No, atom n270 has a 32-bit instruction set. The current versions of pfsense is 64-bit https://ark.intel.com/content/www/it/it/ark/products/36331/intel-atom-processor-n270-512k-cache-1-60-ghz-533-mhz-fsb.html This is a link for hardware distributed by Netgate that is definitely working with pfSense. https://www.pfsense.org/products/

@sethelyon I just worked through something similar--the tutorial I was following forgot to add the DNS on the new VLAN interface, which resulted in clients showing no internet. I got clued (after a solid 2 hrs of peaking through settings in unifi and pfsense) in when I typed 1.1.1.1 into my browser to stimulate traffic to sniff and it worked. I felt super smart. If you can't laugh at yourself... J

x520 is fine, also uses the ix(4) driver. The NIC will not be the limitation in getting close to 10Gbps, the CPU usually is. But with that CPU... I've never run pfSense on anything that powerful personally. Steve

I see. In that case I'll just continue using the adapter as a bridge in Proxmox and assign it to pfSense that way. That has been working just fine for about a year now. Was thinking about doing hardware passthrough because I want to get rid of my old router and let pfSense handle the PPPoE connection to my ISP and wanted to minimize any potential security risks.

Hi @PhiloEpisteme - my pfSense box is actually based on the Sumpemicro 5018D - F8NT 1U barebones system: https://www.supermicro.com/en/products/system/1U/5018/SYS-5018D-FN8T.php I believe they also make a stand alone or desktop version of this as well (i.e. with the same CPU). With respect to noise, I would not call this system quiet, and the primary reason for that is of course the small form factor. With a 1U chassis you are limited in terms of the types of fans you can use and to get any decent airflow you'll need several small fans operating at quite high RPM's (which means more noise). While this system doesn't sound like a jet plane taking off, one would definitely notice the noise in an office setting. I haven't measured the power consumption on just this system specifically (only on my entire network stack), but with a CPU TDP of just 35 Watts it will be on the lower side. Consider also that the CPU wont' be running at full speed the whole time (unless the firewall is consistently loaded down), but any expansion cards you add will contribute a few extra watts. If you are looking to build a system with this CPU (or similar) it might be a good idea to just get the motherboard and CPU combo and run the whole setup in a larger (2U or bigger) case, which would allow you to use bigger fans. Now having said that, given that your use case involves wanting to utilize 10Gbit speeds between subnets, I would recommend looking at a higher frequency CPU than the Xeon D's as @stephenw10 already suggested. The quad core Intel i3-8100 or newer generation i3-9100 would make good choices and are decent bang for the buck IMHO. Couple that with a solid motherboard (that has appropriate expansion slots), a 4 port 1Gbit NIC, and a 2 -4 port 10Gbit NIC and you'll have powerful system that will also handle OpenVPN quite well. The i3's I referenced do have a little higher TDP (65 Watts) but again, unless the firewall is loaded down the entire time, the CPU will scale back the frequency and power consumption will be lower on average. I hope this helps - please let me know if you have any other questions.

Tanks ... i try to boot from CD and escape to a shell Tanks

Hi, I know this is an old topic, but highly relevant to my problem. Did you manage to fix it? Here is my topic : Sophos SG330

@High_Voltage , I have seen this problem many times with Supermicro motherboards and Intel NIC's. Remove all the extra cards, and configure one of the onboard NIC to login through the Web GUI. Navigate to Diagnostics -> Edit File -> Browse to /boot/loader.conf Add this line in your loader.conf file : hint.agp.0.disabled=1 Save and shutdown pfSense. Now add the extra NIC's and they shall be recognized correctly now. Grtz DeLorean

Its been on for 24 hours. about 22hours longer than it used to be on. It must be the l2tp Interface making it crash. edit: its been up for the whole weekend. Thanks guys. Marking it as Solved.

Yup, x86 only currently. Steve

@scoobey I forgot to add that after the install it hangs at the ACPI0: as well. I have manually choose safe mode from the boot menu to get it to boot completely.

Yes, please open a ticket. I would like to look at your config for this. The crashes are all almost identical which indicates a software issue. And they are on all interfaces including both igb and ix which is very unusual. For reference: db:0:kdb.enter.default> show pcpu cpuid = 0 dynamic pcpu = 0x8a2100 curthread = 0xfffff8000704b620: pid 12 "irq296: ix1:q0" curpcb = 0xfffffe011c653a80 fpcurthread = none idlethread = 0xfffff80004958000: tid 100003 "idle: cpu0" curpmap = 0xffffffff82b8bc18 tssp = 0xffffffff82bbca90 commontssp = 0xffffffff82bbca90 rsp0 = 0xfffffe011c653a80 gs32p = 0xffffffff82bc32e8 ldt = 0xffffffff82bc3328 tss = 0xffffffff82bc3318 db:0:kdb.enter.default> bt Tracing pid 12 tid 100099 td 0xfffff8000704b620 pf_test_state_icmp() at pf_test_state_icmp+0x45a/frame 0xfffffe011c653160 pf_test() at pf_test+0x1a3a/frame 0xfffffe011c6533b0 pf_check_in() at pf_check_in+0x1d/frame 0xfffffe011c6533d0 pfil_run_hooks() at pfil_run_hooks+0x90/frame 0xfffffe011c653460 ip_input() at ip_input+0x441/frame 0xfffffe011c6534c0 netisr_dispatch_src() at netisr_dispatch_src+0xa8/frame 0xfffffe011c653510 ether_demux() at ether_demux+0x173/frame 0xfffffe011c653540 ether_nh_input() at ether_nh_input+0x32b/frame 0xfffffe011c6535a0 netisr_dispatch_src() at netisr_dispatch_src+0xa8/frame 0xfffffe011c6535f0 ether_input() at ether_input+0x26/frame 0xfffffe011c653610 vlan_input() at vlan_input+0x215/frame 0xfffffe011c6536c0 ether_demux() at ether_demux+0x15c/frame 0xfffffe011c6536f0 ether_nh_input() at ether_nh_input+0x32b/frame 0xfffffe011c653750 netisr_dispatch_src() at netisr_dispatch_src+0xa8/frame 0xfffffe011c6537a0 ether_input() at ether_input+0x26/frame 0xfffffe011c6537c0 ixgbe_rxeof() at ixgbe_rxeof+0x7fd/frame 0xfffffe011c653880 ixgbe_msix_que() at ixgbe_msix_que+0x96/frame 0xfffffe011c6538e0 intr_event_execute_handlers() at intr_event_execute_handlers+0xe9/frame 0xfffffe011c653920 ithread_loop() at ithread_loop+0xe7/frame 0xfffffe011c653970 fork_exit() at fork_exit+0x83/frame 0xfffffe011c6539b0 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe011c6539b0 --- trap 0, rip = 0, rsp = 0, rbp = 0 --- db:0:kdb.enter.default> ps Steve

@stephenw10 @kiokoman we completed the move to a new X550 LAGG with 3 VLAN's. All works well and the no longer have the "macvlan err of death" when performing interface related updates!! FYI, we spotted a bug related to firewall rules breaking when moving interfaces which might already been known, but if I don't find a post I'll do a separate post so it might help someone in the future Thanks again Hass

i would think about it, it's a VERY noisy server and maybe too mutch power consuming if you intend to run only pfsense

Then you should also try the alternative Realtek driver: https://forum.netgate.com/topic/135850/official-realtek-driver-binary-1-95-for-2-4-4-release Steve

@chpalmer DW has a 30day demo, not sure what 'consumer' cams it supports (i now have Dahua from hikvision)

That link would be for a FreeBSD image that runs on the TP-Link instread of OpenWRT. You probably don't want to do that! I would not expect any interaction between the com lines there. There should not be any output on com2 when pfSense is booting. It's never been an issue on that device with the build in switch for example. I would be very surprised in that header marked 'UART1' is actually connected directly to the eeprom. It's probably connected to the SuperIO chip. Accessing the eeprom would be via an SPI header almost certainly. I have no way to know that for certain of course! Edit: Looking again at the photo what's on that 2 pin header just next to the UART1 label? Also it looks like there is something shown as 'SPI1' which I would expect to be for accessing the eeprom. Steve

I purchased a Shuttle DS68U with a 3855U a year or so ago as a discontinued closeout for $168. I added some spare ram and a ssd. It works great for my needs. Just for fun, I'm thinking about building a router on a stick, but only because I have the spare parts around the house. It's older stuff but still useful and has lowish power consumption. This one is a Dell 3020M with an I5-4590T. Overpowered for use as a home router, but just sitting in the closet. The electricity will add about 50 cents to $1 or so a month. I'm also considering re purposing an old laptop pc when I replace it in a few months, also just for fun. It's a dell e7240 I bought used for $150 a while ago. It has an i5 low electrical draw cpu, about the same power consumption as the Shuttle DS68U, but 2x as powerful according to the Passmark. It would also be a router on a stick. I'm curious to see if I can turn a random scrap laptop PC into a reliable high powered firewall. The point: Shuttle is A-OK in my book. On the other hand, if you're only buying for home use, then the newest and best is not necessarily needed. The router doesn't care. The total cost outflow is important, too.