@nfisher: . . . am still getting that error over and over again: dhcpd: parse_option_buffer: malformed option vendor-class. <unknown>(code 1027): code tag at end of buffer - missing length field</unknown>. I don't care so much though as long as it stays up. Suggestion: on a console or SSH session to pfSense, give the shell command # tcpdump -i IF -c 10 -e -vvv udp port 67 (replace IF by the FreeBSD name of the interface with the DHCP server). This should provide at least the MAC address of the system(s) sending the offending message.

never mind… found the answer it's normal the embedded has no video output / keyboard input only COM serial

Just about anything will cope with that bandwidth and Squid+SquidGuard, as long as you've got something with a 1 GHz+ processor and 1 GB+ of RAM you'll be fine with that. I'd a 1 GHz Via box with 512 MB of RAM and it handled Squid+SquidGuard on a 20 Mb/s link with room to spare (the main problem being the RealTek NICs). However, Snort will have a bigger impact, how much being determined by how you configure it and what rules you load. I've seen 3.2 GHz Xeon's brought to their knees on ~20 Mb/s links and lower spec systems having no problems on 100 Mb/s+ - all down to how Snort is set up. You probably want to look to 2 GB (or more) of RAM and as high a processor spec as you can justify - multi core being better than single core if you're wanting to run Snort and everything else.

Sounds like a faulty ground or perhaps you have a short or a miswired electrical outlet that's giving you a hot ground.

If you have a specific NIC that isn't being detected, then it's either a hardware issue (the card itself, your motherboard's PCI <whatever>bus, etc), or a driver issue (less likely if they are identical). There is no limit to the number of NICs pfSense will detect and use, only the limitation of your hardware. With VLANs and such you can get up into the hundreds or thousands of interfaces. The GUI doesn't look so pretty then in some areas, but it works.</whatever>

I hard a 200 plus foot run using realtek, intel, broadcom and a few different other nics.  I had issues until, I did one thing.  I took a managed switch created two vlans.  I plugged the external cable into the vlan1 with the firewall.  From the I connected my firewall internal vlan went out to the rest of the internal vlan. no issues from there. RC

I know this isn't pfSense related, becouse there is no such tool like ethtool, but I wrote 2 scripts to test offload settings. Be careful when using, this can cause network loss (for me for 20 seconds). #!/bin/bash #Script to enable or disable all offload engines for NICs and bonded/bridged interfaces. by TG IFACES="eth1 eth2 bond0 br0" for interface in $IFACES do sudo ethtool -K $interface rx on tx on sg on tso on ufo on gso on gro on lro on rxhash on #sudo ethtool -K $interface rx off tx off sg off tso off ufo off gso off gro off lro off rxhash off done #!/bin/bash #Script check offload options enabled IFACES="eth1 eth2 bond0 br0" for interface in $IFACES do sudo ethtool -k $interface done and should give something like that: ./offload_check.sh Offload parameters for eth1: rx-checksumming: off tx-checksumming: off scatter-gather: off tcp-segmentation-offload: off udp-fragmentation-offload: off generic-segmentation-offload: off generic-receive-offload: off large-receive-offload: off ntuple-filters: off receive-hashing: off Offload parameters for eth2: rx-checksumming: on tx-checksumming: on scatter-gather: on tcp-segmentation-offload: off udp-fragmentation-offload: off generic-segmentation-offload: on generic-receive-offload: off large-receive-offload: off ntuple-filters: off receive-hashing: off Offload parameters for bond0: rx-checksumming: off tx-checksumming: off scatter-gather: off tcp-segmentation-offload: off udp-fragmentation-offload: off generic-segmentation-offload: off generic-receive-offload: off large-receive-offload: off ntuple-filters: off receive-hashing: off Offload parameters for br0: rx-checksumming: off tx-checksumming: off scatter-gather: off tcp-segmentation-offload: off udp-fragmentation-offload: off generic-segmentation-offload: on generic-receive-offload: off large-receive-offload: off ntuple-filters: off receive-hashing: off

Also i try to install Ubuntu and it works! Thats what i get when i try to install pfSense http://img13.imageshack.us/img13/3228/img20110620142738.jpg

My connection is a 4.5mbps. Yes. It is slow and we're not exactly getting the 4.5mbps because of bad service for our country. The packages that are installed: [image: post1ak.jpg] The VPN: [image: post2ik.jpg] [image: post3r.jpg] The rest of the tabs are empty. There is a wireless access point connected to it and it's turned on and accessible via browser. Afaik, nobody uses it. EDIT: Turned off the wireless access point and there were no changes.

Your ACPI is broken (over 70,000 interrupts a second). Here's interrupt rates from my system (which does have ACPI enabled): vmstat -i interrupt                          total      rate irq0: clk                      143773392        999 irq1: atkbd0                          96          0 irq7: ath0 uhci1+              13672559        95 irq8: rtc                      18401627        127 irq10: rl0 ehci0                9685262        67 irq11: vr0 uhci0                4806754        33 irq14: ata0                      310276          2 irq15: ata1                          194          0 Total                          190650160      1325 Maybe a BIOS update will fix it. Maybe a more up to date build will fix it. Alternatively disable ACPI in the BIOS menu or on startup. You will find some hints on disabling ACPI if you search the forums for ACPI disable.

its allright now thanks i've done custom partition inorder to fix the problem

Hello, Could this setup pull through 1 Gbps connection? :-)

If only one card shows up in dmesg, that means that the OS itself only probed one card. I would look more at the hardware side of things - BIOS settings for add-on boards, etc. Try different PCI/PCI-e slots, etc. It could even be something specific to that particular NIC model. Using identical network cards works fine, I've done it many times, and many motherboards with multiple NICs use the same chip for both and they work fine. It's not a general problem, it's something specific to your hardware.

Normally that would not be a problem, the two slices are supposed to share the same config. However when moving to 2.0 the config file was changed quite a bit and 1.2.3 can no longer read it. 2.0 reads and updates it but you cannot go back. Two different versions of 2.0 can co-exist though. Steve

You are right.  Since I don't need GB lan, the real way to go is dual pci intel boards. I'll stick with that philosophy for the next year or so, and then re-evaluate.  I think I just had to accept the pci boards until pcie comes down in price. Thanks for the feedback!

@stephenw10: I only really mention the x750e because that's what I have experience with. It would never be able to handle everything you have mentioned. It maxed out at about 50Mbps OpenVPN traffic with the upgraded CPU. €300 sounds like a good price for such a powerful machine, although I'm no expert. I just wanted to point out that the annual running costs are likely to be significant if it's an 'always on' machine. Steve Thanks Steve, you are absolutely right about the annual costs. I'll try and figure out what the machine will cost me yearly and if that's worth it for the things I would use it for. Perhaps the sellers can give me an efficiency or load/usage overview.