Starting pfsense for New Users

[yosemi]

Kana "Alibaba".

Personally, I only buy from reputable vendors.

yea cheap no good stuff mah haha

 

[Mach3.2]

yea cheap no good stuff mah haha

so far i got away with cheap NICs from ebay and taobao. the x550-at2 i got from ebay and both my mellanox cx-4lx works fine

 

[morimorimori]

10gtek refurb x520-2 from shopee works fine.

 

[xiaofan]

so far i got away with cheap NICs from ebay and taobao. the x550-at2 i got from ebay and both my mellanox cx-4lx works fine

Wow, how many 10G enabled PC/NAS do you have?

I have 8 low power mini PCs and only one of them is 10G enabled (with Intel N100 CPU and Intel 82599ES dual SFP+ ports). Then I have two USB4/TB4 NICs for my Mac Mini M1 and Windows laptops. So all-together three computers can be 10G enabled.

Now I got one more cheap desktop (Ryzen 5600G) which I intend to add a PCI-E 5Gbps NIC but I may get 10G PCI-E NIC later.

 

[Mach3.2]

Wow, how many 10G enabled PC/NAS do you have?

technically 2 only. My PC and my hypervisor.

I swapped the x550-at2 out for the mellanox connectx-4 lx when I pulled the fibre into my room.

 

[xiaofan]

technically 2 only. My PC and my hypervisor.

I swapped the x550-at2 out for the mellanox connectx-4 lx when I pulled the fibre into my room.

I see. Now you can buy one more PC to use the X550-AT2.

 

[Mach3.2]

I see. Now you can buy one more PC to use the X550-AT2.

This is exactly the kind of **** I'd tell other people leh.

but honestly, i don't foresee myself going back to copper 10GbE, fibre optic transceivers simply operate cooler than the copper ones.

 

[TanKianW]

yea cheap no good stuff mah haha ​

It can be "cheap and good" esp dekit NICs from DCs, but not absurdly (unrealistically) cheap since I cannot afford to install a NIC on a server and then it dies or has problem booting during setup. That will take up more time to unrack the server to reinstall the new NIC. Ok, I am lazy.... Sometimes it make more sense to pay a bit more for the NIC to be verified genuine and working, with some warranty coverage.​

 

[xiaofan]

This is exactly the kind of **** I'd tell other people leh.

but honestly, i don't foresee myself going back to copper 10GbE, fibre optic transceivers simply operate cooler than the copper ones.

Good point. I think I am also moving to the direction of the Fibre.

But I can not avoid Copper 10GbE because of Mac Mini and Windows laptops. There is one cheap USB4/TB4 to SFP+ Fibre NIC from GRiS but it is out of stock for very long. So I got two USB4/TB4 10GBase-T NICs, one from IOcrest and one from GRis.

Future Plan:
1) lay Fibre cables from living room FTP location to the bedrooms.
2) use 8-port SFP+ switch like TP-Link TL-ST1008F or TL-ST5008F in the living room
3) get 10G SFP+ NIC for my desktop
4) use existing 2.5G switch with dual SFP+ ports (or with one SFP+ port and one 10GBase-T port) as media converter in the bedrooms.

 

[TanKianW]

Good point. I think I am also moving to the direction of the Fibre.

But I can not avoid Copper 10GbE because of Mac Mini and Windows laptops. There is one cheap USB4/TB4 to SFP+ Fibre NIC from GRiS but it is out of stock for very long. So I got two USB4/TB4 10GBase-T NICs, one from IOcrest and one from GRis.

Future Plan:
1) lay Fibre cables from living room FTP location to the bedrooms.
2) use 8-port SFP+ switch like TP-Link TL-ST1008F or TL-ST5008F in the living room
3) get 10G SFP+ NIC for my desktop​

This will be subjected to your future or existing home infra setup. You can have a mixture of both, not necessary to be just "one kind", whichever fit your use case. I will prefer a hybrid (copper + fiber) setup for most home users.

For current bto homes where you have existing Cat6 in-built cabling, you can stick to a combo (SFP+ and RJ45) 10G core switch (Eg. CRS312) which distribute 1/2.5/10G to all the rooms. And if you do upgrade to (or lay) fiber infra, you can still do so with the SFP+ combo ports which provide much more flexibility. As for my home office with several 10G devices, I opted for a SFP+ switch (CRS309) with is cooler and less fan noise (important in a room setup if you run 24/7) connecting to all 10G devices using DACs and a 1G/10G switch (CRS326) for some other 1G devices (Eg. printer, print server, testing, laptops) in the room.

Personally, I see my next upgrade using fiber will likely be 25/40/100G use cases. I still need to find that "use case" to justify that upgrade. Currently, 2x 10G seemed pretty much "sufficient" to me.​

 

[xiaofan]

This will be subjected to your home future or existing infra setup. You can have a mixture of both, not necessary to be just "one kind", whichever fit your use case.

For current bto homes where you have existing Cat6 in-built cabling, you can stick to a combo (SFP+ and RJ45) 10G core switch (CRS312), like what I am using which distribute 1/2.5/10G to all the rooms and most importantly 2x 10G to my homelab rack in the store room. And if you do upgrade to (or lay) fiber infra, you can still do so ith the SFP+ combo ports which provide much more flexibility. As for my home office with several 10G devices, I opted for a SFP+ switch (CRS309) connecting to all 10G devices using DACs and a 1G/10G switch (CRS326) for some other 1G devices (Eg. printer, print server, testing, laptops) in the room.

Personally, I see my next upgrade using fiber will likely be 25/40/100G use cases. I still need to find that "use case" to justify that upgrade. Currently, 2x 10G seemed pretty much "sufficient" for my use case now.​

Old HDB flat here (1998, 4-room, 106 sqm, with balcony). No LAN ports in the rooms.

Actually I was planning to keep using wireless in the bedrooms while keeping the small "home lab" setup in the living room FTP/ONT/TV Console area (mixed 2.5Gbps/10Gbps setup). After all, my 10G use case is only for speed test. And speedtest is also the only reason to upgrade to Singtel 5Gbps plan.

But my wife has volunteered to say she would help to lay Transparent Fibre cables to the bedrooms later this year, say in December. We will try one bedroom (near to the FTP area) and living room first before trying the main bedroom and the remaining bedroom.

 

[TanKianW]

Old HDB flat here (1998, 4-room, 106 sqm, with balcony). No LAN ports in the rooms.

Actually I was planning to keep using wireless in the bedrooms while keeping the small "home lab" setup in the FTP/ONT/TV Console area (mixed 2.5Gbps/10Gbps setup). After all, my 10G use case is only for speed test. And speedtest is also the only reason to upgrade to Singtel 5Gbps plan.

But my wife has volunteered to say she would help to lay Transparent Fibre cables to the bedrooms later this year, say in December. We will try one bedroom (near to the FTP area) and living room first before trying the main bedroom and the remaining bedroom.

I am planning for a simple fiber lay starting from the FTP to the store room (less than 5m) as a trial by end of the year. Which acts as a "supplementary" line to the existing Cat6A copper.

Will probably look for a new switch which compliments with the fiber lines. MikroTik CRS510 seemed like an affordable and a likely candidate for me.​

 

[Mach3.2]

https://www.ebay.com/itm/326228201857

This is about a $100 if anyone is looking for an X550-T2.

 

[Elijahonli]

hais disaster struck on national day ...

my m720q running pfsense had a hardware failure while I was staying at my partner's house. Had to cab back to home to troubleshoot. Luckly i had a spare an old tp-link router lying around so i was able to quickly restore internet connectivity.

After a few rounds of extensive troubleshooting, it seems like the motherboard is dead as I swapped another CPU and RAM into the m720q and it still would not post.

 

[Elijahonli]

ooo update:

after playing around with it more, seems like after resitting everything (CPU, RAM, HDD. NICs) kinda revived it? Somehow due to my weird hdmi kvm setup it wasnt able to display onto my monitor, however when going thru a USB capture, it displays ....

 

[hwzlite]

ooo update:

after playing around with it more, seems like after resitting everything (CPU, RAM, HDD. NICs) kinda revived it? Somehow due to my weird hdmi kvm setup it wasnt able to display onto my monitor, however when going thru a USB capture, it displays ....

Hmmm..... maybe can check any "crashed" hints from BIOS Event logs ?

 

[Elijahonli]

I am planning for a simple fiber lay starting from the FTP to the store room (less than 5m) as a trial by end of the year. Which acts as a "supplementary" line to the existing Cat6A copper.

Will probably look for a new switch which compliments with the fiber lines. MikroTik CRS510 seemed like an affordable and a likely candidate for me.​

Actually im curious how do you route your LAN/Fiber to your store room? I understand that normally only 1 RJ45 port goes from the DB box to the store room

 

[jackycar]

Now with all the 1gbps plans getting upgraded to 3gbps minimum by VQ and MR.. Time to upgrade the pfsense box to 10gbps.. I need to get those with 10gbps sfp ports right? Anyone got any recommendations? I'm using a China made pfsense box now that cost me $300+

 

[TanKianW]

Actually im curious how do you route your LAN/Fiber to your store room? I understand that normally only 1 RJ45 port goes from the DB box to the store room

Through this route I shared here earlier:

https://forums.hardwarezone.com.sg/...network-upgrade.6341518/page-5#post-152234208

 

[xiaofan]

Now with all the 1gbps plans getting upgraded to 3gbps minimum by VQ and MR.. Time to upgrade the pfsense box to 10gbps.. I need to get those with 10gbps sfp ports right? Anyone got any recommendations? I'm using a China made pfsense box now that cost me $300+

There are quite a few options mentioned here (Post #5 in the following thread).
https://forums.hardwarezone.com.sg/...port-switch-and-vq-xgs-pon-onu-stick.7047645/

Minisforum MS-01 is probably a good choice for you.
https://store.minisforum.com/products/minisforum-ms-01