USB NICs - Which one's work?
-
Hi, I was wondering if members could say which USB NICs are working with pfsense?
I have one which configures o.k with zeroshell bound to PPPoe, but pfsense will not autodetect it.
The strange thing is I can see it getting picked up in the boot screens and if I unplug and replug it I get the line ugen4.4 <realtek>at usbus4 (disconnected)</realtek> so pfsense knows something is there.
It is a clone of something and has no NIC name in its firmware.
-
The only winning move is…not to play.
But seriously, it's pretty hit and miss. And even if it looks like it's working it might really be just waiting to hose on you later.
-
It is hit and miss… Mostly miss. But when it HITS.... Its not hitting all that well.
-
OK so has anybody had a HIT?
I know the feeling is to go PCI, but there's a lot of Atom based laptops around with one NIC that could be doctored with heat pipes, stripping out the fan, Blutooth any other unecesary peripherals to reduce power and an option to switch off the display.
I'm not looking for lightning data speed throughput from a hundred work stations on the LAN side. I'm looking for a SOHO solution with sufficient cpu power at lowest power draw to do encrypted VPN inside the box and a maximum throughput of 60Mb/S to the WAN.
If I look at dedicated router hardware I have to provide the iTX mobo, in many cases a multi voltage AT type PSU, WiFi Master AP, antennae, VGA monitor for setup, try to get power down below 50 watts, then put it all in a nice box and it won't hang on a wall so good as a small Netbook/Laptop.
-
Or get an APU kit for like $180.
-
I was successful with an ASIX AX88178-based USB nic on pfSense, before I switched to a real multi-NIC setup. Now I feel it was useless to swithc to multi-nic, because I upgraded switches to VLAN-capable ones….
-
Yeah - There are lots of instances where you don't have the option of adding a PCIe NIC.
In those cases where you are limited to one NIC, don't buy USB NIC.
Buy cheap 5-port VLAN capable switch!They can be had pretty cheap.
That way it would be like having 1 WAN and 3 LANs
or 2 WANs and 2LANsor - Well, you get it. Its really way better option for you to use a VLAN switch.
That will give you a very flexible pfsense and all the reliable speed you need.http://www.newegg.com/Product/Product.aspx?Item=N82E16833704203&cm_re=vlan_switch--33-704-203--Product
The reason this on is so cheap is because the switch must be managed from a windows computer with a small software install, but thats not a problem unless you don't have a windows computer and I'm sure you do. Every single user rated it highly - USB NICs won't be giving you that feeling.
-
Thanks, VLAN switch is something I hadn't considered. I need to do some study to get my head around them.
But I'm struggling to see how I can do openVPN encryption inside a pc host running pfsense with 1 Ethernet port and without loss of speed. Yes I can see the VLAN switch is a smart fast switch controlling and routing traffic, but this has to be encrypted and sent back to the switch on a single Ethernet port? If that port is buffered/bi-directional doesn't that then become the speed bottleneck?
Where am I coming from as a beginner in all of this? VPN services are getting more take up as users value their data privacy over the internet. Even small network owners are seriously considering it. The problem is whilst installing VPN clients on several machines is an option, there are too many possibilites for the virtual interfaces to fail leaving traffic unencrypted. What VPN users want is a reliable low power router solution with sufficient processing power to handle 128-256 bit encryption, without a serious knockback of speed.
I installed DD-WRT and openVPN with 256 bit encryption on a commercial 600mb/s router and my download speed dropped from 39Mb/s to 16Mb/s! With the same router and openVPN disabled, the download speed only dropped to 37mb/s - all over a local 1gb LAN. O.K it's not the best router, but seems to suggest I need 1-6-1.8ghz cpu to do the job. To be practical the solution has to be a low power small footprint wall mounted laptop or mini pc.
Thanks for your replies and I'm encouraged to spend more time going further.
-
You won't have speed loss because of a vlan switch and one port on pfsense. You will almost surely have speed loss with usb though.
Routing traffic across VPN almost always shows a bandwidth hit. Expect it.
Both ends of the connection need to be equally fast and relatively close to each other to show low latency and high bandwidth. And preferably use UDP for fastest throughput and lowest latency. Don't use TCP unless you find yourself getting blocked.
-
Thanks, VLAN switch is something I hadn't considered. I need to do some study to get my head around them.
But I'm struggling to see how I can do openVPN encryption inside a pc host running pfsense with 1 Ethernet port and without loss of speed. Yes I can see the VLAN switch is a smart fast switch controlling and routing traffic, but this has to be encrypted and sent back to the switch on a single Ethernet port? If that port is buffered/bi-directional doesn't that then become the speed bottleneck?
Where am I coming from as a beginner in all of this? VPN services are getting more take up as users value their data privacy over the internet. Even small network owners are seriously considering it. The problem is whilst installing VPN clients on several machines is an option, there are too many possibilites for the virtual interfaces to fail leaving traffic unencrypted. What VPN users want is a reliable low power router solution with sufficient processing power to handle 128-256 bit encryption, without a serious knockback of speed.
I installed DD-WRT and openVPN with 256 bit encryption on a commercial 600mb/s router and my download speed dropped from 39Mb/s to 16Mb/s! With the same router and openVPN disabled, the download speed only dropped to 37mb/s - all over a local 1gb LAN. O.K it's not the best router, but seems to suggest I need 1-6-1.8ghz cpu to do the job. To be practical the solution has to be a low power small footprint wall mounted laptop or mini pc.
Thanks for your replies and I'm encouraged to spend more time going further.
Yes, hairpin vlanning is not optimal. The point is it's a far sight better than a USB NIC. If you have a gig-e VLAN port you won't notice any degradation or latency.
I say again - an APU kit solves all your problems.
-
Hi, I was wondering if members could say which USB NICs are working with pfsense?
I have one which configures o.k with zeroshell bound to PPPoe, but pfsense will not autodetect it.
The strange thing is I can see it getting picked up in the boot screens and if I unplug and replug it I get the line ugen4.4 <realtek>at usbus4 (disconnected)</realtek> so pfsense knows something is there.
It is a clone of something and has no NIC name in its firmware.
Works fine for me, dont need anything faster as our broadband is not very fast.
http://plugable.com/products/usb2-e100