@aidanic here's a photo of my whole rack, all I can find at the moment. If you zoom in you can see the HSF sticking out like a supercharger through the hood of an old musclecar. This is before I swapped from the Supermicro HSF screamer fan to Noctua, and removed the tape blocking part of the airflow in the front.

CPU and case fans are all controlled by the motherboard, you can log into the IPMI interface and configure fan control for good cooling with low noise.
IMG_20200127_074941.jpg

@freska99

I was wondering if you ever got this running on your 1050?

I trying to to the same and tying to understand the steps you took.

I was able to use a USB thumb drive and install PfSense 2.5.1 on a an internal HD but none of my interfaces work including em4 and em5 which should be the Primary and Aux interfaces.

@stephenw10

Hi

Thank you for your reply. The device wasn’t locked, I think NAT was a part of the problem. I searched all the information about this 4G USB modems I could, I found a discussion where someone had all kinds of trouble and needed a whole lot of modifications to make it work in exactly the same situation, with exactly the same modem.

I ended up ditching the whole modem and found a Cheap Huawei E5186 LTE 4G router. Things still weren’t as straight forward as I hoped but in the end I managed to get it working. I am positively surprised, most of the time I get 95-120Mbps and during the worst times, still 70mbps download. It’s really stable too, with those USB dongles I had regular problems, the stick overheated, it became too hot to touch on a weekly basis and needed time to cool down. Connection got dropped regularly and the logs showed unspecified errors. I am so happy with the current setup.

NAT is something I still have trouble understanding, could you explain about it a little more? The 4G router has a setting for NAT, the choices are Cone and Symmetric, does it matter which one I use? All the information I found, said you should create a Do not NAT firewall rule for outbound NAT On your firewall. I got Pfsense working when selecting “Automatic outbound NAT rule generation” and it shows two rules are generated. I couldn’t get any other firewall software to work and few of those had incredible complicated NAT sections. If I want to try other firewall softwares too, should they work if I just create the same rules as the Pfsense automatic ones? When I tried them, I created the do not NAT rule as I was advised, but it didn’t help, I still had the same problem, none of the devices on my LAN could not get to the internet.

None of that is directly related. I just meant there was an active effort to make that work and I'm sure there would have been debugging done at the time. I might be useful to reference that.

Steve

Smooth update to pfSense 2.5.1 CE

@tenou said in Nexcom LCM with LCDproc:

@stephenw10 it's been a long time, but you were totally right! The display works flawlessly using the "Watchguard Firebox with SDEC" driver with default settings.

NSA5130-OS1.png

BTW if people are tempted to connect their pfSense box to the iPhone with Wi-Fi to use the hotspot, the SSID won't be visible in pfSense if your phone is named with the traditional Fred's iPhone, I just spent a few hours trying to get it to work.

If you take out any spaces and apostrophes you can then see the SSID 😠

How to spot a fake card:

https://forums.servethehome.com/index.php?threads/comparison-intel-i350-t4-genuine-vs-fake.6917/

Unfortunately still no MBIM or QMI support for directly connected modems so an external Ethernet connected device is the generally the best choice.

Steve

I can't access that. There is specific data about that board?

@spolverino I've also started (but time was a constraint) some reverse engineering of the CP's LCD drivers, you'll find some information there:

https://git.nox-rhea.org/globals/reverse-engineering/ezio-g500

@vamike my bad. Forehead slap, forgot all about that.

Still no idea why IPv6 dhcp client is not picking up an address with the exact same configuration that worked with igb0...

@foolish86 with some modify now go 300mbit. not bad, but still missing more 500mbit

Looks like you have a static ARP entry set which is pretty much never required.

You see that error though because it cannot allocate memory in the ARP table for an IP in a subnet the firewall doesn't have an interface in. Which is probably because the re NIC has gone AWOL.

Installing the pkg is not enough. You still need the loader line to load it at boot:
See: https://forum.netgate.com/post/962889

Steve

Related FreeBSD Forum Thread: https://forums.freebsd.org/threads/i219-lm-network-card-port-speed-problem.79679/

@finger79 I would just like to say a huge Thanks for this thread - I have just gone from zero to hero on the same motherboard (X10SLM-F) but only thanks to your meticulous documentation of Supermicro conversation. There is no way I would have noticed the Recovery mode -- this has saved me probably days or weeks of head scratching.

There seems to be some problem with 2.5 (FreeBSD 12) on those boxes but you should still see something boot. And then fail.
When I installed mine I used the internal VGA header to access to BIOS and force it to boot the installer but I believe it should be possible to boot the install image from CF.
See: https://forum.netgate.com/post/969046

What image exactly are you using?

You should continue this there or in the XTM800/1500 thread.

Steve

@stephenw10 probably, I'm not super knowledgeable on how this stuff works in the back end. It does make sense that its a driver limitation, or maybe bug? Either way its nice that autoselect works as it should. Can't wait to get my other cards in and top out my provisioned speed. I can see when running a speed test it maxes out my 1Gbe nic in my desktop 😂

Doesn't looks like that supports FreeBSD at all. No drivers. For example:
https://forum.netgate.com/topic/144274/pfsense-with-cisco-c200-m2-and-cisco-n2xx-acpci01-10gbe

Steve

Small update. Bought 5019C-FL, installed xcp-ng, and pfsense. Having pfBlockerNg, nordvpn for some vlans and VPN server. Everything runs as expected. I'm overexcited with pfSense after dd-wrt:)

@nan0tech said in Confusion on driver for Nic:

Is there a way to force this card to load with the EM driver?

Nope.

But from your description of the problem I'm not sure it's a driver issue at all. Is it actually dropping the link or just dpinger restarting?

Steve

@stephenw10 it stops responding when manually disconnecting.

When I'm trying to send commands to the device it looks like the tty is frozen (impossible to type anything). I suppose the MPD script has the same issue thus throwing « CHAT: The modem is not responding to "AT" at ModemCmd: label. ».

If I'm power cycling the device it then appears as a new device (I suppose because the /dev/cuaU0.2 is still being used / locked).

Hence why I'm powering off the device before "cleaning" PPP and power it back on 3 seconds after ppp-linkdown is terminated. This makes sure the port is free and available for a new PPP session. But it really looks slapdash.

@stephenw10 yeah, it seems really related to the cable. If I use a USB-serial adapter with a serial-console cable it works as expected :-)

Ah, nice result. Interesting. I guess you are hitting something that requires flow-control to mitigate which is unusual.

Steve

@stoltzy said in Shuttle DH110 slow network issues:

https://www.reddit.com/r/PFSENSE/comments/mc8x8a/poor_speeds_in_shuttle_dh110/

BIOS update? Interesting.

@stephenw10

So after my original post, I was doing some more digging around and I discovered exactly what you just posted.

I was initially working with the latest file set from Intel's website.

I added this line to e1000_hw.h

#define E1000_DEV_ID_PCH_TGP_I219_V14 0x15FA

This to the em_vendor_info_array[] in if_em.c

{ 0x80086, E1000_DEV_ID_PCH_TGP_I219_V4, PCI_ANY_ID, PCI_ANY_ID, 0}

And then I got e1000_api.c and I didn't know exactly what the mac type was. I assumed it would be considered a new one not listed yet, e1000_pch_tgp but I also didn't know what or if there were any additional functions that would be needed to incorporate the newer Tiger Point PCH architecture.

Luckily, I found Linux's driver set and compared it. Linux's driver set actually supports I-219 all the way to V19, it looks like.

Looking at Linux's driver set, I saw it actually listed V14 right below V11 which assigned it's mac type as e1000_pch_cnp.

e1000_pch_cnp is also in FreeBSD's e1000_api.c. So, I inserted it's case into there.

case E1000_DEV_ID_PCH_CMP_I219_V11: case E1000_DEV_ID_PCH_TGP_I219_V14: mac->type = e1000_pch_cnp;

And, then I guess I got a little carried away as during all this I was reading older forum posts from various places, trying to find out how to incorporate an unattached driver. And I thought I needed to recompile the kernel without if_em.ko and have it load as a separate file.

So, I did that and scp'd the new /boot/kernel over to my pfSense machine along with if_em.ko, adding the appropriate lines to the loader.conf.local, and it actually picked up em(0) for the I-219! But for some reason I lost all the igb's for my I350.

After that is when I discovered that configuration files in e1000 in pfSenses source modules folder were a bit different from Intel's files, even tho it says this file set is from version 7.7.8 which is the latest version.

I restarted and made clean installs of my pfSense machine and the virtual machine I was using to compile the file.

This time I modified the files in the /usr/src/sys/dev/e1000 folder, adding this line to if_em.c instead and the additional lines in the other two files.

PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_V14, "Intel(R) PRO/1000 Network Connection")

I ran a make on it from the sys/modules/em folder and scp'd the new if_em.ko to my pfSense machine /boot/modules (finding where the Makefile put the .ko was a pain in the butt), adding the appropriate lines to the loader.conf.local file.

if_em_load="YES" if_em_name="/boot/modules/if_em.ko"

Restarted and still nothing!

Tried to force load using kldload and it output that couldn't load as it was compiled from a different kernel or something.

I thought I was using the right virtual machine setup, installing FreeBSD 12.2-STABLE and cloning the devel-12 branch of the pfsense/FreeBSD-src to my virtual machine's /src folder. But I guess not.

This is the first time actually using a Unix OS and github.

I bet once I figure out how to get the appropriate virtual machine setup that compiling a new if_em.ko with those line additions above will get my I-219 working while keeping my igb's intact.

I found another post (https://hardforum.com/threads/pfsense-2-5-new-configurations-for-igb-performance.2008210/#post-1044942639) and made some additional changes (only to the tunables as I'm not confident and knowledgeable enough to modify the loader.conf) which seemed to improve throughput, which one of these did the trick I have no idea but on my 200/20 speed I was previously getting around 90/12 I'm now achieving around 150/16 but I know that my device has previously been capable of 180/19 so I'll keep playing until I can improve the speed further but I'd be very grateful for any additional ideas/changes/tweaks etc...

@nicholfd To be fair it is perception. I had to compile some code for DoH on a Pi and it ran more than 30 minutes. Same compile on a VM on a gen4 i7 took less than 5 minutes. In my experience Arm CPUs are a little weak in computational work. That is to be expected, the chips are meant to run phones and not use much power.
Your RPi build is interesting and may be good for most home users. I am interested in finding out how fast it can go.

@jwj Thank you!

Yeah I still own a temperature controlled soldering iron and know how to use it. I just don’t trust myself with most SMT stuff, too small for my old clumsy big hands.

I remember my first home hard drive, a 20MB MFM Seagate. It seemed huge! Before then my first “home computer” was a Sinclair ZX81, followed by a C=64, and several programmable HP calculators.

Talking of RS-232, I still have a breakout box. I need to look up if the Brocade uses the same RJ-45 pin out as Cisco et al.

Happy days those were!

A Cisco pin-out works with almost everything but occasionally you find something weird.
It should work with the supplied cable. Though it's always possible the supplied cable is itself is bad since they are probably untested, at least by the appliance manufacturer.

If your terminal setup works with other devices, especially the same type of device, that seems like a hardware issue.

Steve

@stephenw10
Yes that seemed to work.
Rebooted router and modem.
That worked.
Thanks For your help, will test for awhile and get back to you:)

That's normally some BIOS setting or an ACPI error.

I could imagine a signage device being configured so you cannot shut it down.

Steve

It is working now, thanks. See the link I posted about my switch not passing packets...

I need multiple VLANS on LAN and WAN interface, but it is working fine now.

@nollipfsense yeah I thought about using a KVM I think I have one around here somewhere, only problem is the wiring closet is about 15m from my desk and I ‘m a bit short on space on my desk anyway.

On a related subject how much throughput do you get on the Mac Mini?

@networkingmicrobe I have the same problem with the built-in RTL8168. In Windows driver, there's an option "Gigabit lite" that is to set to ON by default which reduces its speed to half. I suspect that might be be the default settting on the NIC. Not sure if there's an option to turn it OFF in pfSense.