VLAN support on pfSense2.0: which Mini-ITX MB with multi-Gigabit?
For my company, we plane to setup a redundant firewall using a Casetronic T1200 case:
So, we need to use Mini-ITX MB.
What MB in Mini-ITX format has:
-Gigabit LAN chipset that support VLAN in pfSense2.0
-Minimum 4 LAN ports
-4 or 8GB RAM
-For the CPU, we would prefer Intel CPU (Core2 Duo or Core2 Quad) but we will accept other CPU (as this is not the main issue)
This idea is to create a 1 U rack with redundant high performance Firewall able to handle minimum 1,000,000 concurrent connections and a Throughput of minimum 500 Mbps.
I know this is not a simple question but I need your help
I think you will have very limited choices (if any) that will meet your requirements.
You could search the pfSense forums for mini ITX to get some ideas of what is around and what people may have found to be good quality.
I'm curious that you want four motherboard NICs AND VLANs and 500Mbps throughput. If you are using VLANs wouldn't two ports be enough? (I expect there are rather more mini ITX motherboards with 2 GigE NICs than motherboards with 4 GigE NICs.)
Unless you plan to run memory hungry applications you will probably be wasting memory above 2GB with the 32-bit version of pfSense.
Jetway make some mini-ITX motherboards that take a daughter card with one or three NICs. I don't know if they make any that will accept your preferred CPU. Some readers of these forums have had less than satisfactory experience with Jetway motherboards.
Most NICs supported by pfSense also support VLANs, but you should check the FreeBSD Hardware notes or vlan man page for confirmation.
Look for Commell LV-674. It's a Mini-ITX board with 4 x Marvell 88E8053 GBe onboard and supports 775 chips. Note that it only supports the older 65nm Core 2 Duos though. 45nm chips are out of the question. Also, the board reportedly supports only 2GB of memory. However, you can probably scale to 4GB without any issues because the chipset DOES support that as a maximum.
I concur with wallabybob that you shouldn't need to have more than 2 GBe NICs. This is especially so because you have VLANs going.
I've never seen a mini-itx board with 4 GBE ports, and I don't expect to any time soon. That said, there are some with 2 GBE ports, and a pcie x4 slot can support a dual or quad-port GBE card to meet your goal.
500 mbps routing is going to require a decent CPU and good quality chipset NICs.
10^6 state table is about double the default I see on a machine with 4GB RAM, but it could probably support the bigger table if no other process is using a lot of memory.
So what you need is an AM3 or LGA1156 mini-itx board with a pcie slot and 4GB of RAM or better. Have a look at these:
No doubt there are other options.