pfSense on HP T620 thin client
-
pfSense users/developers/gurus,
I am trying out pfSense on an HP T620 thin client and notice that my WAN IP gets dropped every so often. Not every day, but at annoying times none the less or all the more (I prefer less over more... OK, OK, OK, a bad UNIX joke).
The Ethernet device in the T620 thin is a "RealTek 8168/8111 B/C/CP/D/DP/E/F/G PCIe Gigabit Ethernet" as seen in dmesg. I am running VLANs and using a single Ethernet port for all my traffic. Granted, I am planning to build a new server with a quad port Ethernet card in it too.
-
Are there issues with RealTek cards dropping WAN connections at all or problems in general with pfSense with this card?
-
If pfSense is going to be run on a server grade system (say an IBM x3650 or perhaps an HP N40L microserver) and I wish to put a quad port Ethernet card in, any recommendations? Most likely, I'd run pfSense under ProxMox and then pick a quad Ethernet card supported by ProxMox (that seems a better choice given what I hear about poor driver support FreeBSD/pfSense has).
-
Would this issue be impacted by the switch to FreeBSD-current?
Any further ideas from the peanut gallery are fully welcome!
Stuart
-
-
Yes, you may well see issues with the Realtek NIC. Some systems / hardware do not though.
If you do your only recourse is to try using the alternative driver. That can fix some things, notable watchdog timeout errors.
Use an Intel NIC if at all possible. Depends what you need to connect to as to which one.Steve
-
Stephen,
I am a bit confused by part of your response and would hope you might be able to provide some disambiguation.
@stephenw10 said in pfSense on HP T620 thin client:
Yes, you may well see issues with the Realtek NIC. Some systems / hardware do not though.
So the Realtek has a known issue similar to what I am describing?
If you do your only recourse is to try using the alternative driver. That can fix some things, notable watchdog timeout errors.
I am confused by the above entitled statement. Am I to presume that there are available somewhere "other Realtek drivers" than those that come with pfSense? Obviously I realize this is entirely possible, but if this is the case I am unaware of how to obtain them or install them, though I am happy to try them.
I am much more of a UNIX/Linux guy (AIX, Linux, Solaris, etc...) than a BSD person these days (I last used "BSDish" UNIX when I had a Sun IPC running SunOS 4.1.3 many moons ago).
Use an Intel NIC if at all possible. Depends what you need to connect to as to which one.
I completely realize that using an Intel NIC would mean that I'd be using the Intel drivers with it.
This indeed (ostensibly switching to an Intel NIC) begs a new question:
If I plugged in a USB 3 Intel NIC and let us say hypothetically it was "in0" vice "re0". Is there an easy way to change all references from "re0.300", "re0", "re0.192", etc... in the pfSense configuration to say "in0.300", "in0", "in0.192"?
Thanks in advance!
Stuart
-
No the known issues with Realtek NICs usually present as complete loss of traffic not just lost the WAN IP. Especially if you're using VLAN where all the traffic is passing that NIC, what you're seeing is probably something different.
Yes there is an alternative driver available for Realtek NICs that can be installed in pfSense in preference to the in kernel driver. See: https://forum.netgate.com/post/1063999
Install the pkg then add the loader lines as described in that thread.Yes, you can modify the config to replace the reX references with other NICs. However adding a USB NIC is impossible to recommend. They are usually worse than Realtek NICs. Significantly!
Steve
-
@stephenw10, et alia:
I did come up with a resolution to this concern and wanted to publish my results should such guidance be utilitarian to someone else's endeavors.
I first started by upgrading the RAM in my HP T620 thin client to 16GB and thereafter installed ProxMox thereupon. pfSense was then installed as a VM under ProxMox (the network device used for the VM was "virtio") and succeeding this change in how pfSense was instantiated pfSense has never lost its WAN connection since.
Moreover, I now have the added benefit that my pfSense VM can be live migrated to a different ProxMox cluster member and as well be configured as highly available (from a ProxMox point of view).
I hope one day that pfSense can support its own HA architecture without requiring multiple internet facing static IP addresses. With all the virtualization technology available today this ought be possible (using a virtual switch or virtual IPs).
Thank you to everyone for providing input on this concern and I wish everyone a most blessed, healthy, happy, and safe (thug-free) year.
Stuart
