Hardware

• S

  CPU temperature incorrect in Dashboard (Core2Duo)
  • sporkme  

  4
  0
  Votes
  4
  Posts
  122
  Views

  

  Not really. If the value shown never changes at all something is clearly amiss. I'm not sure there's anything you can do about it short of swapping the CPU or motherboard. Steve
• L

  C3758 enough for 1 gbps ipsec throughput?
  • lguy2000  

  1
  0
  Votes
  1
  Posts
  243
  Views

  No one has replied

• P

  CPU fan not throttling all the way down on a Supermicro A2SDi-4C-HLN4F motherboard?
  • petreza  

  3
  0
  Votes
  3
  Posts
  116
  Views

  P

  Look for some cute scripts in the ixsystems community, search for "fan-scripts-for-supermicro-boards-using-pid-logic.24"
• S

  Need info on hardware requirement
  • Ski-lleR  

  3
  0
  Votes
  3
  Posts
  270
  Views

  

  Do you need to use the full 100Mbps over OpenVPN? What CPU do plan to use? That does seem over powered though. The SG-1100 or SG-3100 would likely be fine there. Steve
• P

  What can we expect from a Xeon-D system?
  • pieterjanheyse  

  3
  0
  Votes
  3
  Posts
  236
  Views

  P

  Thanks, I'll get back to you here when we've purchased and tested. According to Intel the D-2XXX should be even better ;-)
• T

  Throughput expectations on celeron + igb driver system
  • thedude42  

  7
  0
  Votes
  7
  Posts
  270
  Views

  T

  Yeah good point, I'll see about using the browser client on wired ethernet and see if there is a difference. Thanks!
• 

  What would be the best nic for a self build?
  • 3rdOstrige  

  3
  0
  Votes
  3
  Posts
  262
  Views

  

  Yeah, use Intel NICs of you can. You can find a PCI card and it will almost certainly be compatible. Of course anything with 32bit PCI slots will be relatively ancient as will the cards to go in it so that reliability is a factor. The SG-1100 is not really comparable as it's a complete ARM SoC. Steve
• D

  Hardware Recommendations
  • dcreationsinc  

  23
  0
  Votes
  23
  Posts
  1069
  Views

  D

  @tman222 There are no additional expansion cards in the system. This is running on bare metal. Keep in mind when I had cable internet (1 gbps / 20 mbps) I achieved 960-980 mbps download under the same configuration. I do not have random id generation enabled. I have tried it with and without hyperthreading. I have also tried it with and without turbo boost. Nothing seems to help. This is why I am leaning towards an incompatibility between the modem and the network card but I am open to ideas and suggestions prior to buying a new NIC. Thanks.
• J

  PFsense and 40Gbe
  • juniper  

  2
  0
  Votes
  2
  Posts
  264
  Views

  

  If you can find one that uses a supported driver (I don't think there are any at the moment), then it would almost certainly not reach anywhere near line rate. How close you get depends entirely on the hardware, though. What is your use case? Almost certainly you'd be better off with something geared more toward high performance at that level, like TNSR.
• R

  Network layout when replacing ISP router/modem
  • rogeroger  

  6
  0
  Votes
  6
  Posts
  256
  Views

  

  Mmm, well probably have to wait for someone who's actually tried that or find a thread discussing it. Probably is about as far as I can say there. Steve
• R

  AddOn 4 ports NIC
  • rogeroger  

  8
  0
  Votes
  8
  Posts
  789
  Views

  T

  I'll second @provels suggestion - I think the i340-T4 provides great bang for the buck. I bought two of these on Amazon (at different times) over the last year and both have worked great (in fact one of them is currently being used in a pfSense box). https://www.amazon.com/Intel-Ethernet-Adapter-I340-T4-packaging/dp/B003A7LKOU/ If it were me, given the price here and looking at the seller reputation, I'd probably roll the dice on this. But the choice is ultimately is yours. I do recall that one of the i340 I received was actually an OEM IBM version, but again, it has worked just fine. If you are set on 10Gbit NIC's, I'd also take a look at Chelsio cards which are very well supported in pfSense/FreeBSD. One can find good deals on the T520. I've used both the T520-SO-CR and T540-SO-CR with pfSense without any troubles. Hope this helps.
• T

  pfSense custom hardware not showing temperature sensors
  • techtester-m  

  18
  0
  Votes
  18
  Posts
  425
  Views

  

  First check the BIOS can see any temperature values. Usually they will display at least CPU temp, often some other thermal zones where sensors exist. If those are all enabled they are usually passed to the OS via ACPI but it maybe another crappy BIOS that has DSDT values tested, and marked as, Windows only. In which case just make sure you're on the latest BIOS. Fixing that is almost certainly more effort that it's worth. The last time this came up: https://forum.netgate.com/topic/137205/temperature-readings This is also Zen micro-architecture CPU so the same applies. It may require amdsmn which only appeared in FreeBSD 12. Steve Steve
• O

  Hardware for large apartment complex?
  • oldfart  

  2
  0
  Votes
  2
  Posts
  203
  Views

  

  @oldfart I would contact our sales team so they could discuss the best possible hardware for your scenario: Phone: +1 (512) 646-4100 Email: sales@netgate.com
• M

  Pfsense crashing, always rebooting.
  • mandycoralde  

  4
  0
  Votes
  4
  Posts
  134
  Views

  

  Yup NMI is almost 100% a hardware fault. In the 0.1% cases where is seems to be OK with other OSes it's something specific that FreeBSD is hitting and there's nothing you can do about it anyway. So swap it out. Steve
• A

  Intel cryptographic accelerator support
  • aad12  

  2
  0
  Votes
  2
  Posts
  167
  Views

  

  No
• M

  RIVERBED 4 port NIC how to convert it into a regular NIC
  • morningwon  

  5
  1
  Votes
  5
  Posts
  662
  Views

  O

  @suplantor Just making assumptions but... Shouldn't the Silicom drivers work? Not sure which model you have, but start with the link below and drill down to your card. Drivers available for multiple OSs including FreeBSD. https://www.silicom-usa.com/cats/server-adapters/networking-bypass-adapters/
• U

  Installing pfSense on SmoothWall Appliances
  • usaiat  

  17
  0
  Votes
  17
  Posts
  392
  Views

  U

  @stephenw10 Thanks :) Work now
• 

  Consideration around optimal performance for new install
  • bubba198  

  3
  0
  Votes
  3
  Posts
  123
  Views

  

  @stephenw10 Thanks Steve, yep the VLAN biz will all be handled at the switch, the pfSense facing port is a trunk and from there just as you cautioned, each port will need be placed in an access mode for the proper VLAN it needs to join, that's a manual task and care will be the key playbook! Thank you ~B
• B

  Upgrade or new build
  • Beemer535  

  7
  0
  Votes
  7
  Posts
  297
  Views

  M

  Go Ryzen 3200g, gigabyte b450 ds3h, 16gb ddr4, 128-256gb ssd, dual intel lan. Works like a champ for me
• T

  Nexcom LCM with LCDproc
  • Tenou  

  4
  0
  Votes
  4
  Posts
  71
  Views

  

  If it's parallel connected try the SDEC LCD driver.
• C

  pfsense on banana pi r64 (BPI-R64)
  • cTurtle98  

  2
  0
  Votes
  2
  Posts
  312
  Views

  

  Short answer: you can't. To do so would require compiling from source and creating all the required components for that specific board. ARM is not like x86, there isn't a generic installer for all ARM devices. Steve
• A

  Dell PowerEdge R620 10GbE pfSense server
  • aasimenator  

  6
  0
  Votes
  6
  Posts
  347
  Views

  H

  @aasimenator a Six core Xeon wouldn't be able to handle 10GbE? higher cpu frequency would be better also a 6 year old cpu is far less performant then a recent one ... i would even dare to say that a current-gen i3 cpu would perform better with pfsense than that xeon you are using
• T

  pfSense custom build hardware with Realtek port dilemma
  • techtester-m  

  23
  0
  Votes
  23
  Posts
  615
  Views

  

  Go to Diag > Command Prompt and execute mount -p. You should see something like: /dev/diskid/DISK-9E18E959s2a / ufs rw,noatime 1 1 devfs /dev devfs rw 0 0 /dev/diskid/DISK-9E18E959s1 /boot/u-boot msdosfs rw,noatime 0 0 /dev/md0 /tmp ufs rw 2 2 /dev/md1 /var ufs rw 2 2 devfs /var/dhcpd/dev devfs rw 0 0 You can see on that SG-3100 the root filesystem / is mounted 'noatime'. If yours is not go to Diag > Edit File an open /etc/fstab. Edit the / line to include noatime. So it would probably just be rw. Change it to rw,noatime. Note that breaking the fstab with a typo will probably make the system unbootable until it's corrected so.... Reboot to apply that change. Run mount -p again to be sure. @Gertjan said in pfSense custom build hardware with Realtek port dilemma: edit : wtf : @stephenw10 : more then 18 K posts ... Yeah it's a problem. I'm trying to cut down! Steve
• P

  [solved] One Intel and one Realtek NIC - which one for WAN?
  • psp  

  3
  0
  Votes
  3
  Posts
  145
  Views

  P

  Steve, thanks a lot for your elaborated answer. Actually I'm running Intel's NIC on LAN side and now I know I made the right choice.
• F

  Over 20Gbps throughput question
  • flakes  

  1
  0
  Votes
  1
  Posts
  177
  Views

  No one has replied

• V

  Problems with NC532m hardware
  • vadimd  

  2
  0
  Votes
  2
  Posts
  55
  Views

  

  Can you spoof the MAC addresses back to their original values? All 6 interfaces are shown? bce0-5? Steve
• C

  Hardware Fortigate with embedded PFSense
  • cesarbsd.com.br  

  2
  0
  Votes
  2
  Posts
  140
  Views

  

  Probably not. Fortigate used special purpose chips (usually ASICs) in their devices to get the throughput they need and those are not accessible without their code. The 90D appears no different: Combines a RISC-based CPU with Fortinet’s proprietary SPU content and network processors for unmatched performance So you might get the management plane running pfSense if that part is x86 but you won't get any of switch ports available and performance will be..... limited! Or it may just not be possible at all. Steve
• T

  Intel i350t4 firmware flash issue
  • themadsalvi  

  4
  0
  Votes
  4
  Posts
  213
  Views

  

  How does it fail when you try to use it? Does the card work in the Optiplex if you boot some other OS? Steve
• P

  PfSense hardware to best compile and run application software or firewall
  • Peter_Davison  

  3
  0
  Votes
  3
  Posts
  206
  Views

  

  If you are looking to have a go at compiling pfSense, or anything, you would not likely be using the same hardware. pfSense requires relatively low powered hardware to run but you probably want something much more powerful to compile on unless you don't mind waiting. Also pfSense itself does not contain any compile tools so compiling and running on the same hardware would require some sort of dual boot setup with FreeBSD. Steve
• G

  PfSense 2.4.4-RELEASE-p3 attempting to USB tether
  • ginjaninja  

  12
  0
  Votes
  12
  Posts
  270
  Views

  

  Hmm, curious. I'm not aware of any hardware that won't run 2.5.... yet. Do you have the backtrace or console output leading up to the panic?
• L

  Supermicro Xeon D X10SDV-4C+-TP4F with 10Gb SFP+ pfSense compatibility?
  • lifespeed  

  10
  0
  Votes
  10
  Posts
  461
  Views

  T

  @lifespeed said in Supermicro Xeon D X10SDV-4C+-TP4F with 10Gb SFP+ pfSense compatibility?: @tman222, thanks for sharing your experiences. It sounds a little flaky, but not insurmountable. It sounds like a few people are looking forward to some fixes in the new version, which is not the greatest position to be in. I'm not sure there are many other good options for 10Gb SFP router hardware. Hi @lifespeed - the other option would be to use an SFP+ add-on card. I have used both the Chelsio T520 and T540 SFP+ cards (in fact the T540 is currently installed) and these have been rock solid.
• H

  X550-T2 (IX0, IX1) Netmap support - New Driver from Intel (net/intel-ix-kmod: Update to 3.3.10)
  • Hass  

  5
  0
  Votes
  5
  Posts
  201
  Views

  

  No, there is a huge difference between those drivers. I doubt it could ever run on 2.4.X Steve
• C

  Crashes on APU2
  • Cypher100  

  11
  0
  Votes
  11
  Posts
  463
  Views

  E

  I seem to be having some instability issues with my APU2C. It was running OK for over a week. This morning the orange lights on each NIC were not flashing and all connected clients were receiving a self-assigned IP address. The only way to resolve this was to reboot I had a look through the logs but couldn't find anything. My grafana dashboard shows that something odd started to occur around midnight: CPU temperature on average is about 53 degrees Celsius and it is running the latest BIOS v4.10.0.2||spoiler||
• N

  Can Qotom i5 (Q355G4 or Q350G4) handle Gigabit OpenVPN/WireGuard?
  • nobody20170627  

  10
  0
  Votes
  10
  Posts
  3256
  Views

  M

  Just want to let you guys know: I have the Qotom Q575G6 with Multi WAN Gigabit and Suricata running. IPsec VPN brings the CPU up to 40% usage. I'm really happy with this device. It's running flawless and very fast.
• 

  PC Engines APU4C4 Experience
  • bouke  

  68
  1
  Votes
  68
  Posts
  7395
  Views

  

  ZFS seems the most vigorous FS available in pfS, that's why I moved over from UFS to ZFS. The (re)install is a breeze, with a current config file at hand. My APU2C4 has ECC and to me this and the ZFS FS seems max what I can do against sudden power surges, that being said, I would always use the "halt" command before I pull the power cord ;) @bouke Kudos for pointing out the flaky mSATA issue link, didn't knew that.
• M

  Configure your Pace 5268AC with Static IPs for pfSense
  • merc  

  24
  1
  Votes
  24
  Posts
  3344
  Views

  M

  @phatty that is unfortunate. I did find some old documentation on features that were made available to customers like AT&T, but unfortunately, AT&T never implemented them. One of the features was a Pass-Through for customer data, which allowed the gateway to also perform the required tasks that allow it to work on AT&T's ATM network. I'd describe it as a smart Bridged Mode that doesn't prevent the gateway from doing what it needs to do. They have many different options to implement what is needed, but I have a feeling that they aren't doing it to force you to upgrade to an OC3 or similar connection. :/
• N

  Gigabit PPPoE and Intel Drivers
  • nojp  

  33
  0
  Votes
  33
  Posts
  6837
  Views

  

  50% CPU usage on that dual core CPU is probably 100% on one core if you;re checking on the dashboard. Suricata can use the other core bringing it up to 100% total. You would have to check at the command line to see the CPU usage breakdown: top -aSH. That is more that I would have thought but the single thread rating of the E4500 is significantly higher than, say, the J1900 that has been seen to be limited to ~500Mbps PPPoE. Though those Celerons seem particularly effected by this for some reason. Steve
• I

  Opinions on this hw
  • ivory  

  3
  0
  Votes
  3
  Posts
  181
  Views

  I

  Hi, thank you for you response. Of course, sg3100 was my first thought but it goes out of budget for me, that’s why I had to go for an alternative (sorry for posting the link).
• B

  Poor performance on igb driver
  • bdaniel7  

  43
  0
  Votes
  43
  Posts
  6414
  Views

  C

  Just to add in case people still have pppoe performance caps due to cpu power, make sure you enable powerd on units that support intel turbo. Without powerd turbo clocks wont kick in. powerd isnt just for power saving. Also it seems "some" igb chips do support rss properly with pppoe, I switched to a pppoe isp last month and see my rss is working properly on the igb driver. I have 2 queues for both isr and igb, the rx is almost a 50/50 split, and its tx thats lopsided at 90/10.
• M

  How to install pfsense on fortigate 80c
  • mithundeb  

  12
  0
  Votes
  12
  Posts
  518
  Views

  

  Yeah, I would ask on the OpenWRT forum: https://forum.openwrt.org/ But.... get the x86 image. Try to make it boot from it. Check the console output toi see what it working and what isn't. Make changes as necessary. Steve