Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Intel Quad NIC not working in pfsense 2.1

    Scheduled Pinned Locked Moved Hardware
    39 Posts 17 Posters 18.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      razzfazz
      last edited by

      @Aluminum:

      I've notice some people on the pfsense forums seem to be rather casual about mixing vlans n' wans…don't cross the streams :)
      I personally consider it about as smart and valid as harry homeowner's DIY home improvement that uses the neutral wire as a ground because "everything still works".

      I suppose I would be one of those people. Unless your switch is either misconfigured or broken, there is nothing particularly "hacky" or dangerous about this; frames don't just spontaneously jump from one VLAN to another.

      1 Reply Last reply Reply Quote 0
      • L
        littlebi
        last edited by

        Hi people,
        I have a similar problem with quad nic, rather than being a very new one I got a hold of a good old quad nic from SUN Microsystems. I installed it on a Pentium 4 machine, installed openBSD on the machine and everything went beautifully well.
        Then I only swaped the IDE harddrive with an empty one and installed pfsense on it.
        Booting pfsense from the CDROM went good, cards where detected and I was able to configure them. So I installed pfsense and rebooted. After a minute or 2 all nics of the quad nic card are going up and down. CPU usage went to 99%.
        From my point of view, this is some kind of Software bug at pfsense.

        So if someone from the development team could help me here would be great.

        Thanks in advance.

        1 Reply Last reply Reply Quote 0
        • A
          Aluminum
          last edited by

          @razzfazz:

          @Aluminum:

          I've notice some people on the pfsense forums seem to be rather casual about mixing vlans n' wans…don't cross the streams :)
          I personally consider it about as smart and valid as harry homeowner's DIY home improvement that uses the neutral wire as a ground because "everything still works".

          I suppose I would be one of those people. Unless your switch is either misconfigured or broken, there is nothing particularly "hacky" or dangerous about this; frames don't just spontaneously jump from one VLAN to another.

          My definition of broken is similar to the mindset of the National Electric code, it worries about design flaws that Harry Homeowner's neutra-ground does not.

          A lot of switches are running their own OS that you have no insight into. Some might even meet my definition of broken on purpose, in which case putting them on the wide open internet is a Bad Idea™. (his WAN caveat is moot if you treat it like just another LAN)

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            The biggest worry for me using vlans for wan-lan separation is what happens if your switch loses its config for some reason? Does if go back to the defaults? Will that bridge wan and lan?
            I've never seen a switch do that but my experience is limited.

            Steve

            1 Reply Last reply Reply Quote 0
            • jimpJ
              jimp Rebel Alliance Developer Netgate
              last edited by

              If you have a switch using VLANs only for WANs and a separate switch for just the LANs, it would be better.

              VLANs are not a true security isolation mechanism because there are still some theoretical (but not practical lately) attacks to hop between VLANs. But if you treat your WANs as the hostile wastelands they are then if someone hopped from WAN1 to WAN2 they wouldn't have gained anything. I'd have to check but last I heard it had been quite some time since the last VLAN hopping bug/firmware in a mainstream switch.

              I'd be more worried about local attacks where the attacker can actually be on the same layer 2.

              That said, for most it's "good enough", though not ideal.

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • A
                Aluminum
                last edited by

                I fixed your post ;)

                I'd have to check but last I heard it had been quite some time since the last known VLAN hopping bug/firmware/backdoor in closed source firmware ultimately in full control of network traffic.

                I can't be alone in choosing mostly verifiable software like pfsense to keep evil networks separate from ones I own because the commercial market has continued to fail us. That it happens to often be cheaper to use and more powerful in the right hands is pure icing on the cake.
                If you're going through the trouble to run pfsense over an off the shelf black box and then throw something in front of it that defeats one of the main benefits in the first place, why bother at all?

                That said, for most it's "good enough", though not ideal.

                "Good enough" electrical wiring burns down houses and gets insurance claims denied, I can't in good conscience recommend or condone the same in the IT world just because our voltages are lower and the "fires" do virtual damage instead :)

                Ok I digress,

                Edit: I just remembered that I updated the ROM on the card. I used UEFI, since I wasn't sure what to choose. Does that matter at all? Should I choose PXE instead?

                Yeah try the PXE option, can't hurt.

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by

                  Time for a switch with open source firmware?

                  Steve

                  1 Reply Last reply Reply Quote 0
                  • A
                    Aluminum
                    last edited by

                    @stephenw10:

                    Time for a switch with open source firmware?

                    Steve

                    Thats actually starting to become a possible option at the high end, if you need 10/40GbE and got some cash to burn :)

                    1 Reply Last reply Reply Quote 0
                    • T
                      TommyL
                      last edited by

                      Okay, I just forked up $124 for a new mini-itx board…the Gigabyte GA-H61N-USB3. H61 chipset, and PCIe 2.0, instead of 3.0. Card is not recognised  >:(

                      I really dont get why this card is not working on mini-itx boards. I have three other ATX and micro ATX boards in which the card works fine. Is this card not working at all on the mini-itx platform?

                      Regards

                      Tommy

                      1 Reply Last reply Reply Quote 0
                      • L
                        littlebi
                        last edited by

                        Do I understand that you want to use an 1155 Socket board for a firewall solution. Aint that a little overpowered??
                        Why don't you use something like an Intel D2500CCE Atom Mini-ITX Mainboard. It basically has everything that you need for a firewall solution.

                        1 Reply Last reply Reply Quote 0
                        • DerelictD
                          Derelict LAYER 8 Netgate
                          last edited by

                          @littlebi:

                          Do I understand that you want to use an 1155 Socket board for a firewall solution. Aint that a little overpowered??
                          Why don't you use something like an Intel D2500CCE Atom Mini-ITX Mainboard. It basically has everything that you need for a firewall solution.

                          Lose two serial ports and DVI and gimme more gigabitz.

                          Chattanooga, Tennessee, USA
                          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                          Do Not Chat For Help! NO_WAN_EGRESS(TM)

                          1 Reply Last reply Reply Quote 0
                          • T
                            TommyL
                            last edited by

                            @littlebi:

                            Do I understand that you want to use an 1155 Socket board for a firewall solution. Aint that a little overpowered??
                            Why don't you use something like an Intel D2500CCE Atom Mini-ITX Mainboard. It basically has everything that you need for a firewall solution.

                            Yeah, I know, but I always like to have some extra power, and also be a little future proof.

                            And I really HATE to have to give up on something…so now I want it to work more than ever...u know the feeling i'm sure :)

                            1 Reply Last reply Reply Quote 0
                            • L
                              littlebi
                              last edited by

                              I'm pretty sure about it, but IF it is home use, and you use a motherboard that has a slot has a pci Express X16 slot that could run a nice graphic card for gaming is a waste. If that slot would have been a pci slot then I COULD understand. But this is way too overpowered.
                              It is as if you use a tank to squash the fly.

                              And this is no criticism, I do understand what you are saying very well. But you will NEVER meet the full computational requirements of the CPU in routing and firewalling.

                              1 Reply Last reply Reply Quote 0
                              • stephenw10S
                                stephenw10 Netgate Administrator
                                last edited by

                                @littlebi:

                                Do I understand that you want to use an 1155 Socket board for a firewall solution. Aint that a little overpowered??

                                Not necessarily at all.
                                There are many, many CPUs that can fit a socket 1155 motherboard from the most basic G1610 Celeron right up to a screaming quad core i7. That gives you a lot of flexibility and upgradability.
                                The Atom CPUs are great but there are plenty of scenarios where you will run of CPU power quickly. It's unlikely you'll more need more for a home broadband connection (unless you have Google fibre!) if you're using just firewall and NAT. If you need to run a VPN you may well have more WAN bandwidth than you can use. If you have several internal interfaces your traffic between them will be limited below gigabit wire speed.

                                Steve

                                1 Reply Last reply Reply Quote 0
                                • L
                                  littlebi
                                  last edited by

                                  I totally agree but look at the board, case principle of a firewall is to filter traffic on one interface and let  it out on the other. This board has only 1 interface and no possibility to add another one. So how is it going to be usefull still stephenw10?

                                  1 Reply Last reply Reply Quote 0
                                  • stephenw10S
                                    stephenw10 Netgate Administrator
                                    last edited by

                                    It has a PCIe slot in which the subject of this thread, a quad port NIC, was intended to go. 5 interfaces total. Could also use VLAN  interfaces as well. Seems reasonable to me. The fact that the NIC didn't work is unfortunate.  ::)

                                    Steve

                                    1 Reply Last reply Reply Quote 0
                                    • P
                                      pftdm007
                                      last edited by

                                      To the OP:  have you got the quad port (39y6138) working with pfsense 2.1 yet???

                                      Looking to get one on fleebay but I found this thread before I bought the controller so i'd like to know if it works..

                                      Cheers!

                                      1 Reply Last reply Reply Quote 0
                                      • T
                                        TommyL
                                        last edited by

                                        Oh yes, its working great. But not on any of the three lga1155 boards I have tested it on..its not recognised by the boards. But it's currently running perfectly fine on an older lga755 board.

                                        1 Reply Last reply Reply Quote 0
                                        • D
                                          Darkk
                                          last edited by

                                          @TommyL:

                                          Oh yes, its working great. But not on any of the three lga1155 boards I have tested it on..its not recognised by the boards. But it's currently running perfectly fine on an older lga755 board.

                                          It's been mentioned that newer motherboards with UEFI may be the cause for it.

                                          1 Reply Last reply Reply Quote 0
                                          • T
                                            TommyL
                                            last edited by

                                            But one of the lga1155 boards, a Gigabyte z68x-ud3h-b3, did not have an UEFI bios…and still wouldn't recognise it...

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.