Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Need advice for my home setup and hardware

    Scheduled Pinned Locked Moved Hardware
    3 Posts 2 Posters 859 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pldelisle
      last edited by

      Hi all,

      I need some advice for running pfSense on my current home setup. I have a setup quite unusual for home, though.

      I want to do IPS/IDS, Firewalling, traffic shaping, DHCP server, and VPN with pfSense.

      I’ve included my network topology as attachment.

      Currently, I have a Cisco 2821 router facing the internet. I only do port forwarding with it, nothing fancy and I'm using it because a friend give it to me for free. My Cisco 2960S 24-port switch is configured as a router (Layer 3 switch) and do static routing between VLANs at wire speed. So my MacBook (in VLAN 3) can access my Synology DS1513+ NAS (in VLAN 2) at full 1Gbps speed. The Synology is doing nothing more than a file server and backup.

      I only have one server (but it’s quite important and running a couple of Web services through Docker containers and KVM VMs. Need a RHEL host to get access to the GPU sometimes. Nothing too big). I would like to run pfSense in a KVM VM too.

      1. Would it be possible for this VM, running on my Red Hat host, to run pfSense and do the services I mentioned before without necessarily buying a dedicated machine? Currently I have a 30 mbps down/10 mbps up, but I plan to make 1 Gbps down/50 mbps up in near future.

      2. Is this a good network design?

      I’m relatively new to firewall experiments… Did Cisco CCNA a long time ago before doing software engineering, but never really experienced pfSense, and the last time I did network design was 4 years ago!  :(

      Thanks a lot for your suggestions!
      Topology.png
      Topology.png_thumb

      1 Reply Last reply Reply Quote 0
      • P
        pldelisle
        last edited by

        Or maybe I could only add an Intel Quad port i350 board to my actual « server » for 80$ CAD on eBay? I know these are made in China… are these boards as good as the genuine ones? I saw this one : https://m.ebay.ca/itm/NEW-Intel-OEM-I350T4V2BLK-Ethernet-Server-Adapter-Gigabi-4-Port-RJ45-PCI-Express/112400469306?hash=item1a2b970d3a%3Ag%3ANHEAAOSwhvFZEIBT&_trkparms=pageci%253Ac93c5ec4-bf5d-11e7-9cb7-74dbd180c6f4%257Cparentrq%253A79f372db15f0abc3205af244fffffdf2%257Ciid%253A1

        Thanks for your comments!

        1 Reply Last reply Reply Quote 0
        • K
          Knight
          last edited by

          Hi!

          @pldelisle:

          Or maybe I could only add an Intel Quad port i350 board to my actual « server » for 80$ CAD on eBay? I know these are made in China… are these boards as good as the genuine ones? I saw this one

          Some people say that they are, most I believe say that they are not and that the parts and design are of lesser quality.

          The card you posted is definitely meant to deceive…

          While the main chip is quite likely a real Intel chip (because Intel sells them to third parties), the Delta chips are clearly fake. Delta is supposed to be embossed, not printed like it is on the one you posted.

          What I would try to get if I were you would be an HP, IBM or other OEM version of an I340 or I350, preferably new and hopefully from a Canadian (which I assume you are since you used an ebay.ca link) or US seller.

          If the card is a real one it should look nearly identical to a real Intel card with some possible substitutions.

          I have both a know real Intel I340-T4 bought full price and from a known legit place and its HP version bought off eBay…

          They essentially look the same with some subtle differences.

          The Delta chips on both are embossed which is a good sign.

          A thread on servethehome (https://forums.servethehome.com/index.php?threads/comparison-intel-i350-t4-genuine-vs-fake.6917/) suggested some of the differences between my cards  were a sign of a counterfeit card but I do not fully agree with they said. They were of course comparing I350s together and I am comparing I340s but I don't believe it makes much difference.

          The clock crystal is different. The known real Intel has a TXC like servethehome said a real Intel card has but my HP version has a branded clock crystal from a known Intel supplier. I believe what is important here is to have a branded clock crystal (not a no name like the counterfeit cards) preferably from a known Intel supplier.

          The inductors are also different between both card but this were things get funny…

          My known real Intel card has the inductors they say are fake while my HP version of the same card has the ones they say are OK…

          I don't think you should say that a card is a counterfeit solely because less important components (like the clock crystal and inductors) are different, Intel uses different suppliers for some of those parts so they are bound to be different sometimes. You should however always expect to have real embossed Delta chips and things such as clock crystals should be branded, not no name parts…

          Good luck and have a nice day!

          Nick

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.