@robatwork said in Lightweight/low cost hardware for pfsense:

Thanks, but I really wanted something that didn't need another "box" ie. modem
I was mislead by the entire topic, sorry for that.

With more money and knowledge if the BT in UK supports
this modems (named and linked below) you could be happy, but not matching your price.

Netgate 2100 + ADSL/VDSL SFP modem VT AIR 100 Firewall + ADSL/VDSL SFP modem

@joshhboss
Can you provide us with more details please?
WAN Bandwith, are they all WiFi Users? Which switches
and other hardware will be in game here? What packet
you want to install on your pfSense? Squid, pfblockerNG,
Snort, Captive Portal with voucher system and radius certificate,.......

Or do you only have 2 GBit/s WAN lines and wan to connect all users over WiFi and LAN into some VLANs
and the firewall do the routing job?

Please don`t get me wrong here, but if you have stacked (ring) Layer3 switches and also core Switches plus one
or more WiFi controllers and pfSense do only the firewall job all will be fine here for 4000 - 6000 users.

@cool_corona Thanks for your reply - I really appreciate it

@jean-francois This is still relevant in 2.6.0. Had a NIC die and didn't have a replacement on hand. Plugged in a TP-Link UE200 with the RTL8153 chipset. It was capping out at 40MBit.

Using the 2 config lines you posted boosted the throughput up to 250mbit, which should suffice until a replacement nic arrives.

@orangehand said in SFP transceiver to connect to ADVA box:

@pcourtney Maybe one day I will try and get the ADVA to talk direct to the 7100

before you do that, take with you a laptop with 1Gb NIC speed ethernet port, a 1Gb media convertor that is same SFP spec as the ADVA ( MM or SM ) , take the pigtail out of the Cisco managed router that TT (TalkTalk) supplied, and configure windows with the static IP and gateway that was originally provided by TT provided to your customer, this is what we do when testing before we actually connect any third party routers we may come across

@stephenw10 very good, thank you.

Plug it in and find out. 😉

The next best thing would be to get the PCI device IDs and compare that with the list on the driver.

Steve

OK, can anyone advice what would be better to get TOPTON i7-1165G7 i211AT 6LAN or QOTOM Q575G6 i7-7500U i211AT 6LAN. I'm on PPPoE FTTP (UK). With current electricity prices I'm trying to find most efficent solution(without breaking the bank [ie. SG-6100 max]).

@stephenw10 Update....

I ended up using only one of the ethernet port on the NIC for the LAN and used the port on the MB for the WAN. Everything works. I guess the dual port NIC cannot handle WAN and LAN at the same time...

All that sounds good! So no problem with the temp, then. Does anybody have an idea what 4G/LTE USB modem that actually works well?

Edit: I'll ask in the Wireless forum, that's probably better.

Has it always run at those indicated temps?

Is it under high load?

@akuma1x well i only have one nic shown in the pic 😊
i put it in my system, its all good so far! 😁

i also want to remind everyone that its a used nic card i got from ebay FOR FREE!!!
got sent the wrong one and was refunded the full amount and told to keep it, so if you want a reliable and honest ebay seller you should definitely look them up! they already have high rating on ebay.

im not doing advertising or anything, its just my limited experience dealing with them.

Have tried disabling every offload feature (or variations of) "ifconfig ixl0 -rxcsum -rxcsum6 -txcsum -txcsum6 -lro -tso -vlanhwtso -vlanhwtag" via shellcmd (either as shellcmd or earlyshellcmd). No difference whatsoever.

If I reroot the firewall (rather than reboot), the errors do not appear when everything comes back up. No idea if that's helpful to know. It seems the same thing happens irrespective of what switch is on the other end - MikroTik and Ubiquiti both do the same.

It looks purely cosmetic though so not too bothered. I do have another X710-DA4 somewhere which I'll play around with and see if I can figure out what's causing this. Can't keep screwing with the actual firewall as it takes every internet connected thing down if I do!

Ah, OK. acpi_call is not included in pfSense or the default repo.
You can try adding it directly from FreeBSD like:

[22.01-RELEASE][admin@5100.stevew.lan]/root: pkg add https://pkg.freebsd.org/FreeBSD:12:amd64/latest/All/acpi_call-1.0.1_1.txz Fetching acpi_call-1.0.1_1.txz: 100% 6 KiB 6.3kB/s 00:01 Installing acpi_call-1.0.1_1... Extracting acpi_call-1.0.1_1: 100% [22.01-RELEASE][admin@5100.stevew.lan]/root: rehash [22.01-RELEASE][admin@5100.stevew.lan]/root: acpi_call Please specify path to method with -p flag

But you need to understand the possible consequences of doing that:
https://docs.netgate.com/pfsense/en/latest/recipes/freebsd-pkg-repo.html#concerns-warnings

Steve

Great, thanks!

I didn't see the use case for that machine... maybe I missed it.
I had gone down this road twice, a mini ITX box. No, scratch that, 3 times. The first was real budget, an AMD AM1 setup with the 5350 chip and MSI AM1M board. 300watt PSU (way overkill) 4 port intel server pull NIC from Amazon, 8 gigs ram. old laptop hard drive. Worked fine, but a bit slow saving changes in the GUI- anything actually that wrote to disk because of the disk. An SSD fixed that. Should have stopped there. But I ditched the little AMD that could, for a Kaby Lake I3 and Gigabyte board (H270N WIFI). It was snappier in the GUI but network wise, no difference. Not stopping there, I made that computer into my little kitchen computer as an excuse for a Pentium G 6400/Asrock B460M-ITX. Well, my mother's computer died so I repurposed that Asrock to her new desktop, and made a smart move. I got one of those Qotom-Q555G6, i5 7200, added 8 gigs ram and a 64 gig MSATA. Probably cheaper than what you are thinking about, would work as well, and with the money saved, buy a real WAP like a Ubiquity. In the end, you have a better setup- between the better WIFI and the low power silent mini PC with a very capable i5. They even have an i7 one if you need to service a small office full of people or have symmetrical gigabit that you will be maxing out constantly. So I had fallen down the rabbit hole, managed to recover, and am now in recovery and resisting the urge to waste money. Oh, put that NIC in your gaming rig or server in the home lab. Mine is in a box; I have a better one in my ESXI host... and that is another story...

@stephenw10 Yes it is indeed. I hate to do something like double NAT with static routes. The next time a provider tries to force me to use a FritzBox I won't sign a contract with them :-)

@p-dang Thank you it worked!