@stephenw10 Thank you. I'll keep an eye on future updates.

@steveits had a quick look but its late and just finished a 12hr work day... but the main difference i spotted between the 2 units isn't black magic but an accelerator card CPIC-8955 that seems to offload the encryption from CPU and " accelerate cryptographic workloads ". For a " home lab " I cannot justify spending $2650USD or $3150USD and the recurring $500USD yearly subscription when the Asus RS100 listed above set me back $550CAD + 98CAD for CPU + $110 for a 500GB WD SN750 + $140 for 16GB DDR4 2666 ECC RAM which is a hair under $900CAD which at the current exchange rate is roughly 732USD. Not sure about the forward compatibility of the NETGATE units with other "firewall" software and would suck to get hardware locked after spending such a large amount of money, but for me... leaving the door open to other avenues to be discovered and allows future flexibility in mind is a good thing as now more than ever that is something to keep in mind.

@stephenw10 Many thanks for sharing these simple instructions! I agree this was much easier than messing about with compiling drivers and manually editing boot files. Much appreciated pkg install realtek-re-kmod then echo 'if_re_load="YES"' >> /boot/loader.conf.local then reboot then check the boot logs for output from the new driver loading using grep version: /var/log/dmesg.boot (output to look for is re0: version:1.96.04) but also the if_re.ko driver is listed for me when I use kldstat | grep if_re which shows output ending in 11e230 if_re.ko (when driver loaded) Source: https://forum.netgate.com/topic/135850/official-realtek-driver-binary-1-95-for-2-4-4-release/168#

Routing I'm getting about 1712 Mbps avg (Highs in 280s MB/s) but I'm not sure if that is the upper limit or just the limitation of my 2.5Gbps USB NICS. I don't have any 10Gbps Gear other than this firewall and Brocade switches. My Windows 2019 Server is 10Gb as well but I'm thinking that this little box is a winner. I haven't tried NAT performance but I would expect similar results even though NATing I feel like is more resource intensive but this box never gets to 50% utilization. I think the bottle neck is the 2.5Gbps USB NICs or my SK hynix Gold S31 SATA Gen3 2.5 inch SSD or My Samsung 860 Evo SSD, 10 Gb USB NICs are too expensive right now in the neighborhood of $300.

What chipsets do those NICs use? They are probably Realtek or Aquantia. Both have drivers available in 2.5. Steve

It should be supported by bxe(4). There is no other driver as far as I know. Steve

Glad to know this solution confirmed working and is a great hurricane or other disaster back.

@aidanic I do have this system now: https://www.supermicro.com/products/system/1u/5018/SYS-5018D-FN8T.cfm Yeah and the fans are noise at full speed. I use Optimal settings on mine. I was planing to order the Noctua NF-A4x20, but you need to do some "tweak/hack" on the fan speed control using ipmitool. Using this guide: https://forums.servethehome.com/index.php?resources/supermicro-x9-x10-x11-fan-speed-control.20/ But i decide not to do it yeah. :)

@stephenw10 Thanks for your reply, but I am not sure if this was the case, as I can see in the log that igb0 - igb3 is still same (original) mac address. I also switched the two Quad NICs in the PCI-E ports. After switching the WebGui and WAN were available again and I was also able to enable to new interfaces. Everything now works. Still do not understand why just adding new NIC in empty PCI-E didn't work immediately. Adding a new NIC shouldn't require any adjustments or analysis (imo).

@sparky17 No, I have not had any issues with the system. I do not run any third party apps. It works great. I use a Silverstone Milo 10 Case with a Nocuta Fan on the top blowing cold air. I have it mounted to my wall. https://www.silverstonetek.com/product.php?pid=923&area=en I also use a Mini-Box P4-DC jack to enable power with a 60 watt power supply https://www.mini-box.com/P4-DC-Jack-Cable https://www.mini-box.com/60w-12v-5A-AC-DC-Power-Adapter The system runs about 32 to 36 degrees C daily.

Without any outbound NAT only the device with the public IP directly is able to connect out and get replies. Anything in a private subnet behind that needs to have it's outbound connections translated to the public in order to get replies. That is outbound NAT. So you need to have some outbound NAT. A lack of it entirely might have fitted your initial symptoms. It doesn't really matter what you set the NAT on the new device. The best solution would be to pass the public IPO to pfSense and let it handle the NAT but if it's working well as it is I wouldn't worry about it. Steve

@tenou said in Nexcom LCM with LCDproc: @stephenw10 it's been a long time, but you were totally right! The display works flawlessly using the "Watchguard Firebox with SDEC" driver with default settings. [image: 1618249122497-nsa5130-os1.png]

How to spot a fake card: https://forums.servethehome.com/index.php?threads/comparison-intel-i350-t4-genuine-vs-fake.6917/

Unfortunately still no MBIM or QMI support for directly connected modems so an external Ethernet connected device is the generally the best choice. Steve

@foolish86 with some modify now go 300mbit. not bad, but still missing more 500mbit

Looks like you have a static ARP entry set which is pretty much never required. You see that error though because it cannot allocate memory in the ARP table for an IP in a subnet the firewall doesn't have an interface in. Which is probably because the re NIC has gone AWOL. Installing the pkg is not enough. You still need the loader line to load it at boot: See: https://forum.netgate.com/post/962889 Steve

@stephenw10 probably, I'm not super knowledgeable on how this stuff works in the back end. It does make sense that its a driver limitation, or maybe bug? Either way its nice that autoselect works as it should. Can't wait to get my other cards in and top out my provisioned speed. I can see when running a speed test it maxes out my 1Gbe nic in my desktop

Doesn't looks like that supports FreeBSD at all. No drivers. For example: https://forum.netgate.com/topic/144274/pfsense-with-cisco-c200-m2-and-cisco-n2xx-acpci01-10gbe Steve

Small update. Bought 5019C-FL, installed xcp-ng, and pfsense. Having pfBlockerNg, nordvpn for some vlans and VPN server. Everything runs as expected. I'm overexcited with pfSense after dd-wrt:)

@nan0tech said in Confusion on driver for Nic: Is there a way to force this card to load with the EM driver? Nope. But from your description of the problem I'm not sure it's a driver issue at all. Is it actually dropping the link or just dpinger restarting? Steve