10GB fiber card suggestions

    Been using pfSense at two school locations for about 5 years now and works great!
    Over this coming summer, May we are going to get a fiber run to each of the two schools due to new testing minimum requierments.
    I have scoured the forums here quite a bit,in regards to fiber card hardware. We will diffinetly want 10GB capable cards even though we will be starting out with 1GB input.

    Could anyone that has been using pSense with a fiber card and preferably a 10GB capable card give comments on what wroked "out of the box" with the latest version of pfSense?
    From reading  several posts it seems many cards have difficulty actually pushing/pulling the amounts of bandwidth that they are advertised capable of doing.

  • The NIC link speed alone doesn't tell you what kind of transfer rates you'll see.  Realtek 10/100 and Gig-E NICs, for example, are known to be considerably slower than Intel NICs, and even Intel's Server NICs tend to be a bit faster than their Desktop parts.

    As far as 10Gbe goes, the bulk of the recommendations are going to be Intel's X520 (82599) because that's pretty much all anyone uses.

    As to whether or not they work at 10Gbe speeds, that's another thing entirely.  Most Operating Systems are not designed to push 10 Gbit/s across a network interface without changing some parameters and FreeBSD is no exception.  On top of that, moving & filtering 10Gbe of traffic takes a massive amount of CPU power so many boxes won't be up to the task.

    I tossed a pair of X520 ports in each of my boxes the other day and have yet to break 2Gbit/s and have no idea why.  It's not the cards because I've used the same chips in other Servers with other Operating Systems and have seen > 8Gbit/s and the CPUs aren't a bottleneck either.

    Basically, if you want a system which will push 10Gbe to the wire out of the box then you need to look elsewhere.  A Cisco ASA 5585 w/ SSP 40 would get you there, barely, but at considerable cost (somewhere around $100K with a year of 24/7 SmartNet).

  • Yeah, I've seen that before.  I'm going to hold off on the tuning until 2.1.1 releases.  Right now I've got one machine on 2.1 and the other on 2.1.1-PRERELEASE, each with different driver versions, and I'm not sure if it might be the older driver causing the problem.

    We have customers that also use Myricom mxge(4) and Solarflare sfxge(4) cards with success, but most do use Intel.

  • I just started a separate post regarding 10 GbE performance as we are having problems with throughput on Intel cards.  The details are in that post.  You may want to see what the outcome of that is before making a decision.


  • Thank You to everyone who gave replies here. Now have some manufactuer, part numbers to look for. Not sure which brand we will go for ?
    Fibre stuff is new stuff to me. Needless to say, we are in the sticks.  :)


