I only backup data that I either can’t replace or would have to spend significant effort to replace. Most of what’s on a media server doesn’t fall into that category.

I’m not sure what you’re shopping for with AES-NI but I can strongly recommend the HP T730 and T740 thin clients if you’re trying to build a budget home firewall machine. Both support AES-NI (but obviously not Xeon QAT) and the t730 is cheap on eBay. Drop whatever NIC and an SSD in and you’re off to the races with OPNSense. The T740 is performant enough to run OPNSense on Proxmox if that’s your thing, you’ll have plenty of spare processing time to do something else on the machine beyond routing/firewalling a 1-2Gb home connection.

Read the data sheets.

You’re mostly going to be concerned with IOPS and endurance for VM hosting.

I use mostly Samsung, SK Hynix, Micron and SanDisk. For bulk storage it doesn’t really matter which of those you pick but for fast storage you’ll want to be sure the drive offers PLP.

Go hit up fleaBay and see what’s available in the way of enterprise drives in the size you need then google the model numbers and check out the datasheets. Once you know what each drive is capable of you can decide which to buy. I usually try to buy 3 dwpd models for VM storage and 1.3 dwpd for bulk, you might prefer to focus on IOPS over endurance it’ll depend on your application.

Edit: for a VM host pool you’re primarily going to be concerned with IOPS, endurance and having PLP for better ZFS performance. For bulk storage you can skimp on specs to some extent. I prefer to use cheaper drives like the SanDisk cloudspeed eco line for a bulk storage pool and whatever high IOPS+endurance drives I can find cheap for my VM host pool. When you split your pools you can do things like use mirror zdevs for performance for VMs and raid z whatever for bulk storage.

How many drives are you looking to use, what are they for, what interfaces do you have available on the machine (SAS backplane, SATA, any number of available NVMe hookups of some flavor, etc), what pool topology are you trying to use and what is the intended workload you want to jenga tower off of all of the above? With more info people can give you more specific recommendations. (E: and what sort of machine are you running things on while I’m at it, processors and amount of RAM would be useful)

Look for something built on an Intel i225 or i226, there should be a 4 port model

“I replaced all of my NAS drives with a single 4tb ssd” sounds like a failure waiting to happen already so I guess this guy isn’t done making mistakes to fuel YouTube content yet.

NASes are pricey but provide a level of robustness that a beefy external hard drive or cloud storage just don’t provide

Uhh. If this dude thinks the average low proficiency home NAS setup has a level of robustness that a major cloud storage provider doesn’t then I have some beautiful beach front property to sell him.

+1, all of my SBCs that do important things have the OS installed on an SSD plugged into a USB3 enclosure and (if needed) only the bootloader and /boot on an SD card. That cuts wear on the SD down to almost nothing. Pick up a good condition msata or m.2 2230/2242 drive on eBay and stick it in an enclosure and watch SMART stats and you shouldn’t have any unexpected failures.

Not in the slightest. Even with a couple hundred devices pointed at it you’re not going to exhaust a 1Gb port. It’s just answering DNS queries, it’s not a firewall in and of itself.

I wouldn’t recommend anyone go older than 6th Gen Intel CPUs these days. They’re already 6+ years old, anything before that doesn’t usually support x86-64-v3 and the perf/watt just isn’t worthwhile. Your total cost of ownership on, say, a Haswell i7 is going to be significantly higher than a Skylake machine even over the first year once you account for energy costs.

That doesn’t even touch on iGPU performance or hardware codec support, you really want to go as new as possible if you’re looking for media playback or transcoding - the energy cost on decoding alone without HW support is bananas.

Preferably you’d use Intel 8th gen (when the i3s stepped to 4c/8t and the i5/i7s went to 6c/12t) but I don’t know how competitive pricing is on those these days. I’d try to stick with Zen2 on the AMD side if possible, that’s about when their perf/watt really started to get good - I do have a soft spot for Zen1 embedded though, you can get great prices on v1756b boxes on eBay now (the HP T740) and those make nice virtualized 10Gb router platforms.

I7 doesn’t mean much without knowing the CPU generation. A 4th Gen i7 is dirt cheap but is only 4c/8t and a power hog. Meanwhile a much newer i3 could be more capable at 1/3 the power.

Check eBay and you’ll get a good look at pricing, Amazon sellers will take you for a ride here.

Thin clients are also solidly good as container hosts. I’ve used HP T630s and Wyse 5070s in place of RPis during the great pi shortage with good results. You know something is fucked when you can spend less money on a J5005 with 8gb RAM than you do on a Pi 4.

Orange Pi is pretty hit and miss in my experience. I had a number of them a few years ago that either had horrible reliability or problems with their WiFi.

On the other hand my Orange Pi Zero Plus 2 made a great retro emulation machine, I’ve had zero issues with that model.

Do due diligence per model if you’re buying one, some aren’t great.

If you want embedded boards Rockchip and Sunxi/AllWinner are pretty well supported by the Linux kernel. Go have a look at boards with full Armbian support, that’s usually a good shortcut to finding one.

My preference runs to the Nanopi boards, they’re better built than Orange Pi hardware. You’re going to see a lot of Orange Pi recommendations based on cost but be aware that they’re not all that well made and occasionally have reliability problems. I was pretty chuffed for my $20 Orange Pi zero until I realized that the WiFi basically had zero chance of working reliably. Pick models carefully after reading about people’s experiences with them on the Armbian forums so you can avoid duds.

If you don’t need embedded arm check out the thin client selection on eBay. You can buy a J5005 Dell/Wyse thin client for like $100, some models even have a low profile pcie slot (these cost a bit more because they’re desirable as pf/OPNsense platforms.) These make pretty solid Proxmox or container host platforms, or you can use them for their intended purpose and jam in a low profile graphics card.

My personal “I don’t feel like spending $150 on a 4gb pi” favorite is the HP T630 thin client. On a good day you’ll find an 8gb RAM model with the power brick for <$60 shipped. Do the eBay thing with any of these and try to best offer the price down a bit if it’s an option.

If you want to step up a notch check out the HP T730, this one comes with a pcie slot and makes a fairly decent Proxmox virtualized router host. They’re usually available for <$130/shipped or less. The HP T740 is the same thing with a Zen1 embedded SoC, those run ~$220 or so and support NVMe. The Wyse 5070 offers Celeron or Pentium options and is a <10W machine, the J5005 version actually works pretty well as a hardware transcoding PLEX host (provided you’re not transcoding 4k.)

The T730 and T630 use SATA m.2 storage, the 5070 and T640 support NVMe. All of these have an m.2 A+E key slot for WiFi or an extra 2230 NIC.

Check your router and see if you received an IPv6 delegated prefix along with your v6 address. Most of the major national home Internet providers in the US should support it now - if your provider supports ipv6 they’re probably giving you a delegated prefix.

Usually you just enable ipv6 SLAAC + RA or “auto configuration” or something similar on the router and you’re done there.

Once that’s working your router should broadcast route advertisements, turn “auto configuration”/SLAAC + RA/etc on on a client and see if it gets an ipv6 address. You use this instead of DHCPv6 so don’t mistake the two.

Fiddle with the options after that, if a client supports a token you can give it something like “::DEAD:BEEF” to set its address to prefix::DEAD:BEEF.

Beyond that Google “ipv6 SLAAC” and read about it and then read any ipv6 documentation for your software/devices.

Yeah, SLAAC is stateless autoconfig for ipv6. It’s a little like DHCP in that the client gets an address automatically but it’s handled by the client machine rather than having a DHCP server running.

SLAAC capable machines give themselves an address based on the ipv6 prefix advertised on the network then do a duplicate address check with all of the other devices to make sure they’re unique and away you go. There’s no central tracking of all dynamic addresses on the network segment, hence the stateless part of the name, but you can poll them with a neighbor request or broadcast ping when you want to see what’s there. The benefit is that basically everything you plug into your network probably supports SLAAC out of the box without needing to run server software anywhere to delegate addresses so new v6 clients just work without specific configuration.

If the client supports it you can specify a SLAAC token that the machine will combine with the advertised network prefix rather than generating its own, which is how I have pihole showing up at ::253 as well as its DHCPv4 assigned …253. It’s a convenient configuration.

I’d ignored SLAAC the first time around and given everything static v6 addresses without realizing that my provider would periodically change my prefix. That was fun to untangle, things worked if they made v4 requests but failed over v6 whenever my prefix changed so the failure mode appeared to be somewhat random depending on whether the service or application supported dual stack and was trying to connect over broken v6. Fun times.

I had similar issues when SLAAC wasn’t properly configured for my network. Every however many days my ISP forced a modem reboot and if the delegated prefix happened to change I’d start having pihole problems. I finally tracked that down, made sure SLAAC was working everywhere and assigned my pihole container a SLAAC token so its address relative to everything else on the network didn’t change and I’m good to go. These days the pihole is always …253 and ::253.

I give my pihole container about 1GB of RAM and one core and it’s good to go (two cores helps with maintenance tasks though.) An entire RPi just to run pihole is such overkill.

Or inside an LXC container, both should be fine. LXC is a bit more complicated to setup but has lower overhead cost.

Try it and see what happens. Often the maximum on prebuilts isn’t the maximum that the hardware will support. My last laptop claimed 32gb maximum ram but works fine with 8+32gb. Just be aware that it might not work and have an option to return or sell the ram on if it doesn’t.

Edit: frequently on older hardware the memory controller can’t address more than a stated maximum amount of memory. This hasn’t really been an issue for a while, but like others mentioned you might not be able to see or use memory beyond that limit. Or the machine will just fail to POST. Always test unsupported memory configurations overnight (at least) with something like memtest86 before trusting them with any important data.