PfSense is unreachable after install
-
@johnpoz I went back and double checked everything on v13 and I couldnt replicate the same result... perhaps in my haste it was pinging itself but then again I check the ARP table and it was there(logs from earlier) so...
I did try and research this on other forums and there isnt much out there... but according to this https://bsd-hardware.info/?id=pci:8086-153a-1028-05cc it should so I dont know what to think
-
Mmm, I'm not aware of anything that behaves anything like this. Let alone something that is recognised as em which should be well understood and supported at this point.
The other thing we saw here was that the em NIC does still show the link status correctly even though it does not pull an IP or show any layer 2 connectivity. So that seems unlikely to be some weird unsupported PHY. Or somehow not the correct port.
So, some regression in FreeBSD edge? I see nothing listed.
I would try disabling hardware checksum off-loading on em0 just in case. Nothing else set there looks likely.
-
@stephenw10 what doesn't make any sense to me is that if there was a freebsd or pfsense even thing with I217 - wouldn't forums be a fire with complaints? I mean that is not an uncommon off brand nic.. But looking at the freebsd listing for em.. It doesn't specifically list the 217 only the 210 and 211
o Intel i210 and i211 Gigabit Ethernet Controller o Intel i350 and i354 Gigabit Ethernet ControllerYou have a pretty extensive lab from previous discussions, you don't have a I217 to test with?
Here is intel drivers for freebsd, would it be possible to try and load those?
It specifically calls out the I217-LM is that what is being detected?
-
@stephenw10 I tried the following in shell on a fresh install... ifconfig em0 -vlanhwfilter -vlanhwtso and tried to ping the OldBox and didnt get any response
If I did go down the road of building a new driver provided by intel... something I have done before but on systems that had network connectivity... how would I proceed? from the console I havent accessed/mounted a USB before
This feels like a simple solution should be out there... everything seems right but when it comes time to have an IP... nope -_-
-
When I have been doing these freebsd 'tests' they have been using the minimal(small) usb image which requires an internet connection to download extra data to finish the install... I have been using this to test the different versions(downloads are slow) so basically I have been booting to usb installer and testing ping and what not...
Feels strange that the usb hotspot works well vs an intel NIC... -_-
-
Try:
ifconfig em0 -txcsum -rxcsumYou're not using VLANs at all there from what I can see?
Whilst I have a lot of hardware (too much?
) I don't have anything that has an i217-lm NIC. Though I agree, if it was broken in general we'd be flooded with threads! So that implies there is something specific about this implementation of it that the FreeBSD driver has an issue with. Which is what made me suspect they might have used some odd PHY there. -
@stephenw10 said in PfSense is unreachable after install:
Try:
ifconfig em0 -txcsum -rxcsumYou're not using VLANs at all there from what I can see?
Whilst I have a lot of hardware (too much?
) I don't have anything that has an i217-lm NIC. Though I agree, if it was broken in general we'd be flooded with threads! So that implies there is something specific about this implementation of it that the FreeBSD driver has an issue with. Which is what made me suspect they might have used some odd PHY there.I tried the command above without rebooting from the previous command that I mentioned... and still nothing... I tried to ping out and in on the private IP space... I am able to ping out via the internet though(through the usb hotspot... I know not really helping here but I had to have some POSITIVE result to say here)
A bonus of the internet access is that it will make it easier to build a new driver if needed... thoughts?
-
@stephenw10 I have read the instructions from intel and they seem pretty straight forward... If I were to follow though with them, I understand that any update to the OS would break things and also some functionality would break the drive via the web interface... beyond this are there concerns should I try this?
I know this would be a workaround vs solving the problem, but my existing system is failing(restarted the OldBox 5x friday, I suspect that the usb hotspot is drawing too much power and overheating the chip on this fanless system) thus having a stable workaround is favorable vs a dying one
-
I tried to follow the instructions for the driver install and when I issued the command to 'make' I the error 'unable to locate the kernal source tree"
Thoughts?
-
@stephenw10 As it would seem... This happens to be a card that has defeated you before :(
https://forum.netgate.com/topic/159452/gui-wont-show-nic-card-interfaces/3
and after doing some reading it would seem that building a driver for this OS is ill advised...
Rock>>ME<<Rock
-
@mathomas3 said in PfSense is unreachable after install:
command to 'make' I the error 'unable to locate the kernal source tree"
pfsense is not going to have the stuff to compile, you would need to compile the driver on a freebsd install that has the stuff installed for doing such stuff. I did this many years ago for the dhcp client that had a problem with setting the ttl too low.. It took freebsd like 2 years to actually fix the problem.
But once you build the driver, you should move it to your pfsense.
Simpler solution might be to just get a different nic.. Can you not swap out the nic in that system with a different one?
Remember pfsense runs on freebsd as its base layer OS. It doesn't come with all the bells and whistles that can be installed on the actual freebsd, ie the builder tools needed to compile stuff. While it is possible to do cross compiling on another OS.. if you want to try and build the driver from intel and see if that works - I would install a freebsd v14 current, or you could try with the 12.3 version if your goal is running it on 2.6, then move your driver to pfsense.
-
@mathomas3 said in PfSense is unreachable after install:
https://forum.netgate.com/topic/159452/gui-wont-show-nic-card-interfaces/3
That's not the same failure mode though. The i217-lm NIC was working OK there it was the other addition NIC they added that was not seen at all.
One thing you can try here is using Intels non-iflib kmod driver pkg. At the command line in 2.6 run:
pkg-static add https://pkg.freebsd.org/FreeBSD:12:amd64/release_4/All/intel-em-kmod-7.7.8.pkgThen:
echo 'if_em_updated_load="YES"' >> /boot/loader.conf.localThen reboot.
Obviously you will need the usb modem connected to do that so you are able to fetch the package.The only thing I'm aware of that addresses is the mishandling of vlan0 tags which doesn't apply here. But it's worth trying.
Steve
-
@stephenw10 said in PfSense is unreachable after install:
@mathomas3 said in PfSense is unreachable after install:
https://forum.netgate.com/topic/159452/gui-wont-show-nic-card-interfaces/3
That's not the same failure mode though. The i217-lm NIC was working OK there it was the other addition NIC they added that was not seen at all.
One thing you can try here is using Intels non-iflib kmod driver pkg. At the command line in 2.6 run:
pkg-static add https://pkg.freebsd.org/FreeBSD:12:amd64/release_4/All/intel-em-kmod-7.7.8.pkgThen:
echo 'if_em_updated_load="YES"' >> /boot/loader.conf.localThen reboot.
Obviously you will need the usb modem connected to do that so you are able to fetch the package.The only thing I'm aware of that addresses is the mishandling of vlan0 tags which doesn't apply here. But it's worth trying.
Steve
I followed the commands as suggested and everything seemed to go well... but there is no change...
Might I ask how VLANs was a thought as to why things were going wrong?
-
I went ahead and sent the unit back... I ordered something older then this one... hope that it works... and that the NIC is a gig port -_- FML
-
@mathomas3 said in PfSense is unreachable after install:
Might I ask how VLANs was a thought as to why things were going wrong?
It wasn't. You had disabled the hardware VLAN filtering and I was just checking you weren't using VLANs.
-
The replacement for the NewBox works flawlessly... Guess we are tossing this one up to the who done it gods -_-
