I just came to the same conclusion. You are correct!

gop set 1

in /boot/loader.conf.local solved my problem!

Was it blocked UDP packets?

Did you see some Cores pegged at 100% during that time?

What is the crash you see with LRO enabled? We usually recommend leaving that disabled though for just this reason, it can be unstable.

Steve

Ah, nice. So something there is set to fixed speed/duplex and was causing pfSense to fall back to it's default connection type.

It would be better to have everything set to autoselect but some ISP still seem to insist on using fixed.

Steve

Hi @robi,

I appreciate your work on this as I own an HP t5730 on which I would like to install pfsense. Since your last post, the older versions prior to 2.4 have been removed from the pfsense download site.

So, I am unclear whether there is a way to directly install the current nanoBSD version on the HP t5730 or if there is a workaround (finding an old version of pfsense elsewhere and then upgrading in accord with the instructions you have provided, installing a current version to a computer, modifying it to fit on the HP 1 GB flash and "dding" it to a USB drive and then installing that, or...).

Thanks in advance for advice.

stevesr0

@dlucas46 said in Wrong readings on CPU temperature (Atom D525):

@aweidner

You could correct the issue but it would require you to rebuild the coretemp kernel module.
I had to do a similar thing when I replaced the CPU in my Watchguard with a xeon.

The coretemp module code is very basic and if your CPU has the same ID as another model the wrong tjmax value gets set. If you change the code you can compile the module and load it at boot to override the coretemp module from the kernel.

You will then have the correct temps reported.

That would be too much of an effort for me as this box is just a stand in, before i can buy something new. It is at least eight years old and was pulled from the shelf because i needed a quick solution.
Also my programming skills are virtually non existent ☺

@grimson That is a good point. The main reason I'm asking now is the potential addition of the 10G switch in the near future. I'm trying to figure out if it will be solely an isolated storage switch or it I want to route it. I only have one pcie slot in my router. So, if I add a SFP+ card, I would like to get one that has the greatest chance of also working with a fiber WAN.

There is a method to artificially disable the AES-NI detection of openssl by setting OPENSSL_ia32cap="~0x200000200000000" to disable AES-NI usage for testing.

## Automatic AES-NI detection $ openssl speed -elapsed -evp aes-128-cbc ## Disable AES-NI detection $ OPENSSL_ia32cap="~0x200000200000000" openssl speed -elapsed -evp aes-128-cbc

You could pass 300Mbps with a Pentium4 so you will have zero issues doing it with a Haswell i5.

Somethings are still single threaded and hence single core speed matters for them. OpenVPN or Snort for example. But I would expect that CPU to do either of those things at 300Mbps just fine.

Steve

The 4.5mins does seem suspiciously like that watchdog reference but I would still expect to see output during that point.

No output at all on the VGA port even after resetting the CMOS doesn't look good to be honest. This is a C2000 SoC with everything that implies.

Connecting to the serial port usually requires a USB to serial adapter and a null-modem cable. But you can get adapters that are both those things combined.
https://www.netgate.com/docs/pfsense/hardware/connecting-to-the-serial-console.html

Steve

Thanks Steve, Very good point on being on the same subnet. I have another think how to divide things up, I also have several low speed Wifi IOT devices which be better not on the subnet as he PC's. It's always the same with home networks and computers - pick one only Speed, power consumption, future proof. I think the Asus H110T is good board but not expandable, A board with more network ports or a PCIe slot would be better longer term. Thanks for point things out that I didn't think of ! 😄

Wow, nice. 😉

I'll try to avoid that I think! Glad to see you found a solution though.

Steve

Thanks again!
In the meantime, the problem resolved itself, but it's important to know stuff like that can happen :)

How about a used Dell Optiplex 9020 SFF ?

https://www.ebay.com.au/itm/Dell-OptiPlex-9020-SFF-Core-i7-4770-3-4GHz-8GB-Ram-128GB-SSD-Win-10-P/253373075009?hash=item3afe364e41:g:1-UAAOSwlAZaT41m

4 core i7 (up fo 3.9 GHZ) with , 8GB RAM + 120GB SSD, plus a Win10 license for 350$AU

Add a chinese knock-off i350-T4 network card for 60$AU.

The i5 version is available for only 270$...

I run the i7 version with ESXi and 16GB RAM. It handles a 50/20 NBN connection withoit breaking a sweat... I have tried OVPN and could achieve 45Mbit/sec during the day.
At night times my provider or NBN starts dropping UDP packets and VPN throughput becomes unusable at 1.5 MBit/sec. Back to 45 again after 11pm.

Fix is:

This was due to vlans and switch config being erased. If you're restoring a configuration to this device, make sure to either backup the vlan's before restore from the factory image, or recreate them manually. Make sure on the restore you select the box about the switch config.

Sounds like either a bad power supply or some sort of power problem on the board.

Try a differenr 12V PSU if you have one. Not much you can do about a board fault. If you have any expansion cards on it you can try removing them to see if one of those is at fault.

Steve

That is certainly odd, I've not seen that here on anything. However it looks like just cosmetic issue.

You could open a bug report for it. We'd need to replicate it though and it doesn't look like you're doing anything unique which might make that difficult.

Steve

It will almost certainly run. I'd watch out for some obscure disk controller that severs of that type often have. It may not play well with FreeBSD.

Steve

@greg_e said in USB NIC on 2.4.4.p1 release?:

If I absolutely need to do something else, I'll put one of my old Cisco routers between the two networks and then use vlans to run through the firewall.

I'm not parsing that. It seems like you could just route between the VLANs in pfSense using a router on a stick setup.

But anyway getting hardware with real NICs is better.

Steve

@stephenw10
Did as you said, and it worked like a charm! Thanks again.

Hmm, interesting. I don't see anything indicating an ARP issue logged there.

I would take a packet capture on the WAN when it is down and see what is being sent and if anything at all is coming back.

One thing that may happen is if you set promiscuous mode in the pcap it comes back up. We have seen that happen before but I think only on ppp connections.

I assume you're running 2.4.4p2?

Since the issue is carried between OSes it seems likely a hardware issue. On which case I would check for power saving options that maybe enabled. There is a PCIe power saving setting that some BIOSes enable that can behave like this.

Steve