Notes on Asrock X570M Pro4

# Asrock X570M Pro4 - https://forum.level1techs.com/t/b550-x570-board-suggestions-for-server/189363 - Avoid B550 if you have any interest in IOMMU whatsoever. - OMMU is useful for virtualization, allowing multiple virtual machines to share hardware resources while keeping memory safe. It also provides memory protection from faulty or malicious devices - X570(S) has the best IOMMU groups (and can often passthrough at least 3 GPUs) and X470/X370 usually has two PCIe slots (and a M.2) for passthrough. Other AM4 chipsets can only passthrough one PCIe slot and one M.2 slot. - When multiple devices share the same IOMMU group, it means that they cannot be individually isolated and assigned to virtual machines (VMs). - With only one GPU, if it’s grouped with essential host devices, passing it through to a VM means the host loses access to those devices. - Advanced BIOS/UEFI features like **ACS (Access Control Services) override** may help split IOMMU groups, but the ACS patch is by nature a security risk because it pretends two PCI devices are in their own group when in reality they still are. As such, a guest given a device split by an ACS patch can still access the memory area of _**the other devices**_ in its real underlying IOMMU group, giving attackers of a compromised virtual system additional leverage in compromising the host. - Plex benefits from hardware acceleration for transcoding, especially with NVIDIA GPUs. TrueNAS Scale uses Docker or Kubernetes for applications, and GPU passthrough isn’t necessary because the GPU can be shared with containers. - If your HBA (Host Bus Adapter) or other storage devices work properly without needing passthrough to VMs or containers, IOMMU is **not critical** for your primary storage use case, which is NAS. - It seems like IOMMU is kind of irrelevant to my use cases since I'll be using TruNAS Scale, which focuses on Docker containers. But IOMMU is only important when running virtual machines. So I think I may be conflating containers with VMs. - VMs emulate an entire hardware stack, with allocation through a hypervisor. IOMMU is important in this case for PCI passthrough to isolate devices between VMs securely. - Containers share the host OS kernel and are lightweight, running applications in isolated environments on the same operating system. Containers use cgroups (control groups) in Linux to limit and prioritize access to CPU and memory, and they use the host’s drivers and APIs (e.g., NVIDIA Container Toolkit) to share GPUs, with the runtime managing access between containers. - X570 is a power hungry shipset. My 5700x with a X570 idles at 30 watts. With a B550 it's at 18. - The B550M Pro 4 only has one usable M.2 as the other one is switched off when using all of the SATA ports. - Limiting factors (like the B550's PCIe lane count) might shorten the system's relevance for future upgrades compared to X570.