I'm curious if different MAC addresses don't mess up the if configs.
I had a bunch of trouble with Ubuntu distros.

Cheers.

Yes, never rule out some external influence!  ;)
Is this happening at regular intervals, like exactly every 2 days?
Is that all you see when it crashes? If there's a kernel panic I expect to see a log line like:
panic: (reason for panic)

Steve

At first glance this appears to be a memory issue. If you can , first try updating the system BIOS, running out of swap space on the HDD ?

@gonzopancho:

@guyp:

@guyp:

2x WiFi transceivers

@gonzopancho:

1 is good enough.

I have to disagree here…I need one WiFi transmitted to connect to infrastructure and the other for Access points.  If you try to put both infrastructure and access points on the same WiFi then the performance really sucks!

you're running co-located radios, and you think the performance doesn't suck?

maybe it was the card I was using but when I tried to have both infrastructure and Access points on the same card I could hardly get 1Mb through put… when I split it to separate cards I get near full speed... you are right of course two radios in close proximity is always going to be an issue.

NUC idea is brilliant.. level of finishing for a test project also.

@Moohouse:

That mainboard seems to have two PCI, one PCIe x1 and one PCIe x16?

Intel Ethernet cards are generally a safe bet.

I assume you want a setup like this:

1 WAN
1 LAN
1 WIFI AP

Unless you need the security of only joining the LAN and WIFI ports in pfSense, then combining LAN and WIFI AP in another switch is not a problem.

1 WAN
1 LAN/WIFI connected to a switch, which has LAN computers and the WIFI AP connected.

Riser cards are another can of worms, and require special computer cases or heavy case modifications to support the attached cards.

Just to be clear: I would recommend separate network interfaces in a commercial production environment, but as I understand this is for home use.

Howdy thanks for the info! Yes this is only for a home set up.

If I can use just two lan connections and go into a switch when than can go into the wifi router this will be great for what I am after.

I found out the hard way with this motherboard its not a PCIe x16 but a ADD2 slot. (Useless! Slot to me)

As for Riser cards no can do due to my small case :P as you said they need a bigger case/room

Found this on Transcend website.  Seems to suggest Transcend CF is UDMA.  Posting spec in case you see anything important in there?

•Support Global Wear-Leveling, Static Data Refresh, Early Retirement, and Erase Count Monitor functions to extend product life
•Operation Modes: PC Card Memory, PC Card IO, True IDE
•True IDE Mode supports: UDMA0-5, MDMA0-4, PIO0-6 (UDMA5 as default)
•True IDE Mode: Fixed Disk (Default)
•PC Card Mode: Fixed Disk (Default)
•Advanced Power Shield prevents data loss in the event of a sudden power outage

Roofus

I am using 12 of the ERLite ($88 when I picked them up) at sites with back to an ERPro-8 at our main site, running 2 subnets at each site with voip on one and a total of 4 tunnels between each single site in a full mesh and squidguard filtering. These are amazing little boxes for the price and would just like to +1 them in this out of control thread. Before I discovered them I tested reflashing the bios on an $179 Asus chromebox and since I couldn't bring up pfsense directly brought it up in a virtual machine on ubuntu server on the chromebox with 3 virtual nics. The ERLite was a much cleaner and easier solution (3 physical nics, wall mountable) and would be really nice to have the option of pfSense on them. These were easy to come by on newegg or B&H, couldn't find any comparable x86 boxes in the price range that fix the need this well.  Ordering from newegg is much easier for me than ordering from some random seller in China also and I have an actual company I can RMA to if need be and I can see tons of previous reviews on the product.

Depends what packages you're going to run and what total throughput you need. For just NAT/firewall you should have no problems though.

Steve

I was hoping tester_02 would respond as I'm purely speculating. But based on core pfsense installations I would assume a 120+GB ssd would be sufficient if you aren't using anything write intensive. So take that with a grain of salt but I believe that is over 20x install size to allow plenty of room.

Unless you are going to use CPU / IO intensive packages, the APU would be sufficient.
From my experience it is good in normal usage (home-usage, what do you expect) for around 450 Mbps single direction, 225Mbps/synchronous.
Some tests i did:
https://forum.pfsense.org/index.php?topic=59555.msg405268#msg405268
Messages up/down of the linked one for other/more tests.

Some tests i did with the APU as Wireless Access Point:
https://forum.pfsense.org/index.php?topic=74672.msg411023#msg411023

Yep I needed to manually assign the interfaces
Issue resolved many thanks ;)

Thanks for your help, everyone!

I just ordered a new network card as I figured out two of my spare NICs have died. I need to at least be able to obtain an IP from the firewall to upgrade the firmware for pfSense.

I will need to wait it ships, sorry for having this thread go idle for a bit. But I will come back to this when I get the new quad port NIC.

Poco

Yes things can get interesting when you have many NICs all using the same driver.  ;) The order they are labeled in is that in which they're detected and if you remove a card things can get unpredictable.

Steve

If you setup firewall rules on LAN to permit UDP/TCP to LAN address port 53, then set your pfSense to use OpenDNS servers then your LAN clients will not be able to use anything but pfSense to resolve names and pfSense will go to OpenDNS for anything it doesn't already know about.

Something like the attachments…

The DNS Servers are set in System->General Setup.

You enable the DNS forwarder in Services->DNS Forwarder

Then you restrict your clients to only the LAN address for DNS and only allow HTTP/HTTPS.

This is going to break all kinds of things but if you only want people to use OpenDNS for DNS and browse the web, this is how to do it.


@RaThek:

You're correct, there is thermal pad over CPU and Chipset heatsink. I don't have anything to measure temperature but when touching the case you can't keep hand on it for more then few seconds. For sure it is much more then 45 degrees.
BTW which edition of pfSense do you use?

Indeed, you'd need to be above 60C if you can't keep your hand on the case.
If that helps, I have the 1Ghz cpu version in mine, I'm not sure if those thin clients
were offered with multiple cpu choices.

I'm currently on 2.1.2-RELEASE, I should probably upgrade…

@rjcrowder:

I know this will likely draw out the Intel lovers - but I've used several boards with both Broadcom and modern Realtek NIC's - never had a problem with any of them…

Well in this case, only one Realtek is PCI-Express, which I think is a big deal. Realtek already is one of the more common NICs with the least hardware in them, with Broadcom having a decent amount of support and Intel being at least silver or gold standard; having said that, even with a saturated link, this is still only effectively serving one person, so Realtek may be more than adequate for my needs –- it really comes down to what your needs are more than anything else.

Also, the Broadcom Dual NIC PCI-E cards are SIIG, so I don't doubt their quality (especially compared to integrated Realtek).

Flow control mismatch? What does ifconfig show?

Steve