@Unoptanio Its a big Machine

@robsonvitorm First off, to be hyper specific, for my tests HW is a Lenovo m720q with a AJ??929 x8 Riser Adapter and an HP/HPE 331T (Broadcom 5719 4 port) pfSense on Bare Metal = All 4 Ports work as expected, no PHY error on boot. pfSense on ProxMox VE 8.1 (Debian based OS) = All 4 ports work as expected, Intel_IOMMU enabled in Grub pfSense on Ubuntu 22.04 LTS (Debian based OS) = Only bge0 works, bge1 fails to init. Intel_IOMMU and MSR enabled in Grub Intel_IOMMU: Edit /etc/default/grub Append GRUB_CMDLINE_LINUX_DEFAULT with additional "intel_iommu=on" at the end. MSRs: Edit /etc/default/grub Append GRUB_CMDLINE_LINUX_DEFAULT with additional "kvm.ignore_msrs=1" at the end. After either change: sudo grub-mkconfig -o /boot/grub/grub.cfg On the Ubuntu Host, I also blacklisted the bge drivers so the Bare Metal Ubuntu did not load them and attach to the NIC Ports: EDIT/Create: /etc/modprobe.d/vfio.conf blacklist tg3 options vfio-pci ids=14e4:1657 # Prevent Broadcom bg3 driver from loading in Bare Metal OS - keep card ports free for VM passthrough Then push changes to initram: sudo update-initramfs -u This step did not seem to be needed with Proxmox. These mods to the OS came from a thread I found on GPU passthrough, which I adapted for NIC passthrough: https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu (Though I just noticed that I did not do Step 14, so will have to swap that drive back in and see if it makes any difference) -Casper

I mean....anything is possible. That's intended to be a Plus feature though so it's not something I can help you with.

I have a buddy who used to write Linux drivers for a big company, though not sure how much he knows about BSD. I might hit him up in a few days if I can't figure it out. If pfSense somehow supported Docker/Podman this would be a non issue, but since it's BSD kernel I don't see that happening.

Always good to details efforts in an edge case. Someone else will be trying this.

Yes: https://github.com/pfsense/FreeBSD-src/blob/RELENG_2_7_2/sys/dev/igc/igc_hw.h#L26 Steve

I was also looking at trying on that hardware the other week, but I could not find any information on the hardware other than the CPU. I have taken the smaller Sophos units to bits in the past and it seems the hardware changes quite dramatically between hardware releases. Any chances of some photos as you go? Thanks

@Evan-0 said in SK110C6L - 1 LAN not working: the others work fine even if I have 'no carrier' on the igb5 port. That's very odd. Hard to see how that could work and also report no carrier. So you just connected directly to each port from a laptop? If the issue was the bypass relays I'd expect them to always work in pairs. So with the relays inactive ports 4 and 5 would be joined together and not linked to the internal NICs igb4 and igb5. Did you see that when setting them with the jumpers?

I'd first try swapping the NIC assignments to be sure the port on the NIC is good. Then I would try setting it to 1G fixed link speed and see if it comes up as that. This 'feels' like a link negotiation problem. That NIC might support N-baseT so you could try linking it to one of the 2.5G ports. Steve

Yup they should work fine for that.

Only one config index then. So the choices here are either try to make some permanent config change in another OS. Or try to modeswitch the modem into some other mode we can control. idVendor = 0x12d1 idProduct = 0x155e is probably a known device so I'd check the usb_modeswitch forums first for reports of success. Or any reports of that device here under a different name.

@GabrieleMax said in IBM System x3550 M2: @stephenw10 Tomorrow when I'll come to the office I'll remove two of the fours disks and I'll re-install PfSense in ZFS mode, I prefer to remove the hardware which I don't need to take care them in a drawer! Let’s put my 5c on this: x3550 M2 are old, but sufficient machine for pfSense, especially You give them 2 x Xeon X5690 (same stepping and version! + GREAT thermal grease!) and 24Gb of 1.333 ECC RAM (Hynix, Micron, Nanya…) AND switch OFF ALL unused hardware (except DVD/CD) and COM port sharing/redirects; not forgot to FW update ALL (IMM -> uEFI -> DSA -> RAID -> backplane -> HDD -> onboard NIC) from IBM Support web System x3550 M2, 7978 FW UPDATE ARE IMPORTANT! And better to replace HDD on SSD (better to set 2 in mirror as system and other 2 in mirror as for system logs exclusively). And this hoarse able to grinding 5Gb traffic with Suricata/Snort + bunch of FW rules, VPNs and shapers… ;) You may sure that this x3550 m2 working for You next 5-8+ years. (Just buy 1 x EXTRA PSU (power supply unit) for hot-spare change if one of old would die because capacitors die.)

I assume you mean 6100? Yes Squid and Squidguard will very likely be deprecated at some point and that's what you would use for actual content filtering. You can use DNS based filtering though, so domain filtering. Steve

Unplug it then plug it back in then check the new system log entries. It has to be one of the cuaUx entries though. The upper case U indicates a USB connected com port.

Yup good option. Would confirm the hardware can be reached and where.

No, it's a very different kit for the 4200. It's much larger than the 1100.

Yup, looks like it just groups them together as a gen4 devices.

Looks like you can add a usbquirk to make it start in ppp mode: https://forum.netgate.com/topic/97997/mf823-lte-usb-ethernet-modem-not-appearing-as-ue0

@stephenw10 said in Hardware requirements for 10Gb/s WAN: You mean an X710? Or maybe an X520? An intel X710, that is. Apologies for the confusion. In Europe, ISPs are obliged to allow their customers to use their own ‘modem’, but most of them drop support as soon as customers do. So I’ve put the cheap ISP ‘modem’ on the front line, and that is capped at the same speed. As soon as that’s running at the speed I paid for, I will connect my pfSense box straight to my own ONT, and post some speed results here.

Nice.