Installing pfSense on brand new hardware – no drivers?
-
Gigabyte GA-Z87N-WIFI :
Uh, that's an Intel i217v which isn't supported.
I don't believe that Atheros chip is supported either. They're both really new relatively speaking.afaik nobody has the i2xx series working yet. If you're deadset on using that GB board, just stick a ~20$ nc360t in it until the appropriate drivers are ready.
-
Yeah - But returning the mobo and just buying a vlan switch is so cost effective and flexible… Will work sooooooo well also.
-
It's GigE… would this switch do? http://www.microcenter.com/product/393070/JetStream_8-Port_10-100-1000_Gigabit_Managed_Ethernet_Switch_with_2_SFP_Slots
The wireless has worked fine for me... we don't do a whole lot on wireless (mostly web surfing and e-mail... our most demanding application is probably YouTube), and the guest AP thing is nice to have.
afaik nobody has the i2xx series working yet. If you're deadset on using that GB board, just stick a ~20$ nc360t in it until the appropriate drivers are ready.
Unfortunately said NIC is not available locally, and I need a solution ASAP (see OP). The cheapest equivalent @ Microcenter is $156, and that's on top of the ~$250 I've already spent on this new hardware.
-
TL-SG3210 - Ohhhhhh yeah. That will do it. Looks like a nice small switch.
I'm sure you can conquer VLANs in a a hour or two then you will be all set.
-
if you need a new system right away: go old.
8111E's should work fine and were/are on a ton of consumer matx to full atx boards. not pretty, but you could just lay the hardware out on boxes and whatnot just to have it function
Or, find older generation Supermicro/Tyan server boards (Ivy Bridge or older), for which the newest Intel NIC should be the 82574.w.r.t. your current board: you may or may not be able to find an mPCIE ethernet card. it'd be a horribly ugly hack but it could work. they're also painfully rare.
w.r.t. an nc360t: have you tried looking through whatever classifieds are popular locally? the nc360t just seems to be the most popular card I've noticed with the 82571.
-
So, you now have a working more than sufficiently powerful, low wattage pfsense box and will soon have all the WAN and LAN you need via VLAN… Problems solved.
Maybe you can keep and eye on that SSD of yours and post back letting people know how well and reliable it works over the life of your box. Those are very inexpensive SSDs and finding any rating on them is difficult. If it keeps working well for you it might make for a nice cheap option for people in the future.
-
So, you now have a working more than sufficiently powerful, low wattage pfsense box and will soon have all the WAN and LAN you need via VLAN… Problems solved.
Maybe you can keep and eye on that SSD of yours and post back letting people know how well and reliable it works over the life of your box. Those are very inexpensive SSDs and finding any rating on them is difficult. If it keeps working well for you it might make for a nice cheap option for people in the future.
Well the SSD has been running in that box 24/7 since May 2012 (actually, the end of April), and still seems to be doing fine. Here's the SMART status from it:
ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE 12 Power_Cycle_Count 0x0032 100 100 000 Old_age Always - 13 9 Power_On_Hours 0x0032 100 100 000 Old_age Always - 0 194 Temperature_Celsius 0x0007 032 100 000 Pre-fail Always - 0 229 Unknown_Attribute 0x0002 100 000 000 Old_age Always - 589585213484 232 Available_Reservd_Space 0x0002 100 049 000 Old_age Always - 4626505281584 233 Media_Wearout_Indicator 0x0002 100 000 000 Old_age Always - 0 234 Unknown_Attribute 0x0002 100 000 000 Old_age Always - 94489281280 235 Unknown_Attribute 0x0002 100 000 000 Old_age Always - 4127259151(I'm amused that 32C is considered "pre-fail")
-
SMART is pretty worthless for knowing the true health and true remaining life of SSDs. I call SSDs either working or not and pretty much ignore the smart reports. That switch is also pretty much unrated but seems like it will be very nice. Thats something else you might make posts about once you get its VLANs configured and get the pfsense VLANs working with it. Its a solid looking piece of hardware.
I'm running one of these in my old home box:
=== START OF INFORMATION SECTION ===
Device Model: SAMSUNG MCCOE64G5MPP-0VA
Serial Number: SE816A2746SMART Attributes Data Structure revision number: 1
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE
9 Power_On_Hours 0x0032 097 097 000 Old_age Always - 10711
12 Power_Cycle_Count 0x0032 097 097 000 Old_age Always - 2045
175 Program_Fail_Count_Chip 0x0032 100 100 011 Old_age Always - 0
176 Erase_Fail_Count_Chip 0x0032 100 100 011 Old_age Always - 0
177 Wear_Leveling_Count 0x0013 099 099 023 Pre-fail Always - 15
178 Used_Rsvd_Blk_Cnt_Chip 0x0013 087 087 011 Pre-fail Always - 21
179 Used_Rsvd_Blk_Cnt_Tot 0x0013 094 094 010 Pre-fail Always - 315
180 Unused_Rsvd_Blk_Cnt_Tot 0x0013 094 094 010 Pre-fail Always - 4901
181 Program_Fail_Cnt_Total 0x0032 100 100 010 Old_age Always - 0
182 Erase_Fail_Count_Total 0x0032 100 100 010 Old_age Always - 0
183 Runtime_Bad_Block 0x0013 100 100 010 Pre-fail Always - 0
187 Reported_Uncorrect 0x0033 099 099 000 Pre-fail Always - 4
195 Hardware_ECC_Recovered 0x001a 199 199 000 Old_age Always - 4
198 Offline_Uncorrectable 0x0030 100 100 000 Old_age Offline - 0
199 UDMA_CRC_Error_Count 0x003e 253 253 000 Old_age Always - 2 -
Hmmm… I found that I might be able to get the GA-H77N-WIFI motherboard... which would allow me to avoid the hassle of returning the CPU (the part I fear most about returning this hardware) -- it has dual Realtek GigE ethernet.
My only concerns with this would be whether the chipset is supported, and also I've heard some people pan Realtek around here -- I know they're not Intel, but are they really that bad?
-
GA-H77N-WIFI will work with 2.1 but I think the wifi will not. That board has been tried out here before. I spent some time in a thread with a different guy with that board. All running except the wifi if I remember correctly.
-
Running Nano on that SSD it should last forever.
That switch seems expensive compared with, say, this: http://www.newegg.com/Product/Product.aspx?Item=N82E16833122397 which would also do the job. That Netgear might be more difficult to setup though, it requires a Windows only setup program. This one doesn't though and many people are using it: http://www.newegg.com/Product/Product.aspx?Item=N82E16833122381
However if that's available today and others aren't it should be fine.
Steve
-
I got the distinct impression that speed of purchase and functionality mattered more than cost to this guy. Thats why I didn't get into the price bit. I don't know though. The TL-SG3210 is advertising alot of function for a sorta not too high price. I'm interested to see how he rates it if he gets it.
-
Hmmm… I found that I might be able to get the GA-H77N-WIFI motherboard... which would allow me to avoid the hassle of returning the CPU (the part I fear most about returning this hardware) -- it has dual Realtek GigE ethernet.
My only concerns with this would be whether the chipset is supported, and also I've heard some people pan Realtek around here -- I know they're not Intel, but are they really that bad?
that board will work. no clue about the wifi, I've always ignored pfsense's wifi capabilities.
Realtek NICs are bad in the sense that you're unlikely to get the "full" throughput available to you from the GigE spec and tend to have higher CPU utilization vs Intel NICs. -
Holly crap its almost as if I already just said that… Good god.
-
Thanks for the feedback everyone! I will be taking the hardware back to Microcenter tonight; they have the switch in stock so it shouldn't be too painful to do an exchange – it looks like their return policy is fairly liberal and the only note about CPUs is that they have a shorter return period.
As much as I want to build a new box (I enjoy putting together new computers, and haven't done so in a while), the significant cost savings of slapping in a managed switch vs. building a whole new box can't be overlooked. There's also the time savings (more critical at this point) of being able to drop in something that's almost guaranteed to work and doing a little configuration vs. building another box, setting up pfSense, copying the configuration over, and tweaking/tuning until things work right.
One side note: I assume throughput in this setup is (theoretically) restricted, since both WAN and LAN traffic share the same port on the pfSense box? 99.999% of the time this won't be a problem since the WAN is only 50mbit (100mbit if we upgrade our connection), but just want to make sure I understand the limitations.
-
Correct, all the traffic has to share the one NIC. However most of the time that isn't an issue since if you are downloading a large file, for example, that traffic comes in via the WAN and goes out via the LAN. The NIC should be capable of 1Gbps full duplex, in and out simultaneously. You do have some return traffic but at a much lower level. This will never be an issue for you since an Atom can't get close to saturating a Gigabit link anyway.
Steve
-
Correct, all the traffic has to share the one NIC. However most of the time that isn't an issue since if you are downloading a large file, for example, that traffic comes in via the WAN and goes out via the LAN. The NIC should be capable of 1Gbps full duplex, in and out simultaneously. You do have some return traffic but at a much lower level. This will never be an issue for you since an Atom can't get close to saturating a Gigabit link anyway.
Steve
Hah, good to know >_<
What sort of max throughput should I expect from the Atom (D525)? If it can keep an upgraded 100mbit WAN link saturated, or nearly so, I'll be happy for a year or two more :)
-
~550Mbps. It can vary depending on your NIC. Packages slow that down of course.
Steve
-
The only package I have installed is File Manager, so that shouldn't significantly affect throughput, right? I assume the packages that have a higher impact on throughput would be ones that interactively manage traffic e.g. Squid?
550Mbps should be fine for my needs for the next 2-3 years… and by that time there will be better, cheaper solutions that I can build when I have time to research the hardware (and subsequently employ hardware that can handle my throughput needs).
EDIT: Apologies, my system actually seems to have a D425, not a D525. Does this significantly impact my throughput, or am I still safely above the 400mbit mark?
-
Ok, you really need to do better research before buying…
After doing some brief research on hardware while I was at work today, I settled on the Gigabyte GA-Z87N-WIFI
Staring intently at the motherboard, I found the Atheros chip, marked "8161-8L3A" – this seems to indicate the AR8161 chipset. I have also found what I believe to be the Intel chip, marked "WG1217V" -- a Google reveals many non-English pages that have just enough Latin characters to suggest that this is indeed the Intel ethernet chipset. Is there any way to get drivers for this beast, or should I just accept defeat, pack everything back up, and get a "canned" router?All Haswell boards with intel nics come with i21x, this is still not supported in 2.1.
Ivy/Sandy bridge boards with intel will have either 82574L, 82579V and/or 82579LM which will work.The atheros is not supported. When people say "buy atheros" they are talking about WLAN, and it really only applies to old PCI chipsets. Until 2.1 zero pci express (aka minicard) were supported, and even now my 9280 which is the first (oldest) one they made isn't quite right still. N isn't supported either, don't even think about AC.
To be perfectly honest, pfsense sucks at wifi because the drivers are way too old and freebsd isn't the greatest at wifi to begin with. Get a nice and/or cheap standalone access point (aka consumer router flashed with better firmware from your choice of _wrt distros) and hang it off another interface.
Hmmm… I found that I might be able to get the GA-H77N-WIFI motherboard... which would allow me to avoid the hassle of returning the CPU (the part I fear most about returning this hardware) -- it has dual Realtek GigE ethernet.
My only concerns with this would be whether the chipset is supported, and also I've heard some people pan Realtek around here -- I know they're not Intel, but are they really that bad?
That is a different socket (1155 sandy/ivy vs 1150 haswell), you will need a different CPU. Realtek does suck, and that board might even have the E/F/G or whatever revision isn't supported in 2.1 yet anyways.
Pretty much all your problems would be solved with a cheap 1155 board (like one of those $50 microcenter itx), the $35 celeron and a dual/quad intel nic off fleabay and some $20 router. Don't try to get it all onboard, it doesn't exist.
Don't put trust a single port w/ vlan switch to keep your internet and lan apart.
