Then you should also try the alternative Realtek driver:
https://forum.netgate.com/topic/135850/official-realtek-driver-binary-1-95-for-2-4-4-release

Steve

@chpalmer DW has a 30day demo, not sure what 'consumer' cams it supports (i now have Dahua from hikvision)

That link would be for a FreeBSD image that runs on the TP-Link instread of OpenWRT. You probably don't want to do that!

I would not expect any interaction between the com lines there. There should not be any output on com2 when pfSense is booting. It's never been an issue on that device with the build in switch for example.

I would be very surprised in that header marked 'UART1' is actually connected directly to the eeprom. It's probably connected to the SuperIO chip. Accessing the eeprom would be via an SPI header almost certainly.
I have no way to know that for certain of course! 😉

Edit: Looking again at the photo what's on that 2 pin header just next to the UART1 label? Also it looks like there is something shown as 'SPI1' which I would expect to be for accessing the eeprom.

Steve

I purchased a Shuttle DS68U with a 3855U a year or so ago as a discontinued closeout for $168. I added some spare ram and a ssd. It works great for my needs.

Just for fun, I'm thinking about building a router on a stick, but only because I have the spare parts around the house. It's older stuff but still useful and has lowish power consumption. This one is a Dell 3020M with an I5-4590T. Overpowered for use as a home router, but just sitting in the closet. The electricity will add about 50 cents to $1 or so a month.

I'm also considering re purposing an old laptop pc when I replace it in a few months, also just for fun. It's a dell e7240 I bought used for $150 a while ago. It has an i5 low electrical draw cpu, about the same power consumption as the Shuttle DS68U, but 2x as powerful according to the Passmark. It would also be a router on a stick. I'm curious to see if I can turn a random scrap laptop PC into a reliable high powered firewall.

The point: Shuttle is A-OK in my book. On the other hand, if you're only buying for home use, then the newest and best is not necessarily needed. The router doesn't care. The total cost outflow is important, too.

@NAStyBox said in Can't find Kernel Configuration File - v2.4.4-p3:

Mellanox-2

I have use such a card in 2.4.4p3. I just copied the module from a FreeBSD 11.2 ISO. Worked OK, mostly. It's an odd device anyway though.

Steve

To complete the thread:

I went with the ASUS H110T motherboard and an Intel I5-7500T.

I used the existing enclosure and power adapter. All is back to working well.

Thanks everyone.

Thanks for coming back and clearing that up. ☺

Steve

it is connected to a DKT-COMEGA 79741 Fiber gateway. I could connect re2 to another device and see whether it behaves the same way.

I connected re2 to my laptop; there was no problem changing the interface properties (mtu, autoselect).
The laptop uses the e1000e driver for its Intel NIC. The only difference I could see is in the output of ifconfig: in re0, it is

media: Ethernet autoselect (1000baseT <full-duplex>)

and in re2, it is

media: Ethernet autoselect (1000baseT <full-duplex,master>)

Anyway, I don't think I'll need to touch the interface configuration often enough for this behaviour to be a real problem.

Roman

@stephenw10 said in How to configure RNDIS on E3372:

I'm not aware of anything.

62Mbps is pretty good though. Kills my 42Mbps theory!

If you need to use LTE by far the best solution is an Ethernet terminating external modem like:
https://www.netgear.com/home/products/mobile-broadband/lte-modems/LB1120.aspx

Steve

New record on ppp ~74 MBps (better BTS ?):
https://www.speedtest.net/result/8498127448

Best Regards,
Robert

Just updating this, I upgraded to v4.10.0.0 on the APU1 as sold by Netgate. No problems thus far with the Coreboot code.

BUT! I updated using flashrom directly from pfSense 2.5 and it did not go smoothly:

[2.5.0-DEVELOPMENT][root@apu.stevew.lan]/root: flashrom -p internal -c MX25L1605A/MX25L1606E/MX25L1608E -w apu1_v4.10.0.0.rom flashrom v1.0 on FreeBSD 12.0-RELEASE-p8 (amd64) flashrom is free software, get the source code at https://flashrom.org Using clock_gettime for delay loops (clk_id: 4, resolution: 70ns). coreboot table found at 0xdfd79000. Found chipset "AMD SB7x0/SB8x0/SB9x0". Enabling flash write... OK. Found Macronix flash chip "MX25L1605A/MX25L1606E/MX25L1608E" (2048 kB, SPI) mapped at physical address 0x00000000ffe00000. Reading old flash chip contents... done. Erasing and writing flash chip... AMD SPI FIFO pointer corruption! Pointer is 0, wanted 2 Something else is accessing the flash chip and causes random corruption. Please stop all applications and drivers and IPMI which access the flash chip. RDSR failed! AMD SPI FIFO pointer corruption! Pointer is 1, wanted 0 Something else is accessing the flash chip and causes random corruption. Please stop all applications and drivers and IPMI which access the flash chip. spi_nbyte_program failed during command execution at address 0x1eb9 Reading current flash chip contents... AMD SPI FIFO pointer corruption! Pointer is 1, wanted 3 Something else is accessing the flash chip and causes random corruption. Please stop all applications and drivers and IPMI which access the flash chip. Can't read anymore! Aborting. FAILED! Uh oh. Erase/write failed. Checking if anything has changed. Reading current flash chip contents... done. Apparently at least some data has changed. Your flash chip is in an unknown state. Get help on IRC at chat.freenode.net (channel #flashrom) or mail flashrom@flashrom.org with the subject "FAILED: <your board name>"! ------------------------------------------------------------------------------- DO NOT REBOOT OR POWEROFF!

Ultimately I was able to recover by reflashing my backup image after several attempts.

I did manage to update using flashrom from single user mode, that seemed to go through no problem.

I would not recommend updating Coreboot from a 2.5 snapshot at this time.

Steve

Yup, there's not much can be done here. You might have some driver tweaks available depending on what chip/driver it actually is.
Some people report successfully running USB NICs. You might just try a different USB device.

Steve

Yup, using something that provides Ethernet connectivity is best.
A ppp connection works well if you don't need the bandwidth. I see ~40Mbps over ppp here.

Steve

Remove that file from rc.d, reboot and run that at the command line. What is the output?

Does the usbconfig output change when you run it?

What is logged in the system log.

That cfg file should not be in /usr/local/sbin. It would be better /root or somewhere else that will not get overwritten at update.

Steve

@tman222 said in Actual status Mellanox® ConnectX-3 support:

Chelsio

Hello,

I know that people are very positive about Chelsio cards, but I think it are all cards of an older generation. At least here in Europe I have never seen that shops where offering new Chelsio cards.

However it is true that you can buy them for cheap on ebay (from the USA).

However, I think I am better off with a modern card. As far as I know now:

significant smaller (I am using small mini-ITX-systems, for my FreeNAS ans pFSense); far less heat; (important for multiple reasons: safes energy and is easier to keep cool & quiet !!) pcie3 (at the very least pcie2) more processor off-load (10gbit, smb, iSCSI) Using modern Pentium models, not so powerfull right now. actual and future support

Thinking that way, and as far as I am aware now, realistically seen, there are only two suppliers: Intel (sfp+ x520, x710 or utp x550) and Mellanox (sfp+ connect3). More choices would be great 😊

Intel is OK of course, but is not cheap and they are hardly sold second hand. All recent models are in fact not cheap. And “from the outside” connectX3 seems to have the best price performance, but is it true ….. ?

Do they have the same performance? Do they work "out of the box" And if they are installed, are they working without problems

Louis

Alright, more digging has been done.
Setting the mtu to 9000 gets me 9.90 Gbits/sec. Of course jumbo frames should make a different but sincerely not that much expected.

So, I went on with my investigation and created two vms on same server, installed pfsense with the configs from the troublesome ones. Using virtio for net, initially I was getting pretty much the same however enabling tso and lro on vtnet0 which was the "carp" interface pushed to 28 GB/s WITHOUT jumbo frames (because they are on the same machine, local software bridge)
However, this introduced new issues such as iperf3: error - unable to write to stream socket: Permission denied, which I am sure is some default limitations that need tweaking.

Hmm, well in that scenario you are moving everything twice across your WAN so it will be limited by the slowest speed but you said it's nominally 1Gbps up and down? Also it's only encrypting in one of those directions.....

File copy may not be a good test depending on how it's done. SMB is notoriously bad over any sort of latency for example.
An iperf test would be much better.

Still seems really very low though. Check the output of top -aSH when testing. Do you see one core at 100%?

Steve

Thank you,

200mbit ++ shall be more then enoufh for me.

Wow. Fun.

Ok, thank you for your fast answer.

Mike