First pfsense build, recommended dual-quad NIC?
-
Looking at building a pfsnese box to replace my aged Netscreen-25. I have an Intel Atom 525 box, but I need at least three zones, so I'm wanting to add a dual or quad NIC to the setup. Requirements are that it be low profile & PCIe.
-
PRO/1000 - oldest, cheapest, highest power consumption, no virtualization
i340 - newer, cheap, lowest power consumption, virtualization
i350v2 - newest, most expensive, low power consumption, most virtualization
Buy whichever you choose off eBay as a used server pull. You can also get knockoffs from China that will work.
I recommend the i340-t4 as it is the best compromise IMO.
You can also get a two port and a switch that supports VLANs, TPlink makes one for like $25.
-
-
-
Requirements are that it be low profile & PCIe.
Intel 1000/Pro PT dual or quad port adapter is one of them most used NICs, it is using the (em) driver
and it is also able to get a low profile and with low profile brackets too. Please be aware of the used
server pulled IBM NICs! This cards are not all fully supported, some of them are needing to flash
the original Intel Firmware on the NIC before they will nice play together with pfSense. -
@BlueKobold:
Requirements are that it be low profile & PCIe.
Intel 1000/Pro PT dual or quad port adapter is one of them most used NICs, it is using the (em) driver
and it is also able to get a low profile and with low profile brackets too. Please be aware of the used
server pulled IBM NICs! This cards are not all fully supported, some of them are needing to flash
the original Intel Firmware on the NIC before they will nice play together with pfSense.I'm running an IBM intel i340-T4 quad card, what are the symptoms?
-
They work just fine.
-
PRO/1000 - oldest, cheapest, highest power consumption, no virtualization
Even the oldest PCIe Intel NICs are quite capable of working in a hypervisor (a virtualization host). Just to be clear. The newer ones have some extra features that can be useful when used with a hypervisor, but those have no bearing when running pfSense directly on the hardware.
The difference in power consumption between the older and newer hardware is real, but it's only a few watts. That can matter to some, and be inconsequential to others. Don't be afraid of the PRO/1000 or its Dell or HP or IBM implementations in a pfSense build.
-
I'm running an IBM intel i340-T4 quad card, what are the symptoms?
There where one talk to one of the staff members, stephenw or jimp or gonzopancho or jwt, I am not finding it back now so fast
to kink to that discussion, but there where a customer that bought a IBM branded Intel NIC, and IBM was putting their own firmware
image on that NIC and it was producing even the same instability and the user was getting out errors that cant be resolved away. And the end of that story was that one of the staff members said that he only can try out to put the original Intel firmware back on that NIC to get rid of the problem, but he wasnt able to realize this and must change the entire NIC then! So I personally would
be aware of rebranded NICs that comes with its own firmware flashed on, to get not into the same trouble, not more but
not less I was talking about. -
The IBM rebranded NICs work great.
Plenty of people are using them in pfSense, myself included without issue.
I didn't know that you could still virtualize the PRO/1000, that's good to know!
-
Thanks all. Found a Soekris net5501 in the back of my closet I think I'm going to use to try out pfsense to make sure it's for me before investing in any more hardware.
-
Thanks all. Found a Soekris net5501 in the back of my closet I think I'm going to use to try out pfsense to make sure it's for me before investing in any more hardware.
If this device will be going in a real usage and you also try to use it for VPN setups, you can speed up the IPsec from ~14 MBit/s
to ~42 MBit/s of throughput by attaching a small Soekris VPN1411 miniPCI card. (Only if needed or you are interested on that!)
Soekris vpn1411 -
@BlueKobold:
Thanks all. Found a Soekris net5501 in the back of my closet I think I'm going to use to try out pfsense to make sure it's for me before investing in any more hardware.
If this device will be going in a real usage and you also try to use it for VPN setups, you can speed up the IPsec from ~14 MBit/s
to ~42 MBit/s of throughput by attaching a small Soekris VPN1411 miniPCI card. (Only if needed or you are interested on that!)
Soekris vpn1411Nifty, thanks for the link.