Re: [pfSense-discussion] Embedded hardware
Gil Freund wrote: Hi, I had a look at the Checkpoint [EMAIL PROTECTED] device and I am looking for a similar platform for pfsense. I currently use Wraps, but I am looking for something with more interfaces (5 or 6, of which 4 are a lan switch) and one or (preferably) two MiniPCI. We're considering carrying this: http://www.fabiatech.com/products/fx5620.htm But it only sort-of meets your requirements.It has 6 interfaces (5 x 10/1000, 1 x 10/100/1000) and a single miniPCI socket. I don't know if the interfaces support auto MDI/X or not. Linitx.com carrys them, and donated one to Bill, Scott and Chris. It works with pfSense out of the box. Soekris has a similar model but the PCI quadport lacks MDI/X auto sensing. And its not switch-based, either. Jim
RE: [pfSense-discussion] Embedded hardware
Sorry, the link is in german but you should get the facts: http://www.level-one.de/products3.php?sklop=14id=520056 it's a NIC with integrated 5 port switch. If you use a soekris 4801 you could add such a card to the PCI slot. I use a similiar card with one of my routers ( http://routerdesign.com/routers/36/pic02.jpg , http://routerdesign.com/routers/36/pic04.jpg ). Holger -Original Message- From: news [mailto:[EMAIL PROTECTED] Behalf Of Gil Freund Sent: Tuesday, March 14, 2006 9:31 PM To: discussion@pfsense.com Subject: [pfSense-discussion] Embedded hardware Hi, I had a look at the Checkpoint [EMAIL PROTECTED] device and I am looking for a similar platform for pfsense. I currently use Wraps, but I am looking for something with more interfaces (5 or 6, of which 4 are a lan switch) and one or (preferably) two MiniPCI. Soekris has a similar model but the PCI quadport lacks MDI/X auto sensing. I can add a small 5 port switch, but this would require an additional power outlet and would not look nice. This os to avoid getting the Checkpoint which are being considered as a VPN gateway for executives at home. Thanks Gil Virus checked by G DATA AntiVirusKit
RE: [pfSense-discussion] Embedded hardware
If you bridge NICs and create a switch this way your throughput will be limited by the bus and the CPU. If you use a switchcard like I suggested the switch will take care of the networktraffic between these ports. I get 90 mbit/s with this card between the switchports though the firewall itself is only driven by a pentium 233MMX. Of course, traffic going to other interfaces will be limited by cpu speed and bus capacity. The card that I suggested has 5 autouplink ports. So if a soekris 4801 is fast enough for your needs and you only want to have the switch integrated this is an option to consider. Holger -Original Message- From: Jim Thompson [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 14, 2006 10:57 PM To: discussion@pfsense.com Subject: Re: [pfSense-discussion] Embedded hardware Holger Bauer wrote: Sorry, the link is in german but you should get the facts: http://www.level-one.de/products3.php?sklop=14id=520056 it's a NIC with integrated 5 port switch. If you use a soekris 4801 you could add such a card to the PCI slot. I use a similiar card with one of my routers ( http://routerdesign.com/routers/36/pic02.jpg , http://routerdesign.com/routers/36/pic04.jpg ). Holger OK, my error. here is something similar (if not identical, I can't tell if it has the Kendin chip on it or not): http://www.outletpc.com/c3442.html But you could still potentially bridge the 5 (or 6) individual interfaces in pfSense, and get something fairly 'switch like', too. No? Also, using the card you describe, the forwarding rate is going to be limited when the packets have to pass through over the PCI bus. This is more interesting (especially in light of the recent discussions): http://www.dssnetworks.com/v3/gigabit_pcie_6468.asp Virus checked by G DATA AntiVirusKit
RE: [pfSense-discussion] Embedded hardware
everything depends on needs...and probably the price. the switchcard I have in my router was only 30 euros (not ebay or something, regular price). we all can only give suggestions. I didn't say your option is bad either but I guess more expensive. Holger -Original Message- From: Jim Thompson [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 14, 2006 11:17 PM To: discussion@pfsense.com Subject: Re: [pfSense-discussion] Embedded hardware Understood, but a 1GHz c3 (on the box I showed) is a bit more CPU than the 233/266MHz Geode on the Soekris WRAP boards. You'll probably get something approaching similar performance with either solution. I don't know if you've got the software written to control VLAN framing, packet filtering, etc with the 4-port switch card or not. If not, then pfSense is going to see this as a single Ethernet port, and all the traffic that stays on the switch will be invisible to pfSense. By bridging multiple NICs together, you can gain visibility (and control) off all the traffic that passes through the box. I'm not saying that the 4-port switch card is bad, or that bridging multiple NICs together is better. Each application is different. I think a variant of pfSense that supported the 8 port GigE switch card that I pointed to would be really cool. Holger Bauer wrote: If you bridge NICs and create a switch this way your throughput will be limited by the bus and the CPU. If you use a switchcard like I suggested the switch will take care of the networktraffic between these ports. I get 90 mbit/s with this card between t he switchports though the firewall itself is only driven by a pentium 233MMX. Of course, traffic going to other interfaces will be limited by cpu speed and bus capacity. The card that I suggested has 5 autouplink ports. So if a soekris 4801 is fast enough for your needs and you only want to have the switch integrated this is an option to consider. Holger -Original Message- From: Jim Thompson [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 14, 2006 10:57 PM To: discussion@pfsense.com Subject: Re: [pfSense-discussion] Embedded hardware Holger Bauer wrote: Sorry, the link is in german but you should get the facts: http://www.level-one.de/products3.php?sklop=14id=520056 it's a NIC with integrated 5 port switch. If you use a soekris 4801 you could add such a card to the PCI slot. I use a similiar card with one of my routers ( http://routerdesign.com/routers/36/pic02.jpg , http://routerdesign.com/routers/36/pic04.jpg ). Holger OK, my error. here is something similar (if not identical, I can't tell if it has the Kendin chip on it or not): http://www.outletpc.com/c3442.html But you could still potentially bridge the 5 (or 6) individual interfaces in pfSense, and get something fairly 'switch like', too. No? Also, using the card you describe, the forwarding rate is going to be limited when the packets have to pass through over the PCI bus. This is more interesting (especially in light of the recent discussions): http://www.dssnetworks.com/v3/gigabit_pcie_6468.asp Virus checked by G DATA AntiVirusKit Virus checked by G DATA AntiVirusKit
