pfSense 2016 update

This post follows on from my post detailing my Mini-ITX pfSense build 7 months ago.

My pfSense box is still working great! 7 months in I thought it would be a good idea to address a few issues.

Reddit commenters rightly pointed out some of the disadvantages of my build. In particular that I am using Realtek NICs, I chose a consumer motherboard (not a server motherboard) and the parts I chose were too expensive.

Realtek NICs

I can’t comment on whether Realtek NICs are really a problem or not, I don’t know enough about it. But I do know that I haven’t seen any issues that are directly attributable to the NICs.

Consumer motherboard

I made it quite clear why I chose consumer-grade parts:

I tend to re-use and recycle computer components for up to 10 years after I purchase them, often donating them to friends and colleagues to help fix or run their own machines. I might want to run pfSense today, but in a few years time who knows what the hardware might be used for?

Too expensive

Reddit broke down my costs & compared to a $549 dedicated device. Firstly, I made it clear why I dismissed a dedicated device:

They’re super-inflexible; they’re only ever going to be good for running pfSense or similar.

As I said above, I re-use and recycle computer components. Additionally the estimated costs of my build were wildly inaccurate. My total order including delivery and tax was £200, half the price of the suggested dedicated device.

What next?

I've made no changes to the machine since I bought it. I have had a weird issue with it though. Once every 2 months or so it will seem to freeze, however after hard-rebooting there is nothing in the logs.

Despite not being able to attribute the freeze to the Realtek NICs, I am upgrading them to a second-hand (£30, which is a steal) Intel quad gigabit PCI-E adapter. I'm doing this for two reasons: Maybe it is the cause of my freezes, and I want a third Ethernet port.

I have Fibre-to-the-premises (FTTP) and the nature of my service means that I also have an inactive ADSL service on my phone line. I can't use both at the same time but I can switch between them. I'd like to experiment with automatic failover when my FTTP connection fails (very rare, but it does happen) by using a third NIC to initiate a dial-on-demand connection to my ADSL. It might not work, but if it doesn't I'll still have gained some reliable Intel NICs.

I'll post an update on how I get on.