 Gbps, please! HAHAHA.
timecop1818 - Wednesday, July 29, 2020 - linkFortunately, when Ethernet says 10Gbps, that's what it means.
imaheadcase - Wednesday, July 29, 2020 - linkPut the name Supermicro on it and you know its not for consumers.
newyork10023 - Wednesday, July 29, 2020 - linkThe Supermicro manual states that a PCIe card installed is limited to networking (and will require a fan installed). An HBA card can't be installed?
abufrejoval - Wednesday, July 29, 2020 - linkSince I use both pfSense as a firewall and a D-1541 Xeon machine (but not for the firewall) and I share the dream of systems that are practically silent, I feel compelled to add some thoughts:
I started using pfSense on a passive J1900 Atom board which had dual Gbit on-board and cost less than €100. That worked pretty well until my broadband exceeded 200Mbit/s, mostly because it wasn’t just a firewall, but also added Suricata traffic inspection (tried Snort, too, very similar results).
And that’s what’s wrong with this article: 10Gbit Xeon-Ds are great when all you do is push packet, but don’t look at them. They are even greater when you terminate SSL connections on them with the QuickAssist variants. They are great when they work together with their bigger CPU brothers, who will then crunch on the logic of the data.
In the home-appliance context that you allude to, you won’t have ten types of machines to optimally distribute that work. QuickAssist won’t deliver benefits while the CPU will run out of steam far before even a Gbit connection is saturated when you use it just for the front end of the DMZ (firewall/SSL termination/VPN/deep inspection/load-balancing-failover).
Put proxies, caches or even application servers on them as well, even a single 10Gbit interface may be a total waste.
I had to resort to an i7-7700T which seems a bit quicker than the D-2123IT at only 35Watts TDP (and much cheaper) to sustain 500Mbit/s download bandwidth with the best gratis Suricata rule set. Judging by CPU load observations it will just about manage the Gbit loads its ports can handle, pretty sure that 2.5/5/10 Gbit will just throttle on inspection load, like the J1900 did at 200Mbit/s.
I use a D-1541 as an additional compute node in an oVirt 3 node HCI gluster with 3x 2.5Gbit J5005 storage nodes. I can probably go to 6x 2.5Gbit before its 10Gbit NIC becomes a bottleneck.
The D-1541’s benefit there is lots of RAM and cores, while it’s practically silent with 45 Watts TDP and none of the applications on it require vast amounts of CPU power.
I am waiting for an 8-core AMD 4000 Pro 35 Watt TDP APU to come as Mini-ITX capable of handling 64 or 128GB of ECC-RAM to replace the Xeon D-1541 and bring the price for such a mini server below that of a laptop with the same ingredients.
newyork10023 - Wednesday, July 29, 2020 - linkWith an HBA (were it possible, hence my question), the 10Gbps serves a possible use (storage). Pushing and inspection exceeds x86 limits now. See TNSR for real x86 limits (wighout inspection).
abufrejoval - Wednesday, July 29, 2020 - linkThat would seem apply to the chassis, not to the mainboard or SoC.
There is nothing to prevent it from working per se.
I am pretty sure you can add a 16-port SAS HBA or even NVMeOF card and plenty of external storage, if thermals and power fit. A Mellanox 100Gbit card should be fine electrically, logically etc, even if there is nothing behind to sustain that throughput.
I've had an Nvidia GTX1070 GPU in the SuperMicro Mini-ITX D-1541 for a while, no problem at all, functionally, even if games still seem to prefer Hertz over cores. Actually GPU accellerated machine learning inference was the original use case of that box.
newyork10023 - Wednesday, July 29, 2020 - linkAs pointed out, the D2123IT has no QAT, so a QAT accelerator would take up an available PCIe slot. It could push 10G packets then, but not save them or think (AI) on them.