-
@mxczxakm the full file name (and subdirectory location) for JUST the "new" configuration parameters would be /boot/loader.conf.local (just saying that, since you wrote .conf.local)
I'd leave your /boot/loader.conf file as "pristine", and just add the
if_re_load="YES"
if_re_name="/boot/modules/if_re.ko"lines to the "new" /boot/loader.conf.local file
...and perhaps the
hw.re.max_rx_mbuf_sz="2048"
line if you don't have anything on the network using jumbo frames...which would probably be unlikely -
@rk0 Thanks for this!
I’d add .local to the note that comes up then. I took it literally.
Maybe it’s just normal Linux etiquette but wasn’t obvious to me.
-
Well, that fixed it! Thanks so much, this was killing me! Now to try Suricata again.
——
No more drops, you guys rock!
-
@mxczxakm (it wasn't obvious to me the first time through either ).
In fact, it was another user on this forum months ago that explained to me how the /boot/loader.conf.local file would stick around after an upgrade, while the /boot/loader.conf file might get reset back to initial settings....
Good advice passed on in the forum helps us all!
-
That note is from the kmod pkg install which is common to any FreeBSD installation. pfSense uses loader.conf.local specifically so it doesn't apply to us. But we can't easily remove it.
Steve
-
I spoke to soon, the WAN still cycles on/off. I get this error in the logs from the kernel:
arpresolve: can’t allocate llinfo for X.X.X.X on emX
-
What happens just before that when it goes down?
Those logs look normal for when an interface links up.
Are you still running it in in-line mode? I would try it in legacy mode as a test at least. In-line mode requires specific NICs.
Steve
-
@stephenw10 it disconnects and reconnects all by itself. I do still have suricata in inline. I’ll try legacy when I get back from travel on Friday. Thanks for the reminder.
Out of curiosity, does in-line just need intel or specific models of intel?
-
It uses netmap(4) which requires device support:
https://www.freebsd.org/cgi/man.cgi?query=netmap#SUPPORTED_DEVICESThat does include re(4) but actual support can be variable. The Intel drivers are generally better and more likely to work as expected. So, no, any Intel based NIC would be expected to work there AFAIK.
Steve
-
This post is deleted! -
How did it fail? At the mountroot prompt? What that after upgrading or a clean install?
I haven't seen that on any of the 2.7 test boxes I have. Yet.
Steve
-
This post is deleted! -
Ah, could be UFS.... Hmm. Testing....
-
Re: realtek-re-kmod missing in pfSense 2.6 repository?
Bit off topic but can pfsense be upgraded to 2.7 dev temporarily then “downgraded” to 2.7 release when it comes out? There’s been times I want to try the dev releases but I don’t want to get stuck in that path.
-
Hmm, nope ufs systems updated fine here too. I'll see if any of the devs have seen it.
-
@mxczxakm said in realtek-re-kmod missing in pfSense 2.6 repository?:
can pfsense be upgraded to 2.7 dev temporarily then “downgraded” to 2.7 release when it comes out?
Yes. When a release comes out you can simply switch to stable and upgrade to it from an earlier snapshot.
What you can't do is 'downgrade' to 2.6 once you've gone to a 2.7 snapshot.Steve
-
This post is deleted! -
There are several ways
https://docs.netgate.com/pfsense/en/latest/backup/restore-during-install.htmlSteve
-
I forgot I’m on PfSense +, what’s the equal to 2.7, 22.09?
-
It's the current dev version which is 22.11. Plus snapshots are not available yet though, we have a few bugs to iron out first. Should be imminent.
Steve