@stephenw10 Forgot to say thank you. I knew I had read that this had been changed but never messed with it because for over a year the tiered thing seemed to work but this makes sense. thanks for taking the time to respond.

Yes

All of those CARP IPs are on LAN directly. They should be on their own interfaces.

Steve

They may be sending a prefix only in which case the WAN would not get an IPv6 address directly and would using link-local for routing the prefix. My ISP does that.
If you have LAN or OPT set to track WAN with prefix ID set they should get a v6 IP.

Enable Debug in the dhcpv6 settings on WAN and you will get a lot more logged info when it connects.

Steve

@gertjan Thank you!
just upgraded it with no issue :)

Yes, you can't change the power state on ARM like you can on x86 so there is no real shutdown, just CPU halt.

The 2100 and 3100 have a separate LED controller that will continue to pulse the black diamond LED.

Steve

I did quite a lot of testing on this recently and there is no significant difference between LAN and OPT for throughput to/from WAN.
However I use OPT as my main connection here just because I also have it connected to an external switch and it makes changing VLANs on that link a lot easier.

You may have no VLANs now but if you have a 1G connection and a number of devices using it you'll probably want to start segregating them at some point.

Steve

It probably would work with a 1G NIC in the 7100 but that's not something I've ever tried and I can't test it. 1G NICs are not expensive though it you have the expansion card fitting kit.
But more expensive that just using the media converter you have and know works. 😉

Steve

Thanks. I figured it out. I wasn't expecting the discrete NIC's. I am all set now.

Oh, they have one for the 5100 as well. It's 1.37U tall which is just a little odd, but otherwise seems slick.

Netgate responded super fast. Provided ver.21.05.1 firmware and clean instructions to reinstall it on the 3100. Whole process was took 15min. I'm back in business 😊 👍

If you are using ix0/ix1 the VLANs work exactly like any other pfSense install.

Can you show us how you have them configured?

Steve

Yup, I would say the same. Any firewall will handle it, even the 1100, but if you want to use VPNs, filtering, traffic shaping etc and have that many clients I'd go for the 5100. Or the 6100 now.

Steve

@andyrh said in New 7100 setup:

I moved the WAN by changing the parent interface for the default WAN VLAN.

The VLAN on WAN, 4090 by default, only applies to the internal switch. So simply moving the VLAN parent to ix0 or igb3 would only work if VLAN 4090 is defined correctly on the external switch they are connected to.
If that's not the case the new WAN interface would be directly ix0 or igb3 without a VLAN.

Steve

Yes, it's because you are running the Factory Edition.
On that particular hardware you can re-install as CE if you really wanted to but I would not recommend it:
https://nyifiles.netgate.com/mirror/downloads/pfSense-CE-memstick-ADI-2.5.2-RELEASE-amd64.img.gz

Steve