Yes, you will be able to import the config directly. The interfaces are all the same.

Steve

@SquareJ

looks like its defective port

seen it happen on different switches and firewalls

@stephenw10

Success!

For the record, I used the following to format the M.2 SSD/SCSCI:

trim /dev/ada0
gpart create -s GPT ada0
gpart show ada0

Per your guidance I modified the bootcmd env var in Marvell (adding "run scsiboot"):

setenv bootcmd 'run setLED; run mmcboot; run scsiboot; run usbboot; run net;'

I then ran "run usbboot" to kick off my inserted usb thumb drive to install the firmware onto the M.2.

I left my usb drive in after reboot & it picked up the config.xml & correctly reconfigured my firewall, per the documentation.

Thanks,
Paul

I'm pretty sure that Mikrotik platform will be using some hardware offloading to pass traffic without having to process each packet. You can see that by how much slower it is with only 25 IP filtering rules. I'm assuming the 'simple rules' that do not slow throughput are handled in the offloaded path but anything more complex cannot be. There are quite a few devices that behave like that. Big numbers until you try to do anything complex when throughput tanks. The 1100, like anything running pfSense, uses pf for all filtering. No hardware ACLs.

Steve

taps_fl001.png

You should check out the new hardware for sale.

The same image can be used across any similar devices. But the images for each device type you have are different. You will need 3 recovery images.

Steve

It could be a power surge. I've only ever seen it in person on a device with a cell modem fitted. So potentially that could be due to emissions from the modem or power draw to it. I've only ever seen it on one device here though.

FYI, opened up a ticket. Received instructions on how to reinstall firmware. Support is very fast and efficient.

Normally though if you spoof the MAC it appears as a separate line in the ifconfig output. It always reports the hardware MAC in addition. But, yes, certainly worth considering. If I could replicate this myself it would be a lot easier!

@buggz said in Netgate 4100 - Can you "bond" the two WAN ports?:

Bummer...

But you can load balance.
What that won't get you is a single stream download at 2Gbps, but it could get you two different connections going at 1Gbps each.

I had forgotten to download uart bridge drivers, thanks for your help

@rcoleman-netgate said in Upgrading an EOL Netgate SG-2440:

Adding a mSATA drive is recommended, but these systems also have a tendency to fail if they're older C2000 Atom CPUs so your mileage may vary long-term on the system's lifespan.

Yep. My SG2440 is actually a "red light RMA that was just barely under warranty", so it's sitting in the closet as a spare, but it's behind a 5100 in the rotation, with a 4100 in service.

@RobbieTT said in I got the Netgate 8200 in anticipation of ATT Fiber coming soon to my address:

@Phizix said in I got the Netgate 8200 in anticipation of ATT Fiber coming soon to my address:

@DefenderLLC,

Yikes! Don't look now but your Synology Box has been captured by a UFO!!! 😲

Phizix

The UFOs are attacking my switch:

IMG_2123.jpeg

🛸

Love your XG switch. I have four UniFi 6 Enterprise UFOs connected at 2.5Gb on my Enterprise 48! I'm out of town right now, so I can't do the AR thing, so here's an older one before I switched to pfBlockerNG!

b9f48195-57e0-4d6c-ace3-da0425f8aa05-image.png

d399e9b9-0cde-4c7c-bc80-0b32501e3736-image.png

@stephenw10 Yes

@stephenw10 THANK YOU! I am back up. I had 3 backups, removed 2 of them. Now I need to clean up the logs at 75%, but at least I have a running system.

@johnpoz - thank you for the suggestions of double NAT, tho I think it is not the optimal solution as I require wireless. Yes, the ISP router is very basic, but works out of the box with wifi 6 and I have a stable fast connection...If I didn't have to deal with MAP-E, I would put the ISP modem (yes, vdsl modem in 2023...) in bridge mode, hook up the netgate 2100 to it and use the ISP router as a simple access point for wifi.

I have a similar setup although my NAS is connected only to the UniFi side of the house. I have a 6100 MAX sitting in front of my UDM-SE in a dual NAT scenario. You might consider getting a UniFi aggregation switch which are only about $250 and give you 8 10Gb fiber ports.

My Netgate appliance is connecting to the UDM-SE via the WAN 10Gb port. Then the UDM connects to the UniFi aggregation switch with the other 10 gig connection. Then I have a 3-port link aggregation group from the Synology NAS to the aggregation switch (30Gb).

Mmm, logging the console output might be the only way to catch that.

Yup that^. Open a request and we can convert the config so it imports directly.

@stephenw10 said in Recommended NVM version for Netgate-supplied X710 NICs with 23.05.1:

The version I'm running, which has only ever been updated by the driver in pfSense, reports:

dev.ixl.0.fw_version: fw 7.0.50775 api 1.8 nvm 7.00 etid 8000521b oem 0.0.0

Ok, thank you @stephenw10,

I have been running NVM 7.30 for the past few years and given the number of improvements introduced to the driver with FreeBSD 14.0 in 23.x (most cherry-picked from the Intel driver) was curious if it might be time to upgrade the NVM.