Aquantia Network Interface - Can I make this work?
-
My bosses have given me two Dell Precision 3930 Rack systems and asked me to set them up as PfSense firewalls (one for HQ and one for a remote office). The documentation informs me that these have two network interfaces as follows:
- Integrated Intel 10/100/1000 Mb/s Ethernet (RJ45)
- Integrated Aquantia 10 GB/s Ethernet (RJ45)
I have installed PfSense on the first machine but only the Intel network interface is available for assignment in PfSense. I have been trying to determine whether there is a driver available for the Aquantia and it seems there is a FreeBSD port. However, it appears that using FreeBSD ports in PfSense is not recommended. Is there any 'recommended' method of installing drivers that are not shipped as part of the kernel?
It is of course possible that this isn't a driver issue. I have not been able to identify whether the port has been incorporated into the FreeBSD kernel. The folder tree of freebsd/base does not contain the /head/net/ directory (under which the driver is found in ports) and I do not know where else to look.
Can anyone confirm whether or not the driver is present in PfSense? If it isn't, can you recommend a way forward?
-
That port is in our tree but we don't build it. https://github.com/pfsense/FreeBSD-ports/tree/devel/net/aquantia-atlantic-kmod
That port only appears to be available for FreeBSD 13 though the driver itself is labelled 11/12/13 so you could try to build it for 2.4.5 or 2.5.It's not supported in pfSense. Untested at all as far as I know.
Steve
-
Is a requirement of this project to have the 10GBe adapters on the network?
If not, and I don’t know the specs of those boxes, you might be able to add gigabit Ethernet expansion cards.
Jeff
-
Adding an expansion card, 10G or 1G, would be the easiest way forward certainly.
-
Thank you for the replies.
@akuma1x said in Aquantia Network Interface - Can I make this work?:
Is a requirement of this project to have the 10GBe adapters on the network?
If not, and I don’t know the specs of those boxes, you might be able to add gigabit Ethernet expansion cards.
Jeff
Our requirements are to introduce our own firewall at the border of our network (between the ISP-managed router and our existing equipment) and set up a site-to-site VPN with the remote office. Gigabit speeds should be perfectly adequate, while we could run 10Gb from the switch to the firewall I cannot see any benefit in doing so since the WAN connection is never expected to go above 1Gb. Unfortunately the boxes only have one of each (1x 1Gb and 1x 10Gb) so I cannot simply use two 1Gb ports and leave the 10Gb unused.
I will suggest the expansion card option to my bosses, that now sounds like the best way forward to me. Otherwise, I will probably be told to install Windows 10 (Pro) and put pfSense in Hyper-V.
@stephenw10 said in Aquantia Network Interface - Can I make this work?:
That port is in our tree but we don't build it. https://github.com/pfsense/FreeBSD-ports/tree/devel/net/aquantia-atlantic-kmod
That port only appears to be available for FreeBSD 13 though the driver itself is labelled 11/12/13 so you could try to build it for 2.4.5 or 2.5.It's not supported in pfSense. Untested at all as far as I know.
Steve
Not supported in pfSense, thanks for confirming. I doubt management would be particularly happy running a core piece of infrastructure on unsupported hardware. Unless the status of this driver is likely to change in the near future (maybe a month or two), I guess it is not worth me spending any more time trying to get the Aquantia interface working. Thanks for all your help, you have saved me loads of time.
-
FreeBSD 13 is the bleeding edge development branch. It won't make it into pfSense anytime soon.
An additional 1G NIC should not be a big deal. You may be able to use VLANs instead if you have the switches.
Steve