Intel NUC Domain Controller Build

Discussion in 'PC Build Logs' started by kesawi, Feb 2, 2015.

  1. kesawi

    kesawi Member

    Joined:
    Jul 3, 2012
    Messages:
    1,629
    Location:
    Brisbane
    Just purchased a Celeron based Intel NUC Kit DN2820FYKH on Thursday to use as a domain, DNS & DHCP server for my home lab (http://forums.overclockers.com.au/showthread.php?t=1135376). I wanted something cheap, small and energy efficient to fit in the limited space available in my rack. Added a Kingston KVR16LS11/4 1.35V 4GB 1600Hz DDR3 SODIMM with a Kingston 60G SSDNow V300 SATA3. Total build came to $272.

    It only took about 15 minutes to unpack and fit everything. Can't get over how small and quiet these things are and how little power they use. I installed Windows Server 2012 R2 on it pretty easily and the NICs were recognised by the default Windows drivers. I've been able to install all of the Intel drivers except the Intel RST and the bluetooth drivers. None of the other drivers required any hacks. I found the wireless drivers kept causing errors in the event log so I uninstalled the Intel drivers and kept the default Microsoft ones. I haven't installed the Wireless LAN Services feature in Server 2012 so I can't comment on how it performs. Being an Intel product I was quite surprised that the wired NIC uses a Realtek chip according to Windows drivers.

    I've found the SSD access is a little slow, and I'm not sure whether this is because I don't have the Intel RST drivers installed. CrystalDiskMark only shows around 250MB/s sequential read and writes. The server does reboot very quickly (under 30 seconds), except when I did the initial windows update, where it took around 30 minutes to boot.

    CPU peaks above 80% a couple of times each day, which isn't an issue for my small lab, and the Disk Clean up tool takes forever to complete. It also boots headless with no issues, and can access it via remote desktop.

    Only issue with it so far is that being a consumer platform it lacks integrated KVM over IP. I don't have a monitor or keyboard installed in my rack, so it's hard to see what's going on if I can't remote desktop in or access the BIOS. This was an issue on the reboot after the first windows update as I didn't know whether it had crashed or was still installing. Fortunately I was able to leave it for a while and when I came back to it, I could access it via remote desktop.

    Overall I'm quite impressed with it, although the Celeron is probably just on the limit. Still it's $200 cheaper than an i3 NUC or what I could have built using an ITX form factor. It would be great if there was a NUC with two wired LAN ports as it would make an ideal machine to run a pFSense firewall on.

    [​IMG]
     
    Last edited: Feb 7, 2015
  2. Smokin Whale

    Smokin Whale Member

    Joined:
    Nov 29, 2006
    Messages:
    5,175
    Location:
    Pacific Ocean off SC
    Have you tested the power consumption? I must say I quite like the Intel NUC series :thumbup:
     
  3. leck

    leck Member

    Joined:
    Jan 13, 2002
    Messages:
    1,018
    Location:
    Melb SE
    You could always use a usb nic as the second interface. Not the best solution obviously but 'doable' for a lab setup.
     
  4. OP
    OP
    kesawi

    kesawi Member

    Joined:
    Jul 3, 2012
    Messages:
    1,629
    Location:
    Brisbane
    I don't have exact numbers, but my UPS has a power draw readout and it only increased by a couple of watts at the most.

    After running it for almost a week now I haven't noticed any performance impacts in my small lab. CPU spikes tend to correspond with scheduled maintenance activities. I probably need to adjust them so everything isn't happening at the same time. Haven't noticed any spikes in the past few days.

    I have considered that, however in researching it there seems to be mixed results. I'd need to make sure I found a compatible NIC. I did also look at using VLANs through my managed switch so I can run a single port firewall, however I've no idea how robust the security would be for such a setup compared to dedicated WAN and LAN NIC.
     
  5. looktall

    looktall Working Class Doughnut

    Joined:
    Sep 17, 2001
    Messages:
    24,370
    i think the higher spec NUC's have AMT and vPro built in which has KVM capability.
     
  6. OP
    OP
    kesawi

    kesawi Member

    Joined:
    Jul 3, 2012
    Messages:
    1,629
    Location:
    Brisbane
    The 3rd generation core i5 DC53427HYE kit is the only one I know of that has vPro.
     
  7. qwertylesh

    qwertylesh Member

    Joined:
    Aug 21, 2007
    Messages:
    8,470
    make sure you're on the latest bios for that nuc.

    I operate a few (2820FYKH's) as remote terminals, and any older bios than the latest has the most annoying problem where, if you have ran it for long periods of time and have to remote reboot, it will get stuck at post with a false-positive thermal trip warning. -requiring direct access to resolve each time.

    There were major problems with display adapter compatibility/black screening for remote terminal usage to begin with for these nuc models too, fortunately they're all long smoothed over and you would be hard pressed to buy one now days having that issue.

    standard reseller inventory may have the thermal problem which is why i thought it may be ideal to mention it :)
     
  8. OP
    OP
    kesawi

    kesawi Member

    Joined:
    Jul 3, 2012
    Messages:
    1,629
    Location:
    Brisbane
    I updated the BIOS before I installed the OS. It's been performing flawlessly in it's role as the primary domain controller, DNS and DHCP server. I also added the Network Access Protection role to it a few months ago to run RADIUS and provide Enterprise WAP2 for my wireless LAN.
     
  9. eixt

    eixt Member

    Joined:
    Apr 9, 2003
    Messages:
    1,276
    Location:
    Canberra
    Yeah bios update is a must, there is also an annoying PXE boot bug in the factory bios where it either fails to boot or takes forever to download the boot environment.

    I have a D54250WYK but had to hack the NIC drivers as intel says it doesnt support Server products on the NUCs. Interested to see the atom works OOB.

    Other than that though it works flawlessly, running hyper-v on it with a couple of linux VMs and a pfsense vm. Running VLANS to seperate nic traffic for pfsense.
     
  10. pOpArOb

    pOpArOb Member

    Joined:
    Feb 15, 2003
    Messages:
    1,067
    Location:
    Canning Vale 6155
    I have D53427RKE NUC which also has vpro, it has a black case like the one you linked aswell, all I use it for is steam cache lol... looking at upgrading it to one of the new i5/i7 nucs so I can have m.2 and put an internal 1/2tb for the steamcache rather than the current setup with 1220gb msata with 2tb external steam cache drive

    http://www.intel.com/content/www/us...top-motherboards/desktop-board-d53427rke.html
     
    Last edited: Jun 16, 2015
  11. whatisk

    whatisk Member

    Joined:
    Dec 11, 2004
    Messages:
    133
    Location:
    Brisbane
    I honestly never really considered using a Nuc as a domain controller, but now you have me interested. Sounds like it could be a decent experimental machine for me to use in a home domain.

    Do you think the Celeron Nuc would handle domain, DNS, DHCP, Print Server and WSUS for a home environment?

    Cheers.
     
  12. OP
    OP
    kesawi

    kesawi Member

    Joined:
    Jul 3, 2012
    Messages:
    1,629
    Location:
    Brisbane
    For my small network I've found that the Celeron NUC has smashed it. Mine is handling domain, DNS, DHCP and NAP with my main server running the print server and WSUS under a VM.

    Looking through the stats in Server Manager, the CPU usage has sat at 3% for the past seven days with a three peaks at 50% corresponding to some maintenance activities and installation of updates. Available memory has sat between 2.5-3GB.
     
  13. qwertylesh

    qwertylesh Member

    Joined:
    Aug 21, 2007
    Messages:
    8,470
    Yeah, I wouldn't do wsus on one. ADDS though is interesting. Anyone setup two yet? a backup for the DFSR replication and Domain Windows backup/aka tombstone lifecycle prevention?
     
  14. OP
    OP
    kesawi

    kesawi Member

    Joined:
    Jul 3, 2012
    Messages:
    1,629
    Location:
    Brisbane
    Any reason why you wouldn't use one for WSUS? On a small network with a few PCs, the load isn't going to be very large.

    I have ADDS, DNS, WINS and DHCP running on the NUC and a backup server running the same services in a VM on another server. I haven't implemented DFSR replication.

    In my small network, I find replication between DHCP servers takes a little while, and even when I force a replication of the failover scope, it doesn't immediately propagate.

    Also, if I take my primary domain controller down for maintenance, the devices on the network don't switch over to the backup controller, even though I configure the IP's for both DNS servers.
     
  15. whatisk

    whatisk Member

    Joined:
    Dec 11, 2004
    Messages:
    133
    Location:
    Brisbane
    Thanks for the replies.
    There would only be maybe 6 PCs on the domain with usually 3 at most on at any one time. And a single printer.
    This would be the only domain controller, etc. Not looking at getting too fancy and having multiple DHCP servers, etc. Just something to play around with - get some group policy going, etc.
     
  16. OP
    OP
    kesawi

    kesawi Member

    Joined:
    Jul 3, 2012
    Messages:
    1,629
    Location:
    Brisbane
    A similar load to mine, a Celeron NUC should handle that (I've seen Atom based HP Microservers cope ok with larger loads).
     
  17. whatisk

    whatisk Member

    Joined:
    Dec 11, 2004
    Messages:
    133
    Location:
    Brisbane
    I have a couple of HP Microservers as well :)
    Both are fully laden with 5 HDDs. One is running Windows Storage Server Essentials 2008R2 (essentially Windows Home Server 2011 but can be joined to a domain). I use the Lights Out plugin with it so it only powers up when the PC in the study or the HTPC in the lounge powers on and shuts itself back down 10min after they are no longer powered on.
    The other just powers itself on twice a week to copy any new files that are on the Storage Server onto it. It's just running Win7 and a file copy program as a task. I did have Server 2008R2 on it for a few months a while back... Got everything but DFS running smoothly.

    I thought setting up all the domain stuff on a Celeron Nuc might not consume as much power as a Microserver running 24/7 with 5 HDDs.
     
  18. OP
    OP
    kesawi

    kesawi Member

    Joined:
    Jul 3, 2012
    Messages:
    1,629
    Location:
    Brisbane
    I think mine is only drawing around 7w.
     
  19. qwertylesh

    qwertylesh Member

    Joined:
    Aug 21, 2007
    Messages:
    8,470
    Oh well just because WSUS is sql based and can be a total memory/storage i/o hog at times.

    You will want to look into setting up a backup vm (or more ideally another system) for active directory dfsr sysvol replication and scheduled windows backups for active directory to prevent the tombstone lifecycle kicking in, once kicked in you lose a lot of important administrative tool functionality and the reversal steps once it happens are nightmarish.

    takes three months for the lifecycle to be affected from having no for sysvol replication.

    and six months (IIRC) for the active directory service lack of backups to affect the lifecycle.

    it's really up to you, I see how in a testlab scenario you may not even intend to have it running beyond 3-6 months anyway.
     
  20. whatisk

    whatisk Member

    Joined:
    Dec 11, 2004
    Messages:
    133
    Location:
    Brisbane
    Okay, I've obviously got some reading up to do as the comments regarding replication and tombstone lifecycle unfortunately didn't make much sense to me. I thought tombstone lifecycle was when deleted objects are actually removed?
     

Share This Page