What's new

pfSense No More Without Paid Version?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Horrible. I have 4x Netgate appliances and about 20x Apple devices. Time for new Apple thread perhaps? Done with Netgate?

LOL...

Not sure how much more we can beat up on Apple - but Netgate perhaps deserves a few more strokes...
 
Netgate perhaps deserves a few more strokes...

That being said - CE is good - it really is...

Official HW is also good - it's premium priced and there is the cost for Tech Support.

Just don't confuse the two products.
 
Netgate is a business, not a charity. Demo period is over. At least they kept the free version available. Most people don't even think about $1500 new phone. Netgate 6100 appliance is $800 and it's good for at least 4-5 years. Next time someone complains about hardware cost - look at your phone.

Too bad 6100 doesn't fit in a pocket and can't be easily shown to other people.
 
The people that don't even think about a $1,500 phone are the people that don't own one.

The end of 2023 is hitting hard for many, all over the world. $800 is not an insignificant amount.
 
What Netgate does for me allows frequent use of actual airports. No complaints here.
 
What is pfSense Plus giving you more than pfSense CE in this case? Instead of rebuilding your entire system just switch back to CE and done.
Nothing.
I just have a thing for companies that don't know what they are doing from day to day.
I'm not the one who pushed 'Upgrade for free today".
Plus, given this, how long for CE?

Naaah, not beholden to any particular hardware/software. @dave14305 has a good idea for my simple needs I think.
 
Hardware acceleration of what?
 
Right, when your hardware can process multi-Gigabit anyway.
 
NAT, PPPoE (we use it in my country), VLAN routing..

Qualcomm, Broadcom, MediaTek - they do have HW off-loads, and this is needed because of CPU and memory constraints... It's a good place to be for things like this, and it's recognition that the CPU cores don't have to be directly involved in the data paths, rather work in a control path view...

Most of these offloads actually happen in the switch element of the SoC, the cores tell the switch configure these flows in whatever manner they need to.

When you look at these x86/AMD64 appliances - there's enough CPU resources available that one can run everything into the OS's native networking stack...

BSD and Linux have fast paths for SW - as someone mentioned, netfliter has flow table acceleration that can be defined inside nftables - same applies for pf in BSD-Land.

NIC's also have some level of offload capability - Intel and Broadcom have a fair amount of capability here, both at the MAC layer, and also up into the network layer of the stack.

Intel has QAT, which is pretty impressive if you have a XeonD that supports it, and there's all the work with DPDK that Intel kicked over to the Linux foundation...

Back in 2018, post-cafeole (my science project) - working at a startup over in Santa Clara, we did a lot of work for 40Gb networking - and to get there, it was about the offloads available on QuickTransit and DPDK, along with some clever work to get L2TP tunnels at wire speed with AES-128-GCM...

Should also note that the Switch SoC's also have hw acceleration as well - one of the better documented implementation is Broadcom with their FastPath implementations.
 
Don't forget Cisco NetFlow's in large networks or Cisco layer 3 switches. It is along the same lines. Why limit it to a net stack?
 
When you look at these x86/AMD64 appliances - there's enough CPU resources available that one can run everything into the OS's native networking stack
Thank you @sfx2000 for the useful information!

My concern is mostly about PPPoE since in my country is used in all connections (even the FTTH Gigabit ones).
PPPoE is single threaded and can use only a fraction of the CPU resources.

So I am thinking if I should pay for the license of pfSense and stay with my Celeron CPU or buy a box from another vendor that has PPPoE hardware acceleration.

I guess it depends on my CPU if it can handle all the traffic using one core.
 
Thank you @sfx2000 for the useful information!

My concern is mostly about PPPoE since in my country is used in all connections (even the FTTH Gigabit ones).
PPPoE is single threaded and can use only a fraction of the CPU resources.

So I am thinking if I should pay for the license of pfSense and stay with my Celeron CPU or buy a box from another vendor that has PPPoE hardware acceleration.

I guess it depends on my CPU if it can handle all the traffic using one core.
I would think a high clock rate would be in order for single threaded PPPoE in a router. Something like the Intel i3 6100T gen 6 for low power draw which is what I use. I don't know if your motherboard will support this CPU or not. There are some i7 low power CPUs out there also that cost more if you need the extra power.

I am not sure they use multi-threaded for routing as it causes UDP packet sequencing errors which requires a complete retransmit of the UDP packet string.
 
First time see no more free meal? Sooner or later it happens to all popular products.

Naaah, I've seen it plenty. It's one of the reasons I'll not use this.
Unless I had bought one of their slightly overpriced hardware units, then I'd be happy to stay with the TACLite version as I'd have some faith in them not taking it away.
 
Similar threads
Thread starter Title Forum Replies Date
C Pfsense wins awards Routers 34

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top