Need recommendation for pfsense computer hardware



  • 1 GB connection

    Two lan ports
    Two wan ports
    Wireless network card (option as wan)

    several packages

    arpwatch
    avahi
    havp
    snort
    squid
    sarg reports

    Is there any difference between the various network card
    Or that all standard network card speed of 1 Gb will fit


  • Netgate Administrator

    I assume you mean 1Gbps WAN connection total?

    If you want Snort, Squid and HAVP at 1Gpbs go are going to need some powerful hardware.

    Get Intel NICs if you have a choice.

    Steve



  • I assume you mean 1Gbps WAN connection total?

    yes

    If you want Snort, Squid and HAVP at 1Gpbs go are going to need some powerful hardware.

    How strong
    I currently have these packages installed on an old computer with 756 MB memory

    and it works

    What are the differences between the various cards
    Why Intel's cards are more expensive
    What they have that others do not

    I saw all kinds Intel cards
    Which one
    What is the difference between the various cards from Intel



  • Intel EXPI9301CT
    Intel PWLA8391GTBLK
    Intel PRO/1000 PF
    Intel EXPI9400PTBLK
    Intel Pro/1000 GT
    INTEL PRO/1000 CT

    this is a few of what i saw
    What is the difference between the  cards

    all difrent price

    what i need to look for ?

    why intel and not

    d link
    level one
    tp link
    TRENDnet
    hp
    edimax

    What wireless network card
    Most suitable
    And has drivers in pfsense

    I want a wireless card not for a AP

    I want to make it as wan connection

    When Internet connection falls
    Access will be via the mobile phone network
    {Wireless card Accesst  the phone's AP}



  • Intel cards have the best support in pfsense.

    They're also the best cards all around.

    Just get the least expensive out of all the intel options.

    pfsense has terrible support for wireless cards and at the moment only supports wireless G i believe.

    You will want to check the pfsense hardware support lists over carefully before you buy a wireless card, just a small revision in the model can make it so pfsense doesn't support it at all.

    https://doc.pfsense.org/index.php/Supported_Wireless_Cards - hardware supported lists.



  • @firefox:

    If you want Snort, Squid and HAVP at 1Gpbs go are going to need some powerful hardware.

    How strong
    I currently have these packages installed on an old computer with 756 MB memory

    and it works

    No offence, but I find that difficult to believe.  Snort eats an enormous amount of RAM if you want it to perform well, I use ~3GB per interface as a general rule for hardware planning, and it's also very CPU intensive.  If you've got snort, squid, and havp all on the same box then you've either not got them actually doing anything (installed doesn't mean working), are running WAY less than 1Gbit/s, or are using much faster hardware than you're implying.



  • Currently my Internet connection is 10 MB
    I'm upgrading the hardware
    Because I am going to increase the connection to 150 MB or 200
    Perhaps more if I need


  • Netgate Administrator

    [pedantry]
    A quick point of information. 10MB, Mega Bytes is 80Mb Mega bits.
    Also Mb is quantity, Mbps is a rate.
    Might not seem important but it can cause all sorts of confusion.
    [/pedantry]

    The important part of a NIC is not who made the card but what chipset it uses. Those manufacturers you listed make many cards with many different chipsets from other manufacturers. Some are good many are bad. Generally speaking the prefered chipsets for use in pfSense (in order of preference) are :
    Intel
    Broadcom
    Everyone else (Marvell, Atheros, Nvidia etc)
    Realtek
    That's somewhat of a simplification. Check the forum for actual reports. Almost all Intel cards work well. They generally give slightly higher throughput with less CPU loading. About the only exception to that is the Pro/1000 VT about which Jason said recently:
    @Jason:

    then light the card on fire and buy a i350. The fewer VT cards that remain in this world the better.

    :P

    What CPU were you running in the 756MB box?

    Steve



  • The important part of a NIC is not who made the card but what chipset it uses. Those manufacturers you listed make many cards with many different chipsets from other manufacturers

    The bottom line
    To buy Intel network card
    Does not matter which
    As long as it 10/100/1000
    and it is not VT

    Which of the cards I wrote earlier is VT ?

    Intel EXPI9301CT
    Intel PWLA8391GTBLK
    Intel PRO/1000 PF
    Intel EXPI9400PTBLK
    Intel Pro/1000 GT
    INTEL PRO/1000 CT

    What CPU were you running in the 756MB box?

    Intel(R) Pentium(R) 4 CPU 2.40GHz

    A quick point of information. 10MB, Mega Bytes is 80Mb Mega bits.
    Also Mb is quantity, Mbps is a rate.
    Might not seem important but it can cause all sorts of confusion.

    I know
    always get confused between them
    the rate is 10 Mbps



  • @firefox:

    Which of the cards I wrote earlier is VT ?

    Intel EXPI9301CT
    Intel PWLA8391GTBLK
    Intel PRO/1000 PF
    Intel EXPI9400PTBLK
    Intel Pro/1000 GT
    INTEL PRO/1000 CT

    Thankfully, none of them.

    Those are:
    82574L - Relatively-new Workstation/Entry Server
    82541PI - Desktop adapter (PCI, and really old)
    82572 - Older Server (useless unless you've got a multi-mode fiber connection with LC connectors)
    82572 - Older Server (same as above except twisted pair)
    82541PI - Same card as the first one of these, just the retail name instead of the bulk part number
    82574L - Same card as the first one of these, just the retail name instead of the bulk part number.

    If these are your choices, the cards based on the 82574L are way out in front.

    @firefox:

    What CPU were you running in the 756MB box?

    Intel(R) Pentium(R) 4 CPU 2.40GHz

    Ok, that would have no problems with the packages you mentioned at 10Mbit/s.



  • I saw the list of supported wireless cards in pfsense

    https://docs.google.com/spreadsheet/ccc?key=0AojFUXcbH0ROdHgwYkFHbkRUdV9hVWljVWl5SXkxbFE&hl=en#gid=0

    By accident
    I have a card with a chip from the second row
    That supports All

    This card is a 5 years old maybe more
    If I want to buy a new
    Today everything is standard on N or AC
    is there any supported cards?

    Is it possible to know with which chip the network card is manufactured
    On the packaging of the product
    Or just check online ?


  • Netgate Administrator

    There is currently (2.1.3) no support for 802.11N at all. Some 'N' cards are supported but only in 'G' mode. This is mostly because of the lack of support in FreeBSD 8.3 on which pfSense is built. pfSense 2.2 will have much better support because it's built on FreebSD 10. Still no 'AC' support though.

    Exactly which card do you have? Since you've already got it you may as well try it.
    A good place to look up wireless hardware is: https://wikidevi.com/wiki/Main_Page

    Most people will recommend you use an external access point for wifi. They can be bought very cheaply these days and will give you better features and usually better coverage.

    Steve



  • Most people will recommend you use an external access point for wifi

    I do not need the wireless card for wifi
    I already have AP connected to pfsense

    I want the card to be kind of a backup internet connection

    Internet connection occasionally falls because a power outage or infrastructure work

    Cellular Internet connection is still active
    I want to turn the AP  option in the cell phone
    Then connect to it with a wireless card

    I do that in several cases
    But without success

    https://forum.pfsense.org/index.php/topic,67694.msg387570.html#msg387570
    https://forum.pfsense.org/index.php?topic=75362.0
    https://forum.pfsense.org/index.php/topic,71096.0.html

    Exactly which card do you have

    Tp link card TL-WN650G


  • Netgate Administrator

    That card is an older chipset it should work well. I have a very similar card my home box.

    Steve



  • How much memory should be put on the computer ?

    Which processor

    amd can be good or just Intel

    Thanks for the help



  • @firefox:

    How much memory should be put on the computer ?

    Which processor

    amd can be good or just Intel

    Thanks for the help

    Snort+Squid means "as much RAM as possible.  To be honest though, using squid will likely slow you down.  Squid is useful when you've got a bunch of users on a slow connection.  You don't have a slow connection.

    With a 1Gbit/s connection you will want a CPU with the fastest clock speed you can find.  An Intel i3-3240 is a good option, though an i5 would be a better one since those add AES-NI (not terribly useful now, will be under pfSense 2.2) and ship with 4 cores instead of 2 (useful with snort on multiple interfaces, squid, and multi-threaded pf in pfsense 2.2).


Log in to reply