@noenken thx for the advice.
how is the onboard Router capabilety of the vigor nic? haven't been able to check that.
Because that looks to be the only other way, i don't have any other hardware that i could dedicate for a pfsense.
Solution could be to just scrap the pfsense and use the vigor nic in router mode.
That would be an option but ... a bit meh. pfSense is all about the control and you won't get that with any standard router.
So far I don't see a difference between the PCIe vigor and the standalone performance wise.
I never used any of them in router mode though.
my router ain't that overkill yet but it is called cerberus ^^
Wow I realy like that machine, the if you go, go big aproach is lovely =) I am usually on the overkill side as well - e.g. no consumer stuff, but only enterprise gear for my humble home XD
I like the configuration as well. To add to the mix, here is the configuration of my router:
Supermicro SYS-5018A-FTN4 1U chassis
8 core Atom CPU
32GB ECC DDR3
256GB Samsung 850 Pro SSD - OS
512GB Samsung 850 Pro SSD - Web Cache
Running pfsense latest version with tons of features and caching over 400GB of internet content directly at the router. Love having the extra speed. Not to mention the multiple levels of defensive options.
Nice box! Webcache might be something in the future for me but right now I am fine.
I echo your comment above on overbuilding which is why this was put in. Previous testing box had a spindle drive and saw the impact and figured it was well worth the money to have the space and reliability. Bonus is that the Atom cpu and the 200W PSU sips power with its pinky up all classy-like while still moving packets like a beast!
That is like 10W TDP or so, right? And the PSU, what is the rating on it?
Here is the base chassis:
CPU is 20W TDP and PSU is 200W Gold. 4 intel NIC's & IPMI!!!! Love this router a lot!
Nice. On the CPU side, my Xeon is also just 25 watts. So, not much of a difference.
It seems that great minds do think alike
What packages are folks running in pfSense at this point?
Right now I am actually just running snort and pfblockerng. Have to look through what else is there.
Would be a nice new topic, wanna open that up?
Added the new topic to the forum.
bump.
Very clean overkill build! Have you added any new packages to the mix? How is it running?
Question @noenken:
How future-proof is that NIC in combination with the glacial speed of German broadband expansion?
I gather it supports 50Mbit VDSL, but what about 100?
Asking for a friend, because I can choose between 16Mbit ADSL or overbooked cable.
And how does that work? How does one make a pfsense box do DSL? 
Sorry for the OT but that made me lough good - and don't worry.. in the small alps republic our glaciers move faster than broadband is improved XD
Yeah, we are talking permafrost here my friend.
At this rate the PCB of that card will probably become dust before we get speeds exceeding the limitations of it. 100MBit/s is what I am currently running and that is all I can get in Hamburg, one of the major cities in one of the richest countries in Europe. It is pathetic. At least my upload is 40MBit/s now and not 10 like it was before....
The card should be fine for at least 300MBit/s.
Well, the computer doesn't know what that card is, it only sees a realtek NIC. So pfsense uses that NIC as it always does. You give it the login for PPPOE to connect to a modem. But that whole thing, the fake NIC and the modem, is physically on the same PCB. So on the back of the card is a port where you just plugin your connection from the wall. It is a great design to reduce clutter to be honest and I haven't seen another device like this anywhere else. But I'm not a networking guy, I bet there is lots of those. If not it might be something for a video, @wendell ?
Okay, that sounds good.
Regarding your video idea: I got the impression that the US is mainly on cable and due to the shared-medium nature of it you cannot use your own device as modem.
Basically the same situation we had until last year.
I’m running it with 150Mb/s at current and it can consume it without an issue. Pushing it up shouldn’t be bad. I’m using a number of packages to handle security and monitoring so this is insanely helpful. Users love the caching in squid and the lack of AD’s on sites now. I’m also considering tossing in a quad port Intel gigabit NIC in the PCI slot to get some extra options on network isolation.
This version of the gatekeeper was actually so overpowered that I turned it down a notch for my rack version.