PfSense with Gigabyte GA-J1900N-D3V
-
Do you guys know any solution, beside adding PCI card, i dont have enough space
If there is no space how you want to add a card then? Startech are producing PCI and PCIe expander
cases perhaps this would then a choice for you. -
@BlueKobold:
Do you guys know any solution, beside adding PCI card, i dont have enough space
If there is no space how you want to add a card then? Startech are producing PCI and PCIe expander
cases perhaps this would then a choice for you.I don't. I was thinking about some config tweaks. Many people had this issue. Im wondering if anybody was able to solve this problem.
-
Where were you measuring that CPU usage? The figure on the dashboard combines all the cores. You need to use the command line to see the individual core usage:
top -SH
You will probably find one core is at 100%.
Steve
-
Does pfsense not use all the Cores?
-
top-SH show two of the four cores at 100% idle during the transfer. The other two cores bounce around form 20% to 80% idle during the transfer. So the average would be 75% idle, or 25% usage. seeing how i am not able to nail down the numbers on the working cores I think the dashboard lower 30's% is fairly accurate. Am i missing something? Does pfSense use all cores?
-
With the CPU being at 33% as well on the router I am thinking the Realtek NICs in the router.
The realtek NICs can be it, but this is not a must be!
I don't. I was thinking about some config tweaks.
Like the most peoples are thinking. If you owns a mSATA or SSD you could try out to activate
the TRIM support and if you owns a CPU that is capable of TurboBoost mode, you could try out
also setting up or activate the PowerD (highadaptive) mode. But if you go by NanoBSD and owns
a mSATA or SSD it would be better to do a full install.Many people had this issue
.
There is no issue! Your switch is only faster then your router not more but also not less!Im wondering if anybody was able to solve this problem.
Which Problem? Let us both imagine you owns two Intel Core i7 CPUs PCs and using iPerf through the
pfSense router the you will see other numbers and if your pfSense is based on a SG-8860 from the
pfSense store I am really sure you will see once more again other numbers!The test your where doing, is comparing your pfSense router (Layer3) against your switch (Layer2)
and this would be not matching any real life scenario!Does pfsense not use all the Cores?
This is even a bit more or less changing at the moment, in earlier days pfSense was only using one CPU
core at the WAN interface but more CPU core for the rest of the entire system. But the developers got
even many more skills and then this thing will be during a change at the time.But on the other hand it will not change anything for you. If you go by hardware fiddled together by
your own and then the pfSense is not serving the same numbers as your switch this is not pointed to
pfSense, then more at the switch you compared to! If you are using a Intel Xeon E3-1286v3 @3,7GHz
and Intel 10 GBit/s server NICs you will archive total other numbers for sure and then it is not relevant
how many cores was in the game but more from which CPU and on which frequency it was running on. -
Exactly.
In pfSense <2.2X the pf process was giant locked and only ever used a single core so machines with fewer but faster cores were preferred if raw throughput was the aim. Since 2.2 the new multithread capable pf in FreeBSD 10 means this is less of an issue but it still won't spread the load evenly across all the cores. You can't just use the dashboard CPU meter when you start hitting limits.
That said you aren't seeing any cores at 100% so I would also start to suspect the Realtek NICs.Steve
-
Well my pico psu died so i had to wait until they shipped me another. I have the system backup since Friday night. I put windows on it and ran a series of test over a two day period. (memtest, prime95, etc) Everything seems fine. I got pfSense back on it today.
I was doing some surfing and read about the checksum offloading. I have that disabled now and my performance went up and CPU utilization went down. I can now copy files across the router at 89MB, both ways, with only 26% CPU utilization (dash board meter). That's still slower than without the router by about 24MB but better than the shaky 80MB i was getting before disabling the checksum offloading. I will try some other stuff/tweaks but if it does not get any faster than that, and not loose stability, I can live with it.
I have plans to order another and will set it up next to the one I just finished. I will then do VPN between the two and see what I get for performance there. I hope to make another post with findings in the next few weeks.
BTW Thinking of getting the other router with Intel NIC's so I can compare the difference there as well. Will still use the J1900 2.4GHz though. This seems like a really low power, robust little CPU.
Thanks!
-
So for grins I grabbed a PC from my sons room. Its a AMD 6 core 4.0Ghz CPU with a built in Realtek. I pulled a TPLink card from My NAS i am not using at the moment (It is using the on board Qualcom) and stuck it in the PC to get dual ethernet. I also stuck a WD SATA 3 10,000 RPM drive i have laying around in the PC so i could do a fresh install of pfSense without using the SSD in the PC. I ran the same copy test and got 113MB through the router, same speed i get not using a router and just going through a switch. This PC shows two realtek 8168/8111 cards, just like my mini ITX machine that I am getting just under 90MB from. I used same switch and cables in this test.
The PC did not even max out a single core, and never touched the other 5. The mini ITX bumps 100% on one core while a second core also get used. The other 2 cores see no action.
My conclusion so far is pfSense does not do a good job with multi cores. How sad in this day and age of muti core CPU's that BSD has such a problem. A quad core 2.0 with 2.4 boost is not able to max a 1Gb connection.
With Windows 7 on this same Mini ITX I was able to get over 112MB on the transfer.
So again, its not my hardware, but a limitation of the OS to not use all my hardware.
-
I dropped Centos 6.7 with KVM on the mini ITX. Installed pfSense guest using the virtio Intel n1000 drivers. As others reported I get double the CPU usage and half the bandwidth. I guess if i want true 1Gb bandwidth I will have to go with a system using something like an i3 Dual Core 3.4Ghz.
For now i may just turn the mini ITX into a Session Border Controller so I have something new to play with :D
-
i ordererd this Gigabyte GA-J1900N-D3V 2 Weeks ago which came already with F3 Bios.
Everything worked (Sophos, IPFire, VYos etc) . Couldn´t install on my 128gb Crucial SSD Pfsense. During formatting process it showed me Read Error etc. so i thought my SSD got problems but everything else worked.
Yesterday i finally got pfsense on it setting Bios F4 to Storage UEFI First and the rest to Legacy. CSM to Legacy and Uefi and after that PFsense would install flawlessly without a hitch.
ah, i used the 64bit Version of PFsense.
-
hopefully this update this board with:
1)intel nics
- n3150 or n3700 braswell cpus @ 14nm as they use less power and have aes-ni
-
hopefully this update this board with:
1)intel nics
- n3150 or n3700 braswell cpus @ 14nm as they use less power and have aes-ni
I think it will need more CPU for a solid 1Gb solutions though
-
I'm also having the problem (bug?) where the GA-J1900N-D3V will not pull a DHCP address from my modem (AT&T's 2WIRE 3600HGV). No matter what I've tried, including forcing each the NIC and the modem to various modes of duplex/flow control/MDIX/whatever, inserting a gigabit switch between the modem and NIC, forcing MAC addresses, tweaking DHCP timeouts, etc., it wouldn't budge. After three+ hours, I finally disabled re0, inserted a USB gigabit NIC (Anker Gigabit USB 3.0), and was up in less than 60 seconds. At this point, I'm not even concerned about performance – it's working, and that's all that I care about right now. Funny, the whole point of me choosing this board was because of the dual NICs. Oh well.
If anyone tracks down a solution to this problem, I'd love to hear about it. Thanks!
-
I'm also having the problem (bug?) where the GA-J1900N-D3V will not pull a DHCP address from my modem (AT&T's 2WIRE 3600HGV).
This is not a plain modem, it is a router! Please read what AT&T is writing about by it selfs;
Designed for a home network, the 2wire 3600HGV 4-port router is ideal for delivering….If anyone tracks down a solution to this problem, I'd love to hear about it. Thanks!
Yo, this would be really easily, you must set up a static IP at the WAN Interface or Port of the pfSense
and this must be a IP address from the entire IP address range from the router, but static and not via
DHCP given from the AT&T router. As an example:
2WIRE 3600HGV:
Network:192.168.1.0/24 (255.255.255.0)
IP Address of the home router: 192.168.1.1/24
DNS 1: ISPs DNS
DNS 2: Google 8.8.8.8
DHCP: offIf the DHCP Server must be on:
DHCP IP Range: 192.168.1.2 - 192.168.1.100pfSense WAN Port:
IP Address: 192.168.1.250/24 (static)
DNS: 192.168.1.1/24pfSense Gateway IP:
Network: 192.168.178.1.0/24 (255.255.255.0)
LAN IP Address: 192.168.178.1/24
Gateway IP Address: 192.168.1.250
DNS: 192.168.1.250/24 -
@BlueKobold:
This is not a plain modem, it is a router!
You are quite correct, and if I had a choice in equipment, this would be the last device I'd pick. However, I don't, and switching ISPs is not an option at this time. Still, this Gigabyte board replaces another which was running pfSense and pulling an IP successfully, so I wasn't expecting significantly different behavior – at least not with something so common as obtaining a DHCP lease!
Yo, this would be really easily, you must set up a static IP at the WAN Interface …
I do appreciate you taking the time to post these instructions, but there's a fairly common setup to approximate a bridge mode, and it was working perfectly well for 2+ years with my previous pfSense installs. The designated device behind the router (i.e. the pfSense box) is issued the public IP of the router, via DHCP, and is placed in the DMZ (of sorts). I don't want to derail the thread with the specifics, so here's the bottom line: the "bridge mode" setup worked fine with two previous pfSense boxes, and it works fine with the USB NIC I'm now using instead of re0.
I'm thinking this is either a bug with pfSense, or with the FreeBSD NIC driver. My next step is to capture some packets for inspection to see what's really going on.
-
I've had this board for 3 months and the experience has not been good.
My ISP provides internet, VOIP and IPTV using VLAN's. Internet access use PPPoE. pfSense would lose the IP address after 3-4 days and the only way to get the connection back was to reboot - a simple disconnect/connect or ifdown ifup didnt' work. Also snort would stop working on the WAN interface.
Finally, I used an old intel desktop gigabit PCI card for the WAN interface and all of the problems disappeared, I have now been running for 1 month with no problems.
So, at least in the case where you need PPPoE I would be wary of using this board.
-
A follow-up to my problem pulling a DHCP address from a 2WIRE 3600HGV (via AT&T's U-Verse): I was trying to spoof a MAC address on the WAN-assigned NIC. That's what prevented the pfSense box from getting an IP via DHCP. Once I removed the forced MAC, DHCP worked as expected. Perhaps a bug in the Realtek driver? FWIW, the ASIX AX88179-based gigabit USB 3.0 adapter worked great (it was my interim solution), able to push at least 30mbps (limited by speed of ISP). It might be worth looking closer at these USB NICs.
-
I've had my Gigabyte J1900 running since March and has been rock solid (after the bios update juggling).
Swapping my main switch, creating a couple of new VLAN to segment my christmas lights network, and network down.
Port light on switch not lit, even through PFsense reporting link up. Anyway 4hrs later, also confirmed that the primary NIC on the mobo is not responding. (Resurrected gigabit USB2 NIC) and getting 70-80Mbps from my 105Mbps ISP.
So out of warranty what do I replace it with?
Memory, SSD mini-itx case/psu all okay.
I was thinking one of the n3150 or n3700 braswell's maybe the Zbox-CI323 nano (dual-NIC), or better off just replacing with another J1900?
I'm not needing high performance or ultra-low power, just average average connecting to 110Mbps ISP three home vlans and a couple of openvpn connections
Regards
-
If I was going to do it again, I'd probably go with something that had integrated Intel NICs. I don't know if Realtek NICs are inherently inferior to Intel's, or if it's that the drivers aren't as fully featured or reliable, but it's rare that you hear of folks having issues with Intel NICs. If you're okay w/ Realtek, then perhaps you're also okay with a USB NIC as a permanent solution – as long as the throughput is there. So why not give a USB 3.0 adapter (e.g. ASIX AX88179) a shot? At under $20/ea, it could be a cheap fix.