What USB 3.0 NIC to get?
-
I have a nettop box (Zotax AQ01) which I want to serve as a router/firewall. It has one ethernet nic and one mini PCIe slot in which there is an Intel 3160 wifi card. Unfortunately,
- it is only 1x1
- support in pfSense is not certain. Even if it was, it has AP functions disabled for all 5GHz bands, so to make this work, pfSense/FreeBSD driver (once it is created) would have to ignore restrictions imposed by card's firmware, and I am not confident anyone will ever bother to do it.
- nettop has only one connector for an external antenna.
- processor on it does not support PCI passthrough and so there is no way of assigning that WiFi card directly to pfSense running in a VM (VirtualBox or KVM).
For the above reasons, I though it would be better to get a USB 3.0 card with at least two antennas, 2x2, and full AP support in 5GHz band. I need speeds above 100Mbit/s, and in addition it would be good to be able to create a secondary WiFi networks for guests, working alongside the main one for private use.
I looked around but the only thing I keep finding is this: http://www.tech-electronics.pl/STL/allegro/AC/AC10.jpg
This is Alfa AWUS036AC - 802.11AC based on Realtek RTL8812AU chip.As far as I can tell, this is not supported (either at all, or well) by pfSense. If this is so, then are there any other USB 3.0 wifi cards that would work well in AP mode in pfSense?
-
None. Do yourself a favour and get an AP connected via RJ45. (Also, you do not really want AC. Really those marketing speeds are pure BS and you won't get anything like that in real life (TM) conditions.)
For internal miniPCI/PCIe cards, the only suggested chipset would be Atheros.
-
I have a WRT54g wireless router running Tomato, but:
- it is only 54Mbits
- if I connect ISP's ethernet cable to my nettop, then I have no ethernet ports left
- external AP requires additional power, thus additional clutter and power draw
- I don't want to spend on a new AP more than on a decent USB 3.0 network card, and I don't know if I'd be able to get anything with at least 2x2 and ac or n capabilities for that price
-
Good luck. USB 3.0 + AC with FBSD is a sure recipe for complete failure.
-
doktornotor is right - Your have a flaw in your thinking. That is, there are no decent USB solutions. None are "good".
-
Do your self a favor and forget the usb nic. But you will try it and then after hours, days, weeks, months trying to get help you will come to realize, what we have all have figured out a long time ago, stay away from usb nics. What you should get is a small little managed switch like a Cisco 2940 you can get from (http://www.ebay.com/itm/Cisco-Catalyst-WS-C2940-8TT-S-2940-8-Port-10-100-Ethernet-Switch-/251832203706?pt=LH_DefaultDomain_0&hash=item3aa25e79ba). Configure it so that one of the ports is your wan you will need to use VLANs for this and then configure the other ports for LAN, then as others have suggested get a wireless router/ access point (http://www.amazon.com/NETGEAR-AC750-Gigabit-Router-R6050/dp/B00KFD0O0I/ref=sr_1_7?ie=UTF8&qid=1425473025&sr=8-7&keywords=netgear+wireless+ac+router) and you will have a nice little setup. The extra power draw will be less than $5 a year depending on your electric rates but do the math. It is worth spending a little bit of money.
If you need help configuring it just come back and there are plenty of people on here that would be more than happy to help, but trust me this would be your best solution. If you want to spend more money you can get a switch that has all gigabit ports not just the uplink port, but if your needs don't require it this should be a perfect solution for you.
-
Thanks for the suggestions. The power draw is not the only concern. It is also the space.
As I mentioned, I do have this WRT54g router with Tomato on it which has quite advanced capabilities, including VLAN. Would it be possible to set it like so:
ISP -> WRT54g -> pfSense box (running DHCP for internal VLAN?) -> back to WRT54g (using the same ethernet port (VLAN?)) -> WRT54g distributes Internet from pfSense box to other cable and wireless clients.
Does it make sense?
-
You should be able to do that if you use tagged ports but the wrt54g is really slow in terms of wireless, but give it a try and see how you make out. I guess what you would do is put your internet connection on the wan port (vlan 2 untagged). Make ports 1 - 3 members of vlan 3 untagged. Make port 4 on your WRT a member of vlan 2 and 3 going to our PfSense. Create vlan 2 and 3 on your PfSense and assign your interface example em0 like so:
WAN=em0_vlan2
LAN=em0_vlan3You should be good to go. You might have to put the WRT in access point mode and make the LAN IP of the WRT in the same address space of your LAN on PfSense so that you can administer it, make sure you disable the DHCP because PfSense will be doing that duty.
-
That's good to know. However, there is another layer of complication added by the fact pfSense will be running inside VM on the server box, using bridge with virtual VBox interfaces (no pci pass-through).
Now that I think about it, I'm afraid to go grey before I figure out how to configure it…
On a related note: do VLANs add any overheads? Will my connection speed/ping suffer because of their use?
-
Well, looks like this router has no VLAN tagging even with Tomato, so I guess that's the end of the road for this idea.
-
If you have wrt54g then change firmware to dd- wrt it has vlan tagging
-
If you have wrt54g then change firmware to dd- wrt it has vlan tagging
Yes, tomato has it too. The problem is the hardware is not capable of it.
Anyway, I decommissioned it and am using pfSense in a VM on linux host with hostapd and it works well.