Yes definitely use the add-in card for management. A cheap Intel or Realtek one will do the job. If that card goes down though you lose connectivity to the host as you won't be using Failover etc etc. Just a heads up for ya.
Each PCI slot is treated separately, yes.
You can certainly pass through the on-board SATA controller however I'm pretty certain that it can only be to 1 Virtual Machine and not shared between 2 or 3 etc etc.... your best bet is to have a look into RDM (Raw Device Mapping).
My suggestions to you -
1. Run ESXi from a USB stick
2. Use Add-in NIC for Management (This NIC will also supply network connectivity to your 2 Gentoo VM's as you will have passed through the other ports to an individual VM)
3. Pass through on-board Dual NIC to pfSense VM
4. Use RDM for HDD's. After all, you're gona need a datastore for the VM's and if you pass through the controller to a single VM, you have no ports for your datastore.
Karl
EDIT: Check this link - I've read it a few times before and its very informative.