How Do you Check NIC Interfaces In PFSense/FreeBSD?
-
Greetings All,
Looking to build a pfsense router and installed latest PFSense on it this morning.
h/w: Had a Lenovo ThinkCentre M73 SFF laying around. It has an i5-4570 in it, and I threw in a 128gb SSD and 8gb of DDR3 ram in it.
However I am unable to determine if this card will work with FreeBSD/PFSense.
I ran IFCONFIG and get a bunch of stuff back on it including the dreaded Broadcast running, simplex multicast msg. However Google tells me that simply means the interface is not configured....
I also get re0:, enc0:, lo0:, and pflog0:
Ran some other command I found via google and it did spit back my NIC mfgr, aka Sun.
So am I missing something or will this card work in PFSense?
Any and all help greatly appreciated, since I'd have to log it upstairs with a monitor to plug into modem for further testing..
Or is there some other way to use a laptop and lan cable to do testing for the interfaces?
please advise,
oNe
p.s. if this card is no bueno or if its too much work, I dont mind paying for a new one if it will save me time and headaches, but which exact one should I look for on ebay?
-
https://docs.netgate.com/pfsense/en/latest/book/hardware/index.html#hardware-compatibility
Essentially, search for FreeBSD support for it. Did it ask you to assign interfaces when you installed? If not it should be an option on the console, or Interfaces/Assignments in the web GUI if you can get to it. -
Run
pciconf -lvto see what that device actually is. -
this is what I got running pciconf -lv
before I bother moving machine up(and setting up a monitor) to the wan connection is there a way to know if this card is compatible? The Realtek txt doesn't seem promising...
-
chip=0xabcd108edoes not look promising. Vendor ID 108e is Sun/Oracle as expected: https://pci-ids.ucw.cz/read/PC/108eProduct ID abcd usually indicates a problem initializing the card but it looks correct here though: https://pci-ids.ucw.cz/read/PC/108e/abcd
There does not appear to be a FreeBSD driver for that NIC. One exists in OpenBSD but it looks like it has never been ported.
Steve
-
@stephenw10 said in How Do you Check NIC Interfaces In PFSense/FreeBSD?:
There does not appear to be a FreeBSD driver for that NIC. One exists in OpenBSD but it looks like it has never been ported.
SteveSteve, thanks for your replies. Porting or compiling my own is a little out of my skillset right now as I wouldn't even know where to start.
Sounds like its cheaper or at least easier to just go out and buy an Intel branded one.
Are you or anyone able to recommend any specific ones I should be on the lookout for?
please advise,
oNe
-
So a quad port Intel NIC?
Almost any will work. One thing to look out for are the number of fake cards available. If its new and very cheap be suspicious. It's better in that respect to look for second hand OEM branded cards from Dell, HP etc. There are a few threads about that.
Steve
-
@stephenw10 said in How Do you Check NIC Interfaces In PFSense/FreeBSD?:
So a quad port Intel NIC?
Almost any will work. One thing to look out for are the number of fake cards available. If its new and very cheap be suspicious. It's better in that respect to look for second hand OEM branded cards from Dell, HP etc. There are a few threads about that.
Steve
In my googling I see references that a i350-T4 is better than a i340-T4 but I don't see any reasons given why.
an i340-T4 is only like $20 whereas an i350-T4 is $50+
So before I spent the $50 would like to know how or why its better than the $20 quad nic.
Or if you have any other specific models to look for I'm open to do that as well.
please advise,
Phabeon
-
Unlikely you will see a difference between them unless you're running virtualised. The 350 supports SR-IOV.
That is in the suspiciously cheap range unless they are used.
Steve
-
@stephenw10 said in How Do you Check NIC Interfaces In PFSense/FreeBSD?:
Unlikely you will see a difference between them unless you're running virtualised. The 350 supports SR-IOV.
That is in the suspiciously cheap range unless they are used.
Steve
My apologies, yes, these are ebay and Craigslist prices.
Also in the future I do plan on virtualizing(running pfsense in a vm) since my box is super maxed out for pfsense sys requirements and and plan on setting up VLAN's if that makes a difference.
I did look at the wiki located here for guidence - h/w compatability
However all it states is the following: "We recommend Intel PRO/1000 1Gb and PRO/10GbE 10Gb NICs because they have solid driver support in FreeBSD and they perform very well. Most hardware sold in the Netgate Store contains Intel NICs."
So before I buy another NIC, I just want to make sure I do so correctly.
i.e. compatibility and best power consumption
Phabeon
-
In a sense, essentially this...
#1 - what besides vlans do I lose by going dual nic v/s quad?
#2 - I am just searching using I350-T4, is there another model or better search method as only using that returns very limited results.
-
As in the previous posts before me, a suspiciously cheap card is sure to cause trouble, there are plenty of fake Chinese clones out there :-).
It can be said that there is a good support for Intel cards under FreeBSD, but not all chipsets are suitable.
It's a question of what you want to use it for in the pfSense?I350-based cards are perfect, with a smaller compromise I210 and possibly I211-based. (igb4) - https://www.freebsd.org/cgi/man.cgi?igb(4)
As Steve recommended, search for possibly used brand (HP, Dell, etc.) cards based on Intel Ethernet controller.
I would also take into account the recommendation of "bmeeks" (Bill Meeks) for your future use of NGFW:" Snort Package 4.0 Inline IPS Mode Configuration
IMPORTANT HARDWARE LIMITATION
The new Inline IPS Mode of Snort will only work on interfaces running on a supported network interface card (NIC). Only the following NIC families currently have netmap support in FreeBSD and hence pfSense: em, igb, ixgb, ixl, lem, re or cxgbe. If your NIC driver is not from one of these families, netmap and Inline IPS Mode is not going to work properly, if it works at all."The question of dual / quad is the extent of usage and the question of segmentation, how big is your network?
