Hmm, hard to say with nothing logged. I have once seen odd behaviour on those NICs with hardware checksum offload still enabled (the default setting). However it didn't block traffic completely. It's worth trying though. Steve

@luckman212: I can't be sure but from what you've described it sounds like your Charter modem is losing sync from time to time and reverting the DHCP that it's "passing through" to your pfSense router to a temporary subnet.  This is a known behavior especially for cable modems and it can be very annoying. It would be great it pfSense/FreeBSD handled this "bug" a little better but there is a possible workaround that you can try… Try going into your WAN Interface settings and under "Reject Leases From" put 192.168.100.1 See if that makes any difference... Thanks for this tip, I'll give it a shot.  And also thanks for the references. In my post, <wan ip="">refers to the dhcp IP assigned by Charter cable, not to 192.168.100.1.  One of the references you linked mentioned accessing 192.168.100.1.  I usually can ping that address when the WAN is 'offline', I guess that makes sense.  Unfortunately, I have to access to the internals on that modem, all I can get at that address is signal levels. For reference, my modem is a Cisco 3208 DOCSIS 3 with no wireless.  I do not use a cable phone so it provides only internet to pfSense.</wan>

I wonder when I could buy one of these. I don't see a sales page yet… Lots in the chute with SG1000, Dual-E and Turbot Quad.

I have about 40 of the 2440's deployed, they are great units.  Have had the filesystem corruption but that's more of a freebsd/ufs bug that I'm hopeful will be resolved in 2.4 with ZFS.  Never had any issues with power/crashing/heat/boards frying etc.  I would try to open up a case with support and see if you can get an RMA.

Sorry for the late reply.  Just now read this… I have been thinking about using CARP.  IP addresses are a bit tight.  But, I could probably work around that.  My real concern was that I have a gateway group (2 Internet Connections) using failover (One is a cable backup and we only have 1 IP).  We are also utilizing Inbound Load Balancing.  I wasn't sure how/if CARP would handle that setup and at this point I am a bit nervous to try :-)

Thank you very much for the reply.  Networking is not my strengths and I'm still learning.  I was debating about putting an Ubiquiti Edgerouter behind the pfSense to handle internal network traffic and VLANs.  Do you think this would assist in the Throughput concerns you mentioned? WAN <–> pfSense(NAT/Firewall/VPN) <--> EdgeRouter (as router only) <--> LAN

I was interested in the original UP board, not necessarily for pfSense.  The original board had a single Realtek NIC.  I'm assuming the NICs on this one are Realtek too, but having two of them certainly makes running pfSense on it a little more palatable; not having to use VLANs for even a basic config is nice.  I'm glad I waited on buying the original; I intend to pick up one of these and give it a shot. Not sure about the kickstarter thing, but 89 Euros gets you the base model.  I'd pay that.  But then again, I'm a guy who bought the original Sheevaplug dev kit in 2009 for $100 and am still using it today.

Makes no sense I buy it then. Gonna have to continue using the realtek nic I have.

No idea. I'm running pfSense under ESXI 6.0 and haven't tried that. We use the Digi's to connect a realtime USB clock to a virtualized Windows server.  Our solution is a data retention dealie and it's critical that the user cannot change the system time.  Since most of our customers are virtualized and you can't plug a USB dongle into a VM, we use these to connect the VM server to the USB device over the network.  I used to use Digi multiplexers back in the day when I worked for an early ISP (very early 90's) and we had dozens and dozens of racks of 28.8k modems, all tied into a *BSD box with Digi serial muxes.  Great hardware.

There is a better way I just did not post it.  It is also posted at my wiki (https://wiki.hackspherelabs.com/index.php?title=U620L_Novatel#U620L_-_Set_CDC-ECM_Permanently): =U620L= ==Put into CDC-ECM Mode== Go to:  http://192.168.1.1/fieldtest/ Click Debug Mode You will have to restart your modem so unplug and re plug I usually wait at least 10 seconds before unplugging and 15-30 seconds before plugging back in By default the modem will not work in Windows as Windows does not like this mode.  Plug into a linux box or BSD box though and ask for a DHCP request and everything is cool! You should still be able to access the web interface after this. ==Take out of CDC-ECM Mode== Plug into linux box or a box that interacts with CDC-ECM mode. Grab a DHCP release so we have access to the correct network (I think it uses NAT redirection) Go to:  http://192.168.1.1/fieldtest/ Click End User Mode ==Research Study== I hope that they do not disable this feature in an update.  I also wonder if having the modem in diagnostic mode disables firmware upgrades so I am going to track some firmware versions: ===Modem A=== Current Software Version: 1.3 (L1.218.1 M9x25MET-2.44.3 1 [2015-05-13 13:56:54]) Configuration Version: I14.NVT,USB620.0 ===Modem S=== Current Software Version: 1.3 (L1.218.1 M9x25MET-2.44.3 1 [2015-05-13 13:56:54]) Configuration Version: I14.NVT,USB620.0 ==Notes== *I do not see a way to tell if the device is in debug mode **This also gives you serial access too:  screen /dev/ttyACM0 115200 **I do not know the password

sounds like a win win  ;D

It's what's called a "shared port." igb1 can have either the SFP or the RJ45 active. Pretty common. Lots of switches work the same way, for instance. There are 6 ports. Two SFP+ (ix0, ix1) Three Gigabit Copper (igb0, igb2, igb3) One shared SFP or Copper (igb1) 2 + 3 + 1 = 6 Not sure what to tell you about which modules to get. Probably the ones you can add to the order would be a good place to start.

@berlyn0963: Has anyone ever had issues getting the keyboard to work? It doesnt recognize any inputs when installing pfsense so I cant do anything at this point. I tried usb and ps2,.  I must be missing something simple here. Any help at all would be great . Thanks I have managed to use a USB keyboard on an XTM 510, in the BIOS and on the install screens of a full install using serial redirect to putty.  I cannot recall if I did anything (BIOS is still locked) to get it working other than plugging it in.

I should really put that in a signature oh something like that. I'm using a AMD A6-6400K APU with an extra TP-link NIC (realtec) and 2x4GB  RAM  (It's what I had laying around that would take up a midi tower place.

That should handle 50Mbps just fine.  We've done 100 Mbps on an APU1D and it worked just fine.  You'll just be looking at longer boot times but once it's loaded you shouldn't have any issues with it.

Well…..never mind I guess.  :D Turns out the problem wasn't the NIC and PFSense, it was my test-bench switch going bad. Stupid thing suddenly decided to only let devices connect to it at a 10Mbs, which I guess made PFSense just go "Nope, not gonna play that slow" and showed as no cable connected at all. I'm up and running now with a different switch, so all good!

@KOM: With ease.  I can't find the link anymore, but Jim Thompson posted some performance metrics that showed it could handle your requirements without breaking a sweat. Alright, sounds good! Thanks for the help  ;D

If you need 802.11ac then yes because there is no support for it in FreeBSD (yet). If you can use 802.11n (or g) then you can use an older Atheros card in most cases. Steve

Yup.  Drive finally gave out.  Odd.  Never had an SSD fail until now.

@Derelict: However, are there any benefits to going the multiple NIC route rather than a switch? If what you want/need are switch ports, not really any benefit at all. A layer 2 bridge implemented in software will pretty much never perform as well at forwarding frames as even the cheapest switch. I took this to mean that OP was asking whether to use a NIC per lan segment vs using a managed switch (as the title suggests) and VLANs.  Guess some clarification is necessary.