Multiple interface NIC's?



  • I was wondering, has anyone come across any (supported) NIC's that have multiple interfaces per pci card?  I seem to have an image in my head of a pci card with 4-5 10/100 interfaces on board.  Maybe I'm just going nuts though.

    Extra credit would be cards with gigabit interfaces that could actually route that kind of throughput between interfaces.  I'm thinking of a data center firewall That I'd like to just put a ton of interfaces in when I build and forget about it, rather than having to shut it down and add more later.  I'll probably put some T1 interfaces in it as well (I know I can get multi-T1 cards).



  • For your kind of scenario you should use intel nics, first because they are pretty good supported by freebsd and second they have nice performance. If you want to route multiple gigabit connections keep in mind that the traffic has to pass the pci bus, so you should try to get a machine with a really fast one and nics for that fit. You'll as well need some CPU horsepower and enough RAM to handle your states.

    T1 cards are not supported atm.



  • Is this just because the get_interface_list call doesn't recognize interfaces created by Sangoma cards, or is this something totally unrelated (ie, is this something I could easily fix by compiling the driver into the kernel and doing some minor php hacking)?

    DSL interfaces that Sangoma provides are also of interest to me, for doing multilink ppp. :) RFC 1990 is my friend. ;)

    My infamiliarity with pfsense and m0n0wall is clearing up pretty quickly.  My impression is that if I can make FreeBSD do it, then it's just a matter of providing a php front-end to it for pfsense and somehow getting the settings for it into, and out of, config.xml.  Right?

    The DSL interfaces would be for client sites of course.



  • If you are experienced to mod it in it might work. If you are planning to do a "clean hack" and commit it after it's done you should be aware that 1.1 will have a radical different interface backend. There are some limitations (like the openVPN problem) which will be fixed by that redesign. Check out http://wiki.pfsense.com/wikka.php?wakka=BillM and http://wiki.pfsense.com/wikka.php?wakka=InterfaceRedesign if you are interested in that.



  • Just to add to your original question, yes there are both Dual and Quad interfaces available.
    Intel has both dual and Quad, i i know that dlink has a (realtek i think) Quad interface.
    3com has dual interfaces too iirc. You should be able to find several different options.
    Intels are expensive but they are also among the best "out there".



  • I have a 4-port d-link card in a m0n0wall, it's a DFE-580TX.  Was only about 90ukp I think.  Interfaces show up as ste (sundance?), don't support VLAN tagging in hardware but do handle long frames properly.  Can't say as I've had any problems with it.

    That said, it's only a 100meg card and 33MHz PCI - if you do find a gigabit card with more than 2 ports, it's going to have to be over some meaty bus to get anywhere near port-speed switching.  The only card I recall seeing with more than two ports was by Eomax(?) and was fibre-only.  I remember it being part of some VAX outfit…



  • I'm running pfSense on a AMD k6 2 400Mhz 192MB with only one PCI and two ISA slots.
    In my current configuration im running WAN interfacer on a Realtech 8029 isa card and LAN interface on a Netgear FA311, but im getting lots of errors (incoming packets at the wan interface).
    Therefore im very interested at dual interface NIC's.

    Could someone recomend me a NIC that will work good with pfSense at a resonable price?



  • Could anyone post specific model numbers or links?  I'm in need of a few of these in short order, and for all of my Googling, I'm coming up empty.

    Gigabit and 10/100 links welcome.



  • I've had a project box with 2 Intel PRO/1000 MT Quad Port Server Adapter, they cost about 600EUR each 2 years ago, plus 1200€ for the 2,4Ghz Xeon box with PCI-X.


  • LAYER 8 Moderator

    What about the ones, bundled with the Soekris devices?

    => http://soekris.com/lan16x1.htm



  • What about the routerboard 44?
    It comes with 4x 10/100Mb lan ports and it costs about $95

    Check the bottom right of this page http://www.mikrotik.com/.
    And here is the detailed description page http://www.routerboard.com/rb44.html.
    It says it's BSD compatible but if I were you I'd send them an email just in case… ;)

    Off topic just to tease you guys -> look at this hardware http://www.routerboard.com/rb500.html  :P
    If only it would have a memory expansion slot capable of receiving some extra 128MB SoDIMM or something and if only we could make a pfSense compliant with a MIPS 4Kc CPU and if only it could boot from the CF card instead of the NAND memory…
    To many ifs but it would make it the perfect embedded platform because it's got so many expansion options and it's got a CPU 2 or 3 times faster than a SC1100.
    And I've seen prices starting from $200 for an RB532 with case. :o



  • How's this for insanity for you?

    http://www.bvm-store.com/ProductDetail.asp?fdProductId=316

    :o

    Too bad you'd never be able to get enough cpu into a WRAP in order to make this worthwhile.  I've asked how much these interface modules cost, and what chipset they use.  Makes things interesting though, given that many of the Mini-ITX systems out there have 1 or 2 mini-pci slots available.  I've even seen a core-duo based system with two mini-pci slots available.  Be nice to have that with 4 gigabit ethernet interfaces and 1 10/100 interface. ;)



  • heh, gigabit on a wrap is a waste of money but the linitx could also be upgraded with that, however don't know where to put the outlets.



  • No reply yet.  I'm actually able to think of a few systems that could get good use from these. ;)

    Mac mini comes to mind (if I felt like machining the case….)

    Maybe I could get an extra case-top off of eBay?  :D  Make an intel core duo mini into a firewall?  (Not too expensive...$700?)  Too bad it only has 1 mini-pci slot, and by default it's populated by an 802.11g card.  However, if you don't need wireless, then that gives you 3 Gigabit ethernet ports.



  • keep in mind that the pci bus is a limitting factor.



  • Yeah, you're right of course.

    Odd, they offer dual Gigabit, but only single 10/100 cards.  They tell you what chipset that is at least:

    http://www.bvm-store.com/ProductDetail.asp?fdProductId=160

    I had the impression that those are quality chipsets too.  Perhaps they have duals and just don't list them on the site?



  • Huh.  I'm starting to become of the impression that these people don't respond to e-mail.  Sad.  I sent a follow-up message yesterday.



  • Okay, now they responded:

    "The MP-540 costs  £35.  It is not a stock item.  Delivery typically 3 weeks
    from confirmed order.

    We have the MP-541D2 in stock at £52.
    This is a dual channel Gigabit unit and uses the Intel 82541PI controllers.

    These can be ordered from our website but please note there is a minimum
    order quantity of £100."



  • $98.31 for the dual model.  They require that you spend ~$200 minimum with them.

    So you have to buy two to make it worth the money.  Now if I could just find a mini-itx system that had enough cpu and a pair of mini-pci slots, I'd be all set. :D



  • Could someone recommend a "cheap" 4-port Ethernet PCI card compatible with pfSense?
    Thanks, -pc


  • LAYER 8 Moderator

    What is cheap for you? As already mentioned:

    http://soekris.com/lan16x1.htm

    would be a possibility.



  • http://shopping.hacom.net/catalog/product_info.php?cPath=38_43&products_id=75 should work too and you get 2 mini PCIs on top. Ideal to be used for boxes with only one PCI slot but be prepared that you might need a better PSU in case you use this with an embedded system. Contact Hacom for verification if needed. Hacom is one of our recommended vendors.



  • I just bought some; I was hoping for cheaper, but those are good recommendations.
    Thank you, -Pete



  • @pcatiprodotnet:

    Could someone recommend a "cheap" 4-port Ethernet PCI card compatible with pfSense?

    I have a crap 4 port dlink that works fine with the dc driver.  Cost me $50 on www.trademe.co.nz.  The model is a DFE-570-TX



  • From my personnal experience,
        Intel Pro 1000 MT dual port -> ok
        Intel Pro 1000 GT quad port -> ok
        IBM dual port based on broadcom chips -> bad bad bad bad very bad

    I'm about to try Dlink dual and quad port cards, they are cheaper ;-)



  • Planning to go googling, but since the PCI bus has been brought up as a limiting factor, anyone seen any PCI Express (NOT PCI-X) 8x or 16x multiple interface cards?  Should be able to get multi-gigabit that way, right?

    Just five mins of googling turned this up, but I have no idea about compatibility:

    http://www.alacritech.com/html/SEN2100_Accelerator.shtml

    I will tell you that I think that company is a bit too rich for my blood.  Take a look at CDW's pricing on single interface cards:

    http://www.cdw.com/shop/search/Results.aspx?key=alacritech&platform=pc&x=13&y=13

    :o

    That garners a great big. WTF????

    I know they want you to use that with iSCSI stuff, but still….if it's worth that kinda cash, use fiber. :P



  • Speaking of cheap, this seller has listed about 10 of these on ebay.  Have no idea if they would work with FreeBSD i386 or not.  Also, looking at it, don't think the card would fit into my Hacom firewalls…64-bit PCI?  Maybe?  He says it's a "sun" branded one.

    http://cgi.ebay.com/BRAND-NEW-PCI-QUAD-FAST-ETHERNET-CARD_W0QQitemZ9743050552QQihZ008QQcategoryZ51195QQcmdZViewItem

    Or heck, the search term that should be obvious that wasn't to me for some reason:

    http://search.ebay.com/quad-ethernet_W0QQbsZSearchQQfposZ63021QQfsooZ1QQfsopZ1QQsacatZQ2d1QQsadisZ200QQsargnZQ2d1QQsaslcZ2QQsofocusZbs



  • Please be aware of the following bug.  Been haunting me on the Hacom units for the last week:

    http://www.freebsd.org/cgi/query-pr.cgi?pr=i386/88610

    When we're talking multi-interface systems, this becomes an issue.  I was trying to build an 11 interface box (to handle all of the carp interfaces since you can't alias) and if it weren't for this bug I'd have no problems…


Log in to reply