onboard 4 port NIC, secure for PFsense use?



  • Hi,

    I just ordered a supermicro Atom C3758 motherboard with 4 NIC's, and I plan to run xcp-ng or similar on it.
    but since the 4 NIC ports is onboard, they are probably the "same card".
    So is it actually secure to try and split it up, 1 for WAN, 1 for LAN (Router on a stick) and 2 for VM's
    or would it be better to add a PCI card 1 port NIC for WAN, and adding that PCI card to PFsense only?



  • security is relative,
    in this case i would think about performance more than security.
    it depends on how critical your network is.
    i think a lot of people here are using pfsense as a VM.
    so i think it's secure for most cases.


  • LAYER 8 Global Moderator

    Is your question about 4 port nics? And isolation of traffic? Since they are onboard? I have a sg4860 with 6 on board nics.. So should I be concerned?

    Maybe I am not understanding the question??



  • @Abdrouf4995 why would you be more concerned about performance, should I expect a huge drop in performance when running in VM?



  • @johnpoz I mean if virtualized.



  • no, as I said it's depend on how critical your network is. and how much traffic on your network.
    I'm just saying in the case of vm is more about performance rather than security.
    i mean it's not like physical but if everything is working normally in your pfsense vm you don't need to be concerned.
    for example if your other vms are on high cpu usage. that might effect your pfsense IF your host can't handle the load. but if your host is powerful enough you should be fine.
    pfsense don't need that much power anyway.
    i ran it as vm on my laptop for testing before and it worked fine, but i didn't have a busy network.
    less than 100mbs traffic.


  • LAYER 8 Global Moderator

    Thee are 1000s if not 10's of thousands of deployments on all kinds of VM... I ran it for many years as vm myself.. No there is no concerns with it as a vm vs physical... As long as setup correctly.



  • Thanks for taking your time, appreciate the help.


Log in to reply