@stephenw10 I'm still on 2.4.4p3 since it's a productive environment. I still get those aq_add_macvlan errors but the problem of kernel panics did nor occur any more.

Thank you, will try and figure something out, because it uses flash player and it is reaching end of live.

Sorry, yeah, typo'd that. It's 8 Rx cores. I'm not sure how that load would spread across 24 cores. There may be some work required to get the appropriate core affinity. Steve

It usually works fine. You need to enable powerd in Sys > Adv > Misc. That will then scale the CPU P-states. Steve

In a current CPU the TDP is only vaguely related to power consumption, and mostly in that low TDP parts have their max performance throttled to hit a specific max TDP number--at idle they're going to be close to the same. In an old opteron the power management features are much less advanced, and the idle power consumption in a typical "mostly idle" fw configuration is going to be much, much higher than a relatively cheap processor with a more modern core. And not just the CPU--the older chipset, especially for a rackmount server, is going to be much more power hungry than something new. If you're paying california power rates I'd probably just buy a newer box rather than fiddle with the current one. At lower power rates pulling one 4386 and leaving the system alone is the most practical approach, because the break even time for buying anything else will be long.

Feedback: I went with the Asrock, it works perfectly under Pfsense and has great fan control to run totally silent in a very quiet room. CPU i3-9100, overkill but 9100T are hard to find on stock Used the intel I219V port for LAN and I211AT for WAN Hope it helps other users

To see that use pciconf -lv

[image: 1572018150976-pf_temp.jpg] even with amd thermal sensors set in advance - misc settings - I get this. hopefully they fix it in a later version of pfsense/freebsd

my build @ https://forum.netgate.com/topic/147507/successful-pfsense-ryzen-3200g-build-success

@kiokoman thanks. Some random Nvidia 2gb pcie card I got for free aome years ago. One slot and has hdmi. Am4 lacks video except for the apu units. Since i got a videocard, going for it. Tempted to get a 2700 non x 8 cote for 100$ more for fun...

I have to speed up ..... The power supply has died and is unusual and thus expensive. :-( WG X700 is a thing of the past. It's a pity!

Just throwing this out there. Maybe some low level resource conflict. Try going into BIOS and disabling any ports, etc., you don't need, including the onboard NIC.

@stephenw10 Here for our new gateway of defense : SM SYS-5018D-MF ( + 8Gb ram and a Xeon E3-1240LV3 ). I add also Intel Ethernet Server Adapter x4 LAN, and last but not least i will use SSD (x2 in case of...) Eh voila!

They claim to support FreeBSD though the FreeBSD mlx5 driver doesn't list that card specifically. pfSense does not include the Mellanix drivers by default, you would need to copy the kernel modules across from an equivalent FreeBSD version or compile the drivers if something newer is required for that card. I would test it in FreeBSD to initially if you can. Steve

If virtualization is an option, I'd consider that and a multi-port NIC.

What service are you actually opening on the QNAP device? One thing that will immediately increase security would be to restrict port forwards to an alias of known external source IPs. That may not be practical in your situation, I don't know. Out SG-3100 would do well in that situation. The SG-5100 would be better of you plan to run packages such as Snort/Suricata or pfBlocker. https://store.netgate.com/pfSense/systems.aspx Steve

Hi @ramses-sevilla - I have been using this exact system with pfSense and a symmetric 1Gbit fiber connection since early 2017. Zero problems since then and have been impressed with the performance of the machine. Hope this helps.

It's not an issue, it's normal. ix is the driver. It is a 10G capable chipset and driver, but depending on the actual implementation, is perfectly happy operating at 1G or other compatible speeds/media types/etc. There are ports on the Netgate SG-5100 which are similar. They are detected as ix but the physical connection is 1G, not 10G. It will link up and run as expected at 1G. Think of it similar to a 10G capable SFP port with a 1G module in it. Sure, the chip can go faster, but the media connection is only 1G.