pfSense Newbie Needing Solarflare Card Help
-
@stephenw10 - I believe that was the fix. It is now showing up in my interfaces. I am going to do a few tests over the next couple of days and will let you know for sure.
2 other things I noticed problems with are: the Dashboard under Version always says "Unable to check for updates" and when I log in or select an item from the menu bar through the GUI it takes a very long time for it to log in and/or go to the selection from the menu bar. Sometimes as long as 45-60+ seconds. When I watch it through the terminal, it shows right away that I have logged in though. It happens with all 3 of my web browsers. Chrome, Firefox, Safari.
Thank you,
MacWarrior -
Both those things usually indicate some lack of connectivity from pfSense itself.
Make sure it can ping from Diag > Ping but both IP and FQDN.Steve
-
@stephenw10 Hi Steve, I can ping internally but when I ping outside the network, I get "Host "apple.com" did not respond or could not be resolved." Which doesn't make sense to me when I can search and get onto websites.
MW
-
@macwarrior said in pfSense Newbie Needing Solarflare Card Help:
I can search and get onto websites.
That's from a client behind pfSense not pfSense itself though.
Go to Diag > DNS Lookup and make sure all the configured DNS servers are responding.
Steve
-
@stephenw10 Hi Steve, 1st - in reference to adding "kldload sfxge" as a loader variable so it loads at every boot, how do I add that? I searched in the forums and docs and couldn't find how to accomplish that without screwing up my computer.
2nd - here is the strange part to me about the DNS Lookup. I used a 2nd computer I had and loaded it with pfSense with a Spectrum connection directly to the WAN and the 4 DNS Lookups work great. However, when I try it with my main 1st computer with pfSense unit hooked up to a MetroNet connection directly to my WAN, it says "No Response" to all 4 DNS Lookups. The reason I'm scratching my head is I checked every setting from my 2nd computer and compared it to the 1st computer, and it is identical to each other but I get the "No Response" on the 1st computer. Not sure what I am missing here. Thx.
MW
-
To load it at boot create the file /boot/loader.conf.local then add to it the line:
if_sfxge_load=YESTry a lookup from the command line directly. First make sure it can ping out:
22.05-DEVELOPMENT][admin@apu.stevew.lan]/root: ping -c 2 8.8.8.8 PING 8.8.8.8 (8.8.8.8): 56 data bytes 64 bytes from 8.8.8.8: icmp_seq=0 ttl=116 time=7.352 ms 64 bytes from 8.8.8.8: icmp_seq=1 ttl=116 time=7.288 ms --- 8.8.8.8 ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 7.288/7.320/7.352/0.032 msThen try to query it:
[22.05-DEVELOPMENT][admin@apu.stevew.lan]/root: dig @8.8.8.8 google.com ; <<>> DiG 9.16.23 <<>> @8.8.8.8 google.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36555 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 67 IN A 172.217.16.238 ;; Query time: 7 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Feb 15 13:01:47 GMT 2022 ;; MSG SIZE rcvd: 55If that works what errors do you see trying to query the configured servers?
Steve
-
@stephenw10 HI Steve, results:
[2.5.2-RELEASE][admin@Birds-of-Prey.macwarriors.lan]/root: ping -c 2 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=61 time=13.298 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=61 time=14.437 ms--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 13.298/13.867/14.437/0.569 ms
[2.5.2-RELEASE][admin@Birds-of-Prey.macwarriors.lan]/root: dig @8.8.8.8 google.com; <<>> DiG 9.16.16 <<>> @8.8.8.8 google.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached[2.5.2-RELEASE][admin@Birds-of-Prey.macwarriors.lan]/root: ping -c 2 1.1.1.1
PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: icmp_seq=0 ttl=60 time=34.296 ms
64 bytes from 1.1.1.1: icmp_seq=1 ttl=60 time=32.973 ms--- 1.1.1.1 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 32.973/33.634/34.296/0.662 ms
[2.5.2-RELEASE][admin@Birds-of-Prey.macwarriors.lan]/root: dig @1.1.1.1 cloudflare.com; <<>> DiG 9.16.16 <<>> @1.1.1.1 cloudflare.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reachedMW
-
@stephenw10 said in pfSense Newbie Needing Solarflare Card Help:
To load it at boot create the file /boot/loader.conf.local then add to it the line:
Hi again Steve,
I followed your directions above but they still don't load.MW
-
Ah, I'm sorry it's not shown as an interface type for some reason. Change that line to:
sfxge_load=YESHmm, so you can ping but not connect with UDP. What firewall rules do you have on that interfaces? Can we see a screenshot?
Steve
-
@stephenw10 Hi Steve, I hope you are monitoring right now. After changing the boot/loader file, it has stopped booting up. I have done a fresh install of 2.6 and created the boot/loader file again with the new parameter you gave me and it does the same thing by not booting up. Hmmm.
???MW
-
@stephenw10 I am currently at the Manual Config window after a clean install of 2.6 asking if I want to make any final manual mods.
-
Urgh, I'm sorry. Did it throw some error when it tried to boot?
You can override the loader.conf variables at the loader prompt if something is causing a problem. So you might do:
set sfxge_load=NO bootThat should then boot as before allow you to change the loader file.
The loader.conf.local file is not stored in the config so you should be able to go ahead and complete the install and restore your config.
Steve
-
Hi Steve,
I was able to get the fresh install of 2.6 running early this AM but when I went in to try to write to boot/loader it says I have permissions off. I spent 2-3 hours looking and trying different solutions for permissions in the Shell but nothing worked. I checked tons of websites and YouTube but nothing fit what I was trying to do. (I wanted to try to figure this part out on my own but I failed. Still trying to learn the in's and out's of Terminal and different Shells) It is showing commands after "chmod" ([-fhv] [-R [-H etc...]] mode file ...) that I understand what they do but can't get to work.I do have Good News though! My DNS and DDNS issues are fixed and the update is showing up working on the Dashboard. WooHoo!! Anyway, I just need some help now with the SFP+ NIC issue and turning permissions on for Shell. Thank you!
MacWarrior
-
Hmm, if you're logged in as admin or root you should not see any permissions errors.
Create the file: /boot/loader.conf.local
Add lines to it.I usually do that from the gui unless I already have a CLI open.
If it fails to boot again you can override those values at the loader prompt. You will also see errors just after that when it tries to load the modules at the console.
For example I tried to load a bad igb module a short time ago:Loading configured modules... don't know how to load module '/boot/modules/if_igb.ko' /boot/kernel/sg5100.ko size 0x1d00 at 0x40a0000 loading required module 'superio' /boot/kernel/superio.ko size 0x5d98 at 0x3cfe000 /boot/kernel/zfs.ko size 0x39ae70 at 0x3d05000Steve
-
Hi Steve,
I assume you're talking about the "Command Prompt"? If so, [I think I know the steps, but to make sure I am doing it right] can you give me the steps to do it? I Greatly Appreciate it!MacWarrior
-
The console, where you will see the module loading, is what you see when you physically attach to the firewall. So either VGA and keyboard or a serial terminal.
https://docs.netgate.com/pfsense/en/latest/hardware/connect-to-console.htmlThe loader prompt is what you reach if you interrupt boot at the console when the boot loader menu appears. It allows you enter options before the kernel is loaded.
For example:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/boot-issues.html#booting-with-an-alternate-consoleSteve
-
@stephenw10
Hi Steve,I just wanted to clarify that I meant "Command Prompt" from the GUI as you suggested. (My bad). I thought you were reading my mind when I typed back to you (LOL).
MW
-
@stephenw10
The other thing is when I interrupt the boot like you referred to is where I get the “write permission is off” issue. That’s why I tried to use the Command Prompt from the GUI but I don’t quit understand it to build the boot/loader file.MW
-
To create the loader.conf.local file you can just use Diag > Edit File
Or you can do it from the command line using something like:
echo 'sfxge_load=YES' >> /boot/loader.conf.localI'm not really sure why you would see that permissions error unless maybe you were doing it from the installer?
However it shouldn't matter, you don't need to write anything there. Settings you make at the loader prompt apply for that boot only. You have to make a more permanent change once it boots.Steve
-
@stephenw10
Hi Steve,Here is where I stand. I removed the SFP card from my newly built machine and put it into a much older computer. The /boot/loader is working and it loads the driver every time. I connected the SFP from Solarflare to my D-Link SP-1012-10P SFP port but, I can't get it to connect. Should I try to drop the speed of the Solarflare and if so, how do I do that? Or, should I just switch to Chelsio SFP NIC cards to make it easier and more compatible? Would like your thoughts.
I also have 2 x D-Link SP-1012-28P which I want to separate all 3 switches on their own networks [using the Quad Solarflare NIC], but the same subnet so I can still connect to them with the same computers to make any changes or updates. I want to make separate networks with the Quad SFP NIC card, Port 1 - WAN, Port - 2 for the main computers and other devices, Port - 3 for the VoIP network, port 4 - for the Security Camera Network. Currently, I have my network set to 10.12.25.1/12. When I assign IPs to the SFP ports, it says that I am overlapping them.
Could use come config help.
Thank you,
MW
