1. Home
  2. pfSense® Software
  3. Hardware
  4. Lanner FW-8894 - Intel DH8925 PCH - XL710

Lanner FW-8894 - Intel DH8925 PCH - XL710

  • A

    Hallo @ all!

    We are using pfsens long time and are very happy with it.
    Now we need an new server. We found the Lanner FW-8894 with up to 25 Gbps QuickAssist crypto acceleration by Intel® DH8925.

    Did anyone have experience with that "server" or that chip?
    Did pfsense support that chip / hardware crypto?

    The Ethernet controller / network card should be the Lanner "NCS2-IXM407" (Intel Fortville XL710)? Did anyone have experience with that Ethernet controller / network card?

    Thanks!

    0
  • ?

    We are using pfsens long time and are very happy with it.

    Bare metal or in VM?

    Now we need an new server. We found the Lanner FW-8894

    Please don´t buy blind!!! Please contact the Lanner Sales department before
    you are buying anything! Lanner is selling a whole bunch of devices in the
    FW-889x Series and some of them has really bad problems with pfSense
    installing on them, owed to the BIOS or some BIOS problems.

    with up to 25 Gbps QuickAssist crypto acceleration by Intel® DH8925.

    There are two pretty new things from Intel integrated in CPUs or chips of them;

    • AES-NI
    • QuickAssist

    AES-NI is integrated and working well in pfSense yet but the QuickAssist is at its beginning
    and not fully integrated or activated yet in pfSense! This need some more time as I see it right
    to insert it inside of pfSense and then if it will be inserted I really guess it would be at first be
    able for inside of the ADI Images for the platforms that will be sold at the pfSense store or at
    netgate shop, to be a benefit for all the ADI made hardware, only in my poor opinion.

    Did anyone have experience with that "server" or that chip?
    Did pfsense support that chip / hardware crypto?

    We can´t have those experiences together with pfSense because the code was not
    really inserted inside of the code of pfSense or available as a module.

    The Ethernet controller / network card should be the Lanner "NCS2-IXM407" (Intel Fortville XL710)?

    For sure only peoples with one Lanner or your Lanner hardware will have this experiences but without the
    QuickAssist you are asking for here in the thread.

    If I should suggest you something I would do the following;

    • Ask at Lanner for exact this compatibility to pfSense or run pfSense in a VM and ask for the
      compatibility of the hardware to ESXi or Hyper-V.
    • Ask at pfSense for the support of the QuickAssist and the earliest available launch for the public
      and not for their self assembled hardware from the pfSense or netgate store and also this Intel chip-set.

    Otherwise you could run into a really great trap that would you not reach your planed or targeted goal.

    0
  • A

    Hey Frank.

    Thanks for your answer.

    Quote
    We are using pfsens long time and are very happy with it.
    Bare metal or in VM?

    Bare metal

    Quote
    Now we need an new server. We found the Lanner FW-8894
    Please don´t buy blind!!! Please contact the Lanner Sales department before
    you are buying anything! Lanner is selling a whole bunch of devices in the
    FW-889x Series and some of them has really bad problems with pfSense
    installing on them, owed to the BIOS or some BIOS problems.

    That is why we have asked… The Sales department often say: "No problem" ;)

    Quote
    with up to 25 Gbps QuickAssist crypto acceleration by Intel® DH8925.
    There are two pretty new things from Intel integrated in CPUs or chips of them;

    • AES-NI
    • QuickAssist

    AES-NI is integrated and working well in pfSense yet but the QuickAssist is at its beginning
    and not fully integrated or activated yet in pfSense! This need some more time as I see it right
    to insert it inside of pfSense and then if it will be inserted I really guess it would be at first be
    able for inside of the ADI Images for the platforms that will be sold at the pfSense store or at
    netgate shop, to be a benefit for all the ADI made hardware, only in my poor opinion.

    What pfsense is doing with AES-NI / QuickAssist is really incredible!!! That's why we choose the Lanner with Intel® DH8925 (QuickAssist). But when it's not be activated yet, we have to wait.

    Thanks for your assessment and your experience with Lanner.

    ambiFOX

    0
  • ?

    That is why we have asked… The Sales department often say: "No problem"

    I was asking for the Lanner FW-8895 device and the sales department was telling me truely that they have some strange BIOS
    issues with this appliance, fore a wile. And I am pretty sure they will also telling you the truth about the FW-8894.

    Bare metal

    Then perhaps the QuickAssist is not really so important for you as I see it right now, this is related to
    the circumstance that you go by two Intel Xeon E5-2600v3 CPUs. And they are pretty strong and able
    to run many tasks as well with enough power!

    Thanks for your assessment and your experience with Lanner.

    Lanner is not budget friendly and also not cheap, but they assemble and create appliances that will work
    and do the job with ease. And if the main goal is the throughput of the VPN connections or many of them
    you could think about a Linux based VPN server in a DMZ sorted with additional compression / decompression
    cards perhaps. So then a C2758 1U or a XG-1540 from the pfSense store will be also enough for your needs!!!

    It is only as an alternate view on such things likes high data throughput.
    Intel Xeon E3-12x6v3 & 16 GB or 32 GB ECC RAM
    CentOS 7
    SoftEtherVPN Suite
    Comtech AHA compression cards
    Comtech AHA VPN accelerator cards

    For sure the cards must be inserted on both or more ends of the involved VPN, or in shorter words
    at all VPN endpoints such a card must be installed, to guaranty the full throughput.

    0
  • A

    Hi Frank.

    Quote
    That is why we have asked… The Sales department often say: "No problem"
    I was asking for the Lanner FW-8895 device and the sales department was telling me truely that they have some strange BIOS
    issues with this appliance, fore a wile. And I am pretty sure they will also telling you the truth about the FW-8894.

    OK. Perhaps i will ask Lanner again.

    But after your first post, i ask a pfsense reseller about more informations of the xg-1540.

    Quote
    Bare metal
    Then perhaps the QuickAssist is not really so important for you as I see it right now, this is related to
    the circumstance that you go by two Intel Xeon E5-2600v3 CPUs. And they are pretty strong and able
    to run many tasks as well with enough power!

    Yes, the E5-2600v3 will have much power. But if i can get a hardware-crypt for less money. ;) So my pfsense have many more resources for other things. ;)

    We need a hardware, that can handel:

    • 10G routing

    • 5000 firewall rules

    • 200 IPSec tunnels with max. 1G traffic total

    • nice to have IPS/IDS

    I do not want to buy new every 2 years. ;)

    Quote
    Thanks for your assessment and your experience with Lanner.
    Lanner is not budget friendly and also not cheap, but they assemble and create appliances that will work
    and do the job with ease. And if the main goal is the throughput of the VPN connections or many of them
    you could think about a Linux based VPN server in a DMZ sorted with additional compression / decompression
    cards perhaps. So then a C2758 1U or a XG-1540 from the pfSense store will be also enough for your needs!!!

    It is only as an alternate view on such things likes high data throughput.
    Intel Xeon E3-12x6v3 & 16 GB or 32 GB ECC RAM
    CentOS 7
    SoftEtherVPN Suite
    Comtech AHA compression cards
    Comtech AHA VPN accelerator cards

    For sure the cards must be inserted on both or more ends of the involved VPN, or in shorter words
    at all VPN endpoints such a card must be installed, to guaranty the full throughput.

    It's a nice solution but the problem is the otherside.

    Thank you for your effort.

    ambiFOX

    0
  • ?

    Lanner FW-8894 with free chosen CPUs
    Intel® Xeon® Prozessor E5-2687W V3
    2 x 10 CPU cores @3,1GHz
    AES-NI are also there in!

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy