Looking at timestamps of events on client devices, I can see that at 00:08 and 04:16 on the 9th Feb a large number of IoT devices lost connectivity. So, whatever happened, happened sometime after midnight but there is nothing on any logs near those times. All quiet and normal, and those sendto errors are almost 100% caused by me power cycling the ISP device. So, I'll wait and see if this repeats and then maybe disable the only hardware offloading setting not yet disabled.

@stephenw10 Thanks again. I just need it to install pfsense. I will be using a HDMI computer monitor. Then the webgui will take over.

@stephenw10 Thank you...that worked. [image: 1770652615230-e81450eb-1851-4a69-9496-5861e970441e-image.png]

Tentative confirmation. Got my hands on a WatchGuard Firebox M470, installed a Lanner NCS2-IGM806A expansion module into it (I had one laying around), repositioned the jumper, ran the OpenWrt routine, then installed pfSense... Bypasses on the NCS2-IGM806A are disabled. As a demonstration, bridged all eight ports on it into a single network, just to show that devices connected to the router via the expansion module can exchange data with each other and go on the Internet...

@stephenw10 said in Watchguard Firebox M400/M500: We should move this to the other thread I think it's a good idea. The expansion module recommendations I made are relevant to M470 / M570 / M670, but not to M400 / M500.

@stephenw10 Whoops! Should be Xeon E-2174G (4c/8t 3.8/4.7GHz)

@stephenw10 It could be a combination of a bad patch cable AND a faulty igc3 port on the 6100. After swapping cables and ports, igc0 sees the LAN and igc1 sees the ISP/WAN. However, switching the working cable from icg1 to igc3, no link is detected. @patient0 my WAN connection is pure DHCP. I'll open a ticket with Netgate. Thanks, Tim

@it_geek said in Package realtek-re-kmod198 for pfSense 2.8.0 (amd64): I do want to understand: when I do a PKG search in pfsense CE 2.7.2, I also see a realtek kmod driver for 1.98. That driver is not exactly the same one that you built and uploaded on Google drive, right? Would it be correct to say that the one on your Google drive is meant for pfsense CE 2.8 and up? if so, does this mean I just use the driver provided for in PKG search, or can I install the one from your Google drive, even though I am running on 2.7.2? Your analysis is correct. The driver build I provide in this thread in Google Drive is only needed for pfSense 2.8.0 and 2.8.1. For pfSense 2.7.2 the version of realtek-re-kmod is 1.98 as you mentioned, so it's the same version I'm building here. You can simply install the package from the repo for pfSense 2.7.2 just as you did. If you upgrade to pfSense 2.8.0 then the version in the repo is upgraded to 1.100+ which has the IPv6 checksum bug and why this older build is needed.

@Waqar.UK the X550 is supported well, yes.

It would need to include something additionally there. The NVM firmware is not part of the BIOS. It does look like there is a utility that will run in FreeBSD that can update it though.

Nice.

@stephenw10 - This is nice. Thank you very much. We will do the upgrade tonight.

@susamlicubuk The two rightmost pairs of ports have bypasses on them. You need to disable those bypasses. The steps below assume that you have BIOS in factory configuration. If you already made changes, adjust accordingly. Turn off the FW-7551. Set console speed on your computer to 9600 bps and connect your computer to the FW-7551 using its console port. Start the console software on your computer. Turn on the FW-7551. When you see the BIOS prompt asking you to hit Esc or Del, hit Tab. (This is a common occurrence when dealing with BIOS on the console; Tab tends to work best.) Next, enter the password (usually, it's either Kilimanjaro1 or Cheyenne1). This will get you into BIOS. In BIOS, go to Advanced. Under Advanced, select Watchdog mode and set it to Disabled. Next, still under Advanced, select Generation 2 LAN Bypass Configuration. On the screen that appears next, set LAN3-4 Runtime Bypass and LAN5-6 Runtime Bypass to Disabled. As to the two matching System Off Bypass options, you can leave them enabled (so when the device is off, data will pass through it, as if it were a mere keystone) or disable them (so when the device is off, there will be no data traffic through it). Next (optionally), hit Esc to return to Advanced and select Serial Port Console Redirection. On the screen that follows, select Console Redirection Settings. On the screen that follows, select Bits per second and set it to your desired value (since pfSense operates at 115200 bps by default, it makes sense to set BIOS to the same data transfer rate). Hit Esc two or three times to return to the main menu. Then, navigate to Save & Exit and choose Save Changes and Exit. This should do it.

@joy786 said in High latency to gateway and ISP when multiple switches are connected – possible pfSense overload?: What’s strange is that everything becomes stable as soon as I disconnect any one of my access switches. It doesn’t matter which switch I unplug — the problem immediately disappears. Current behavior Ping to pfSense gateway becomes unstable and increases significantly Ping to public IP / first ISP hop also increases pfSense CPU usage goes high during the issue As soon as one switch is disconnected: CPU drops Ping stabilizes This sounds like you are introducing then removing a Layer 2 loop.

A x4 PCIe 3.0 slot will pass 32Gbps. That shouldn't be a restriction.

The module is present in the public 26.03 snapshot. Do you have the loader line present to load it at boot?

Hmm, interesting. That seems fixable.....

Sent. Let us know how that goes.

@sr-it Sometimes you need to update the NVM firmware. I flashed my cards, and I’ve had zero problems since. Google it — the first link should be a “*Sense” forum post; read it carefully to see exactly what needs to be done to update the firmware.