2.7. Ethernet Cards

SmallWall supports most any Ethernet card (NIC). However some are more reliable, less troublesome, and faster than others. In general, you'll find the opinion of the SmallWall community to be that cheap chipsets, such as Realtek chipsets, are more troublesome and slower than quality NIC's like Intel no matter what software and OS you are running. It is especially important to run quality NIC's if you are running a high traffic firewall. The cheaper ones will flood your system with interrupts when under load. Because interrupts can take up substantial amounts of CPU time and the first system bottleneck on a firewall is typically CPU, good quality NIC's are extremely important in higher throughput environments.

Also, support for Jumbo Frames and Vlan tagging can be significantly reduced in cheaper cards. It is not fun to find out after hours of troubleshooting that your enitre problem was a cheap nic that would not do jumbo frames over an MTU of 6000 when everything else was running at 9000.

I would personally recommend Intel NIC's over any others. The Intel PRO/100 and PRO/1000 cards are easy to find, and if you have to buy some, they're cheap. You could outfit your firewall with three interfaces for less than $25 USD on eBay.

2.7.1. Supported Cards

We recommend just trying whatever Ethernet cards you already have without bothering with the compatibility list since it includes virtually every NIC. One notable exception is some newer gigabit cards. For this reason, we suggest checking the list below for gigabit cards, or just get Intel Pro/1000 cards which are well supported.

If you have any question on what cards are compatible, refer to the FreeBSD 4.11-RELEASE Hardware Notes for a list of supported Ethernet cards.

2.7.2. ISA Network Cards

While a large number of ISA Ethernet cards are supported, we recommend you stay away from them if possible. They can be very time consuming and difficult to get working properly. The cost of a few PCI network cards is, in my opinion, well worth the headaches it will prevent. The only time you should use ISA NIC's is when you don't have any or enough PCI slots.

If you have ISA cards that you'd like to try, by all means give them a shot. It might work out of the box, especially if you only have one ISA card along with some PCI cards. But if you experience problems getting them to work, you've been warned!

If you need to get an ISA card working, you'll probably need to change some things. First, most ISA NIC's, including the common 3Com ISA cards, have a "plug and play" mode on the card that is selected by default. FreeBSD doesn't always play nicely with devices that are set to plug and play. In the case of the 3Com cards, 3Com has a DOS utility on their support site that you will have to run in DOS to set up the resources on all of the cards manually. Check your network card manufacturer's support site for information on disabling any plug and play settings on ISA cards. This is typically jumpers on the card or a firmware utility.

Another thing you may have to do is to change some settings in the system BIOS. For example you may need to set the IRQ used by the NIC to ISA/PnP.