@DStahlFL: Two of our PFSense box's have 3 X Samsung 850 Pro, and so far the performance is excellent for writing log files and other pcap data. https://forum.pfsense.org/index.php?topic=97554.msg582821#msg582821 Would be interesting to know if TRI works with pfsense on the 850 PRO SSDs, as mine with 850 EVO apparently do not… regards! chemlud

Not to say wireless doesn't work in pfSense at all, but I certainly wouldn't advise anyone to invest actual money in to it. Lets say it as it is, if you get it (WiFi) working you will be the lucky one, but if not go ahead with an external WiFi AP for your WLAN network. It might be mostly pending on the hardware directly and not less on the brand or chipset. Well known working miniPCIe card for me will be the UBNT SR71-E and Compex WLE200NX.

Well after mashing together the "Begginers Guide" and EFISTUB guide i got an working Turbot-Arch UEFI install on SATA. With Arch Linux in the UEFI boot menu. As usual was missing one critical command: bootctl install This made the EFI folder with the files I needed.. Several guides said –Don't install a bootloader with GPT/EFI-- Well this cost me 2 days. Luckily I went back to the beginners guide! Funny how the advanced instructions miss this critical bit. Arch has good doc's but the hyperlinks are too much. XFCE4 Install went smooth and looks good

1. underperformed = nothing runs as expected 2. right performed = all is running at the time, but with no headroom 3. over performed = likes Nr. 2 but for a longer time and with much more headroom for future things How much hardware is just ridiculous overkill for a setup like this from a core/CPU and RAM perspective? How long you want to run the same box with sufficient power and speed? What is your future plan to install (packets) or running or offering services? 200 MBit/s speed at the WAN port is not so heavy, but together with massively QoS, IDS, DPI or many VLANs it can narrow down the entire box step by step and so I would more loving to have some power on top as for future packets or services that comes also often on top. A SG-2440 or SG-4860 would be doing the job as I see it right On the LAN however you need 1Gb throughput to handle nearly 24x7 voice calls, Windows file transfers, streaming video @ up to 20Mbps per stream, gaming, etc. Then perhaps you shoudl think about a Cisco SG300 or D-Link DGS1510 Layer3 Switch that is routing the entire LAN with wire speed, and the pfSense box must only do their job. We're talking around 20 total connected hosts here with tasks varying across what I've described. 20 device must not need to much power and 5 other device are using more then the first 20! That is something you must answering and not we.

now is the question how to install it Install FreeBSD 10.1, and then have a look what kind of driver is loaded and then copy this .ko file over to your pfSense based also on FreeBSD 10.1 and then try to load it at the boot time by editing the loader.conf file and edit it and then past in the following line: mpt_load="YES" Safe and close the loader.conf file and create a loader.conf.local and place there this line of code in again after an update or upgrade all files will be written new, also the loader.conf and then this line will be lost!!! But with the loader.conf.local your custom made things will survive. Where you have to place the mpt file in you must find out by your self I really don´t know it. But be careful only copy files from and to; 32Bit - to 32Bit and 64Bit to 64bit OS FreeBSD 10.1 to FreeBSD 10.1 based

So maybe mbuf should be set to 1000000? On boards with soldered onBoard RAM or memory you could not go higher in the amount of RAM, because it is soldered on the boards!!! So be careful with this number (1.000.000) perhaps you might be beginning with 100.000 or less, for not ending in a booting loop if the RAM amount is to small after changing the mbuf size. On boards with an DIMM or S0-DIMM socket this would be not a problem, because you will be able to change or high up also the amount of the entire RAM.

Gotta say, I don't mind supporting the project but I would be remiss if I didn't mention for others considering it that when you order from teh store you should expect some delay since I imagine they are drop-shipping it. Mine sat in fulfillment for 3 business days then shipped yesterday. So now the device I paid extra to get 2 day shipping on will be in transit for 5 days. I get this is that time of year and the holidays screw up online commerce royally. Just was hoping that since I ordered this after Christmas they'd see we were on a short week and try to get my order processed so I could get it this week. Oh well…  :(

I do 500Mbps on mine with IPSec!

@daileycomputer: I've got a Netgate RCC-VE 2440 with a 128MB mSata. I installed the Netgate ADI image. There's no package manager in the web interface. Which image?

@irj972: having spent time configuring a AP9617/AP9630 for NUT and auto shutdown of several servers etc, I suspect a plug in adapter like that will turn into the least of your problems! The APC line are well supported and definitely worth another look. hehe, is that hard? :D

I have the same problem. I am running a 5 years old AMD64 box (AMD Athlon 64 X2 Dual Core Processor 4800+) on a ASUS motherboard. I have two NICs one of which is an Intel Pro 100/1000 and the other a Marvell Semiconductors Yukon 100/1000. I have not yet created any custom firewall rules. When the install was fresh I could run PFSense for a few seconds to a few minutes before Pfsense stopped serving requests. The first trouble-shooting thing I did was to turn off any equipment that might compete for DHCP addressing, but to no avail. After realising that the Gateway-log was full of error messages such as those below I stumbled up on this topic. Dec 30 09:16:08  apinger: Could not bind socket on address(90.226.210.126) for monitoring address 90.226.210.1(WAN_DHCP) with error Can't assign requested address Dec 30 09:16:09  apinger: Could not bind socket on address(90.226.210.126) for monitoring address 90.226.210.1(WAN_DHCP) with error Can't assign requested address Dec 30 09:16:10  apinger: Could not bind socket on address(90.226.210.126) for monitoring address 90.226.210.1(WAN_DHCP) with error Can't assign requested address Dec 30 09:16:11  apinger: Could not bind socket on address(90.226.210.126) for monitoring address 90.226.210.1(WAN_DHCP) with error Can't assign requested address Dec 30 09:16:12  apinger: Could not bind socket on address(90.226.210.126) for monitoring address 90.226.210.1(WAN_DHCP) with error Can't assign requested address Dec 30 09:16:13  apinger: Could not bind socket on address(90.226.210.126) for monitoring address 90.226.210.1(WAN_DHCP) with error Can't assign requested address Dec 30 09:16:14  apinger: Could not bind socket on address(90.226.210.126) for monitoring address 90.226.210.1(WAN_DHCP) with error Can't assign requested address Dec 30 09:16:15  apinger: Could not bind socket on address(90.226.210.126) for monitoring address 90.226.210.1(WAN_DHCP) with error Can't assign requested address Dec 30 09:16:16  apinger: Could not bind socket on address(90.226.210.126) for monitoring address 90.226.210.1(WAN_DHCP) with error Can't assign requested address Dec 30 09:17:48  apinger: Starting Alarm Pinger, apinger(26023) Dec 30 09:36:25  apinger: Starting Alarm Pinger, apinger(21795) Starting out I had put the LAN Interface on the Marvell card, but that caused the Web Configurator to become unresponsive as soon as the link went down. Then I switched the interfaces (so that the WAN Interface uses the Marvell NIC) with the somewhat positive result that I could at least reboot the system remotely when the link dropped as it kept doing after a few minutes after rebooting. After checking "Disable hardware TCP segmentation offload" in System -> Advanced, Networking tab as advised by David_W in the thread https://forum.pfsense.org/index.php?topic=96325.15, uptime increased from minutes to hours (at least in some cases, but sometimes it is minutes still). I have now also tried the changing the System: Advanced: System Tuneable net.net.tcp.tso variable from 1 to 0 as advised by julicravo, but that made the system more unstable as changing that variable caused the system to stop serving request just a few minutes after rebooting. I must admit though that it is somewhat hard to tell if the net.net.tcp.so made any difference for the better or worse. Right now I am running my WAN on the onboard ethernet and my LAN on the 1 GB Intel Pro NIC and this configuration works great. I believe there is a bug in the FreeBSD Marvell driver. I will replace the Marvell card with an Intel. Will pfsense auto-detect if I switch NICs and install the proper drivers by itself?

You might be using squid as a proxy server with user authentication to work it out.

I am planning to go with the A1SRi-2758F, as so far I understood it works with pfsense. Im not in a big hurry for this project so I am taking all steps easy. I just finished making the list of all hardware (combined with what I can easily order). So next step is truly ordering it and then I can continue. Wont be days, but I will. :)

First thank you for taking the time to reply to my thread, secondly I really didn't appreciate the condescending tone your entire post oozed with. I could be reading into it however you came off incredibly crass. This is owed to the circumstance that the english and american language are not my mother spoken language is, and there fore I have not so good english language skills and very often peoples are responding the they mean the entire tone is rude or not well formed. I don´t know their German language skills but I am pretty sure they will also not even hit the point they want in my language. The hardware which I am referring to is in the link below; http://store.netgate.com/ADI/RCC-VE-4860.aspx The ADI and pfSense store hardware are fully identically and it can be told it is like from the same house. And this is an open secret for the most peoples here in the forum. One is sold with CentOS and one is sold with pfSense to support the entire project. Same motherboard and functionality from what I can tell in terms of hardware (minus wifi as the 4860 1U page does not state it comes with it). If you have a rack, you must not mount this SG-4860 box, you should also be able to insert it on a shelf inside I really think there are not problems with this.

They'll all show some interrupt usage, that's part of how computers work. If your hardware's significantly oversized, especially CPU, relative to the amount of traffic you're pushing, it's probably a fraction of a percent. It's perfectly normal to have more interrupt load than that though, including well beyond what you're seeing if you start pushing a lot more traffic. The interrupt load itself wasn't a problem with your Realtek NICs. Some of those NICs just fall apart under load, and the interrupt load increasing is just what happens when your NICs are under more load.

I would go with a single enterprise class SSD vs. a RAID array of spinners; no moving parts, less heat, better reliability, lower power usage, and longer runtime on UPS.

@StuBoy: I am new to pfSense, but built my system on this hardware … http://linitx.com/product/linitx-apu-1d-4gb-3nicusbrtc-pfsense-msata-firewall-kit-red/14243 It's been rock solid, only consuming 6w of power. Stu It´s a PC Engines APU1D4 board and really fine for pfSense, but now one month before the upgrade Board APU2 is coming out, I would more tending to wait this month or two, to get my hands on the APU2B4 board with; ECC RAM AES-NI support Intel NIC based LAN Ports Quad CPU Cores @1,0GHz same case and dimensions

Do you have any old hardware to sacrifice to the cause? Really if all you are doing is experimenting, even an old laptop will suffice

I have the ASRock J1900 with a dual intel nic (x2 PCI)  and w/ careful trimming of the back of the x1 slot have had it working just fine for nearly 1 year.