Hi together, All are plugged into the same 10GbE switch and the two Linux boxes can client / server using iperf3 at 10GbE speeds. As @bmeeks was answering, test it through the pfSense and not from or to it. Routers are connecting one or more networks and firewalls are separating one or more networks using rules. And pending on the rule set it is narrowing down step by step with any new rule and/or installed service (packet) like snort or other it will be using more cpu and electric power to hold that line speed. And on top of all the switch is perhaps layer2 and this is faster than routing in layer3, please don´t forget it. Tweaking or tuning adapters will be here and there more pending on the entire art of network traffic. Sometimes you get success if you narrow down numbers (mbuf) or disable something and sometimes you high up that numbers or activate some different points to get your wished result. So it is not so easy to say do this or that, it is more pending on each single use case as I was getting it out here often in the forum.

@deridiot said in Weird Behavior with x710-da2 in 2.5.x: Issue still present on below build, resolved with the same change mentioned above. 2.7.0-DEVELOPMENT (amd64) built on Fri Feb 04 19:41:27 UTC 2022 FreeBSD 12.3-STABLE Installing 2.6 and update to 21.05.2 was solving that problem for a X710-T2 adapter, so perhaps it could work for you too.

@fireodo ok. i'll bite the bullet and try it. I have tried disabling all interfaces and services and bring them back and definitely, irrespective of the heat sink, pfBlockerNG makes the temprature rise by at least 5deg

@softwareplumber said in Help analyzing performance bottleneck on Protectli FW4B: If it's the ISP I'll be mad. Who is the ISP? A while ago we confirmed with others and AT&T that their business fiber router has (or, had) a low limit. This was a note I had from 2018, based on emails from an AT&T rep: "AT&T Business Fiber does not support true IPv6, but customers may use 6rd to facilitate IPv6 tunneling across IPv4 infrastructures. AT&T Business Fiber does not support “true” bridge mode, however it does support IP Passthrough Mode. The new AT&T Business Fiber modem we deployed, the BGW210, supports up to 8,000 concurrent IP sessions." I found another note from someone else about "AT&T Broadband Fiber" allowing all of 2000. re: "exactly one hour," there is a patch in the new System Patches package for "Disable pf counter data preservation to temporarily work around latency when reloading large rulesets (Redmine #12827)"

@kennypollock I am using a "Plugable 2.5G USB C and USB to Ethernet Adapter, 2-in-1 Adapter Compatible with USB C/Thunderbolt 3 or USB 3.0, USB-C to RJ45 2.5 Gigabit LAN Compatible with Mac and Windows" on my Windows client machine It was pending on the FreeBSD support for the USB Adapter, more then once seen here they are often sorted with FreeBSD incompatible chips.

Adding some details now I'm at my desktop. [2.5.2-RELEASE][root@pfsense.local.lan]/root: dmesg | grep 710 ixl0: <Intel(R) Ethernet Controller X710 for 10GBASE-T - 2.3.0-k> mem 0x38bffe000000-0x38bffeffffff,0x38bfff008000-0x38bfff00ffff irq 47 at device 0.0 numa-domain 0 on pci7 ixl1: <Intel(R) Ethernet Controller X710 for 10GBASE-T - 2.3.0-k> mem 0x38bffd000000-0x38bffdffffff,0x38bfff000000-0x38bfff007fff irq 47 at device 0.1 numa-domain 0 on pci7 [image: 1647534513145-1bb2b6b4-d239-4281-aca2-8b6c21fe7c1f-image.png] Syncing up nicely at 2.5gbps to my cable modem, and 10G port to my switch.

@robatwork said in Lightweight/low cost hardware for pfsense: Thanks, but I really wanted something that didn't need another "box" ie. modem I was mislead by the entire topic, sorry for that. With more money and knowledge if the BT in UK supports this modems (named and linked below) you could be happy, but not matching your price. Netgate 2100 + ADSL/VDSL SFP modem VT AIR 100 Firewall + ADSL/VDSL SFP modem

@joshhboss Can you provide us with more details please? WAN Bandwith, are they all WiFi Users? Which switches and other hardware will be in game here? What packet you want to install on your pfSense? Squid, pfblockerNG, Snort, Captive Portal with voucher system and radius certificate,....... Or do you only have 2 GBit/s WAN lines and wan to connect all users over WiFi and LAN into some VLANs and the firewall do the routing job? Please don`t get me wrong here, but if you have stacked (ring) Layer3 switches and also core Switches plus one or more WiFi controllers and pfSense do only the firewall job all will be fine here for 4000 - 6000 users.

@cool_corona Thanks for your reply - I really appreciate it

@jean-francois This is still relevant in 2.6.0. Had a NIC die and didn't have a replacement on hand. Plugged in a TP-Link UE200 with the RTL8153 chipset. It was capping out at 40MBit. Using the 2 config lines you posted boosted the throughput up to 250mbit, which should suffice until a replacement nic arrives.

@orangehand said in SFP transceiver to connect to ADVA box: @pcourtney Maybe one day I will try and get the ADVA to talk direct to the 7100 before you do that, take with you a laptop with 1Gb NIC speed ethernet port, a 1Gb media convertor that is same SFP spec as the ADVA ( MM or SM ) , take the pigtail out of the Cisco managed router that TT (TalkTalk) supplied, and configure windows with the static IP and gateway that was originally provided by TT provided to your customer, this is what we do when testing before we actually connect any third party routers we may come across

@stephenw10 very good, thank you.

Plug it in and find out. The next best thing would be to get the PCI device IDs and compare that with the list on the driver. Steve

OK, can anyone advice what would be better to get TOPTON i7-1165G7 i211AT 6LAN or QOTOM Q575G6 i7-7500U i211AT 6LAN. I'm on PPPoE FTTP (UK). With current electricity prices I'm trying to find most efficent solution(without breaking the bank [ie. SG-6100 max]).

@stephenw10 Update.... I ended up using only one of the ethernet port on the NIC for the LAN and used the port on the MB for the WAN. Everything works. I guess the dual port NIC cannot handle WAN and LAN at the same time...

All that sounds good! So no problem with the temp, then. Does anybody have an idea what 4G/LTE USB modem that actually works well? Edit: I'll ask in the Wireless forum, that's probably better.

Has it always run at those indicated temps? Is it under high load?

@akuma1x well i only have one nic shown in the pic i put it in my system, its all good so far! i also want to remind everyone that its a used nic card i got from ebay FOR FREE!!! got sent the wrong one and was refunded the full amount and told to keep it, so if you want a reliable and honest ebay seller you should definitely look them up! they already have high rating on ebay. im not doing advertising or anything, its just my limited experience dealing with them.