Using an UPS to properly shut down and restart a pfSense SG-1000 microfirewall upon power failure

Gertjan

... and use the obtained info here to get more details : https://networkupstools.org/stable-hcl.html

Michel-angelo

@gertjan
Thanks, stephenw10 and Gertjan

I am deeply confused. Indeed I had a doubt that the USB connection, using the Raspberry-pi USB A female to micro USB could be defective. I did not know how to check but believed the connection was OK. It was not.

The log, which I had not checked, reported "26341 Poll UPS [Eaton] failed - Driver not connected"

I had already looked at https://networkupstools.org/stable-hcl.html, which selected for my Eaton 3S the default driver of the pfSense package. The configuration instructions were already correct

So the sole thing missing was an effective USB connection between the Eaton UPS and the microfirewall. I will get a better quality connector within a couple of days but, this morning, after making absolutely sure that the micro-USB connected effectively to the SG-1000. it all worked by magic and the Services > UPS Status Details reported as expected. I will test it right away, but I am certain it will work.

I can also report on the attempt I made yesterday with direct USB Connection to the iMac, which simply worked without any need for software installation.

I must now find the way to (1) get the SG-1000 to relay the instruction to shut down to the iMac and (2) get the iMac to accept this instruction and effectively shut down.

Many thanks for the correct pointers.

Gertjan

@michel-angelo said in Using an UPS to properly shut down and restart a pfSense SG-1000 microfirewall upon power failure:

I must now find the way to (1) get the SG-1000 to relay the instruction to shut down

"NUT" is more then just 'ahev a chat with the locally connected USB-UPS and do something when it says the power switched to battery". Its far more capable.then that.

With this :

These settings expose my pfSense LAN IP as a NUT (upsmon) server.
As I showed earlier, my Synology NAS can now connect to pfSense for UPS info, with out an UPS connected directly to the NAS.

Michel-angelo

@gertjan
Hello Gertjan, Steve and others, time for a pause.

Indeed, I had a USB Connection between the UPS and the SG-1000, this connection is now gone again, I have not succeeded to restore it. I definitely believe the micro USB connector provided by my Raspberry Pi in not the best I could use. So I will be waiting for the arrival of a new connector to resume on my tests.

Steve, with the the defect I have in my USB connection, here is the result of the shell Script you suggested me [I ran it bravely on the pfSense SG-1000 trusting it would not damage anything].

Shell Output - usbconfig dump_device_desc
ugen1.1: <Mentor Graphics OTG Root HUB> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

bLength = 0x0012
bDescriptorType = 0x0001
bcdUSB = 0x0200
bDeviceClass = 0x0009 <HUB>
bDeviceSubClass = 0x0000
bDeviceProtocol = 0x0001
bMaxPacketSize0 = 0x0040
idVendor = 0x0000
idProduct = 0x0000
bcdDevice = 0x0100
iManufacturer = 0x0001 <Mentor Graphics>
iProduct = 0x0002 <OTG Root HUB>
iSerialNumber = 0x0000 <no string>
bNumConfigurations = 0x0001

ugen0.1: <Mentor Graphics OTG Root HUB> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

bLength = 0x0012
bDescriptorType = 0x0001
bcdUSB = 0x0200
bDeviceClass = 0x0009 <HUB>
bDeviceSubClass = 0x0000
bDeviceProtocol = 0x0001
bMaxPacketSize0 = 0x0040
idVendor = 0x0000
idProduct = 0x0000
bcdDevice = 0x0100
iManufacturer = 0x0001 <Mentor Graphics>
iProduct = 0x0002 <OTG Root HUB>
iSerialNumber = 0x0000 <no string>
bNumConfigurations = 0x0001

This is it, non more

Gertjan

@michel-angelo said in Using an UPS to properly shut down and restart a pfSense SG-1000 microfirewall upon power failure:

here is the result of the shell Script

You can also look in the log.
Look closely at this one : Status > System Logs > System > OS Boot
I found my UPS :

ugen0.3: <American Power Conversion Back-UPS XS 700U FW:924.Z5 .I USB FW:Z5> at usbus0

stephenw10

Yes, it must appear as a USB device in that list before NUT or any drover can use it.

I assume you're using the USB OTG port? Can you see other devices connected there? A keyboard or flash drive maybe? If not it probably is the adapter you're using.

Steve

Michel-angelo

@stephenw10

Yes, Steve, I am looking at the USB OTG port, which is in the middle of the SG-1000. On its left, I see another port, certainly a micro USB as well, for the console. In it, I always leave plugged the USB to USB cable which came with the SG-1000, for the unlikely devent I would need to connect the device to a console. I fear losing the console cable and the connectors are so tiny I do not want to ruin then by plugging and unplugging them all the time. The USB is connected to the Eaton UPS.

So, no devices, no keyboards nor what else is connected to the USB OTG port.

The config of the UPS is

UPS: Local USB

UPS Name is EatonUPS

Notifications is unchecked

Driver is usbhid (default driver, recommended for Eaton 3S UPS)

Extra (optional) is empty

In USB Status, a red alert reads "The UPS requires attention"

In UPS status,

Name is EatonUPS@localhost

Summary status is "falled to retrieve status"

UPS detail is now empty (it has been full for a short while, which proves the config is correct but my defective cable ruins it all).

Running again usbconfig dump_device_desc

Shell Output - usbconfig dump_device_desc
ugen1.1: <Mentor Graphics OTG Root HUB> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

bLength = 0x0012
bDescriptorType = 0x0001
bcdUSB = 0x0200
bDeviceClass = 0x0009 <HUB>
bDeviceSubClass = 0x0000
bDeviceProtocol = 0x0001
bMaxPacketSize0 = 0x0040
idVendor = 0x0000
idProduct = 0x0000
bcdDevice = 0x0100
iManufacturer = 0x0001 <Mentor Graphics>
iProduct = 0x0002 <OTG Root HUB>
iSerialNumber = 0x0000 <no string>
bNumConfigurations = 0x0001

ugen0.1: <Mentor Graphics OTG Root HUB> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

bLength = 0x0012
bDescriptorType = 0x0001
bcdUSB = 0x0200
bDeviceClass = 0x0009 <HUB>
bDeviceSubClass = 0x0000
bDeviceProtocol = 0x0001
bMaxPacketSize0 = 0x0040
idVendor = 0x0000
idProduct = 0x0000
bcdDevice = 0x0100
iManufacturer = 0x0001 <Mentor Graphics>
iProduct = 0x0002 <OTG Root HUB>
iSerialNumber = 0x0000 <no string>
bNumConfigurations = 0x0001

Running again usbconfig dump_device_desc

After removing the cables gives the same output

Shell Output - usbconfig dump_device_desc
ugen1.1: <Mentor Graphics OTG Root HUB> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

bLength = 0x0012
bDescriptorType = 0x0001
bcdUSB = 0x0200
bDeviceClass = 0x0009 <HUB>
bDeviceSubClass = 0x0000
bDeviceProtocol = 0x0001
bMaxPacketSize0 = 0x0040
idVendor = 0x0000
idProduct = 0x0000
bcdDevice = 0x0100
iManufacturer = 0x0001 <Mentor Graphics>
iProduct = 0x0002 <OTG Root HUB>
iSerialNumber = 0x0000 <no string>
bNumConfigurations = 0x0001

ugen0.1: <Mentor Graphics OTG Root HUB> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

bLength = 0x0012
bDescriptorType = 0x0001
bcdUSB = 0x0200
bDeviceClass = 0x0009 <HUB>
bDeviceSubClass = 0x0000
bDeviceProtocol = 0x0001
bMaxPacketSize0 = 0x0040
idVendor = 0x0000
idProduct = 0x0000
bcdDevice = 0x0100
iManufacturer = 0x0001 <Mentor Graphics>
iProduct = 0x0002 <OTG Root HUB>
iSerialNumber = 0x0000 <no string>
bNumConfigurations = 0x0001

From now on and for as long as I have not changed my defective micro-USB male connector, to prevent possible damages, I will keep the UPS monitoring as disabled.

Thanks for the attention.

stephenw10

Yes, seems like a bad OTG cable. You should see he UPS listed even if nothing can talk to it.

I wouldn't worry too much about the connectors. I've plugged cables in the units have here hundreds of times (thousands maybe?) without issue. microUSB connectors are used in phones by millions and are really pretty reliable. Care should always be taken of course.

Steve

Gertjan

@michel-angelo

NUT master slave video :
Youtube Video

Michel-angelo

@gertjan

Thank you, Steve and Gertjian. I will need to review this Network UPS Tools (NUT) Ultimate guide over a thousand times, the line to line advice flies far above my level. I got the intent and actually have a Raspberry Pi 0 at home fit for use in UPS setting, which could come handy if needed.

I received my new micro-USB male plus (worth, alone, the price of the Pi). It fits nicely and connects to the SG-1000 USB-OTG port with a reassuring clic.

On my first attempt, the data was still missing. As a last attempt, I tried cold-plugging the USB connectors. It barely worked and the connection to the UPS was not robust. Just as if the signal was weak and the SG-1000 was nearly deaf to the UPS' signal.

I ran usbconfig dump_device_desc. when connection was ON and when connection was off. Her they are:

FAILED CONNECTION TO THE UPS

Shell Output - usbconfig dump_device_desc
ugen1.1: <Mentor Graphics OTG Root HUB> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

bLength = 0x0012
bDescriptorType = 0x0001
bcdUSB = 0x0200
bDeviceClass = 0x0009 <HUB>
bDeviceSubClass = 0x0000
bDeviceProtocol = 0x0001
bMaxPacketSize0 = 0x0040
idVendor = 0x0000
idProduct = 0x0000
bcdDevice = 0x0100
iManufacturer = 0x0001 <Mentor Graphics>
iProduct = 0x0002 <OTG Root HUB>
iSerialNumber = 0x0000 <no string>
bNumConfigurations = 0x0001

ugen0.1: <Mentor Graphics OTG Root HUB> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

bLength = 0x0012
bDescriptorType = 0x0001
bcdUSB = 0x0200
bDeviceClass = 0x0009 <HUB>
bDeviceSubClass = 0x0000
bDeviceProtocol = 0x0001
bMaxPacketSize0 = 0x0040
idVendor = 0x0000
idProduct = 0x0000
bcdDevice = 0x0100
iManufacturer = 0x0001 <Mentor Graphics>
iProduct = 0x0002 <OTG Root HUB>
iSerialNumber = 0x0000 <no string>
bNumConfigurations = 0x0001

SUCCESSFUL CONNECTION TO THE UPS. If I look at the logs in Status > System Logs > System > OS Boot, I find my UPS ("ugen0.2: <EATON Eaton 3S> at usbus0"), and

Shell Output - usbconfig dump_device_desc
ugen1.1: <Mentor Graphics OTG Root HUB> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

bLength = 0x0012
bDescriptorType = 0x0001
bcdUSB = 0x0200
bDeviceClass = 0x0009 <HUB>
bDeviceSubClass = 0x0000
bDeviceProtocol = 0x0001
bMaxPacketSize0 = 0x0040
idVendor = 0x0000
idProduct = 0x0000
bcdDevice = 0x0100
iManufacturer = 0x0001 <Mentor Graphics>
iProduct = 0x0002 <OTG Root HUB>
iSerialNumber = 0x0000 <no string>
bNumConfigurations = 0x0001

ugen0.1: <Mentor Graphics OTG Root HUB> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

bLength = 0x0012
bDescriptorType = 0x0001
bcdUSB = 0x0200
bDeviceClass = 0x0009 <HUB>
bDeviceSubClass = 0x0000
bDeviceProtocol = 0x0001
bMaxPacketSize0 = 0x0040
idVendor = 0x0000
idProduct = 0x0000
bcdDevice = 0x0100
iManufacturer = 0x0001 <Mentor Graphics>
iProduct = 0x0002 <OTG Root HUB>
iSerialNumber = 0x0000 <no string>
bNumConfigurations = 0x0001

ugen0.2: <EATON Eaton 3S> at usbus0, cfg=0 md=HOST spd=FULL (12Mbps) pwr=ON (20mA)

bLength = 0x0012
bDescriptorType = 0x0001
bcdUSB = 0x0110
bDeviceClass = 0x0000 <Probed by interface class>
bDeviceSubClass = 0x0000
bDeviceProtocol = 0x0000
bMaxPacketSize0 = 0x0008
idVendor = 0x0463
idProduct = 0xffff
bcdDevice = 0x0100
iManufacturer = 0x0001 <EATON>
iProduct = 0x0002 <Eaton 3S>
iSerialNumber = 0x0004 <Blank>
bNumConfigurations = 0x0001

Seems to me like the SG-1000 is a little deaf on its USB-OTG port. Is there any way to provide hearing aid if this is the correct diagnostic ?

I tested it: it worked. It shut down the SG-1000 at the 20% mark (battery load).

Strangely, on SERVICES > UPS, I can read under UPS runtime 0:46:23 which is less than an hour, which is far less that the SG-1000 (pfSense) runtime. Should I care ?

As far as NUT is concerned, this seems to be, so far, a simple configuration, whereby the UPS decides that the value of the variable battery.charge.low is 20 (20%), hence the SG-1000 was properly shut-down when the UPS battery reached the level 20%. This is enough for me. What I want now is achieving the clean shut-down of the mac as a consequence of shutting down the SG-1000. I would try to allow my mac to simply connect to pfSense for UPS info and directives without an UPS connected directly to it.

Configure SG1000 as a master. I believe I just need to determine the correct arguments to give to the SG-1000 driver for the purpose of shutting down the mac. Would that simply mean (1) an additional directive for upsd.conf and (2) an additional entry for upsd.users, both in services > ups (both ideas are inspired from an earlier Gertjan post).

Installing UPSMON on the Mac to allow the mac to receive the UPS info from pfSense (NUT for macOS). This I will need to explore separately. On the mac App store, I ca find a NUT client for macOS but only for 10.15 and later. The mac I have located in my basement for home automation and backups is a macOS 10.13 machine only, so it will be more challenging.

This is what I will explore now.

Thank you all for allowing me to reach this point.

stephenw10

Hmm, no I'm not aware of anything that might affect the SG-1000s USB OTG capability.

Michel-angelo

@stephenw10

Hello ! Information on status.
So far, in case of power failure, I want the UPS to start and the initiation of new back-up tasks to become impermissible, Upon a combination of time and remaining charge of the UPS' battery; a proper shut down of the mac; and, if possible, Shut-down of the UPS.
So Far,
On my pfSense firewall SG-1000, there is a pre-installed NUT package, It works already and can trigger termination of NUT clients.

For macOS, (version 10.13 High Sierra, the package manager Homebrew does not work any more, but the package manager MacPorts does), so I would (1) Install or update xCode on the mac; (2) install or update MacPorts, (3) configure and set instructions to slave on pfSense SG-1000, and (4) complete on pfSense the remainder of NUT configuration.
This is my current plan, which seems feasible so far.