Any Changes to Intel NIC VLAN support in 2.7 to be aware of?
-
You might try putting both interfaces as VLANs. It's a better design to do that anyway IMO. Avoid the risk of stripping the tags and ending up on the wring interface. But it should work either way.
-
@stephenw10 Upon hitting this problem again I will try that.
And you are right it should work either way.
My only reason for keeping the default vlan was that I could in most cases just have the end user
plug the Internet connection directly into the PFSense box (that only has one ethernet interface)..
It would grab a connection and bypass the switch and I could verify if the PFsense box itself +Internet connection was fine/healthy/working and bypass the vlan switch or quickly determine if the problem was switch or downstream related. -
Have you only seen it on em? I have a number of boxes I could test this on but almost all use igb NICs.
-
@stephenw10 First box.
only tested one so far.
It so happend to be em.
Most that I do will be.
Intel NUC, Qotom mini PC etc.
Dell rack servers... (usually broadcom and not a single NIC)
If you know of any cool AMD option I'll try it.
:) -
Ok let me see if I can replicate on something...
-
@stephenw10 That piece of hardware left the shop..
I had to install windows 10 pro on it.
During that process I updated the motherboard firmware ...
It had an older 2013 bios on it.
The new firmware included new firmware for the NIC.
Unfortunately I did not have a chance to try it again after the firmware _ IME + NIC firmware update.But I will be trying some other more up to date hardware soon.
As well as some of that older stuff.
-SG -
@stephenw10 OK I have a 2.6.0 box up & running single RE NIC interface.
And cheap TPlink $27 8 port managed switch. HAHA.
AMD quadcore X4 750 CPU from 2012.
It's working flawlessly.
Going to let it run and move traffic for while just to be sure it's rock solid stable.
Then bring it up to the latest 2.7 snapshot and see how it does.
If it's happy I'll try the same with intel.
UEFI would not fly on this box even with 2.6.0.
I had to go bios install.
Seems to be more trouble than it's worth (UEFI) LOL.
I was saying that six years ago.
I'm still trying to learn more about it and get a little better with it.
I'm at least TRYING to install/build UEFI systems when they work.
I have LAN on re0.5 and WAN on re0.7
I skipped trying to use the default LAN for the moment.
I like it this way too.
Definitely prettier.
I realize 2.7.0 will throw lots of debug messages.
That doesn't bother me but if it stops routing traffic.....
Or is no longer pingable.. :) -
@stephenw10 AMD single re0 box is doing well on 2.7.0.a.20230424.0600
It didn't blow up on my first speed test like that other box.
Might have been a false alarm and some freaky hardware.
Which I'd had the change to try it on that machine again after all of the firmware updates which included NIC firmware. -
To be clear when you did hit this it actually kernel panicked and dumped a crash report? Or just the lock order reveral stuff and stopped passing traffic?
-
@stephenw10 Just the message and no traffic.
No kernel panic.
OS/shell still responsive functioning.
No traffic no ping response on LAN. -
@stephenw10 I just brought up another older em box.
Gen2 i5 dell mini PC.
Of course any that I have here have firmware all up to date..
The previous one was a customer's Windows box that needed all of the firmware updates
prior to a clean windows install.It's working just fine. (latest 1.7 snapshot)
I am getting the same netlock attempted at: message
Then 17 lines of details.It only happened once in about 1/2 hour.
And is not obvious impacting functionality routing NAT or availability.
As far as I know - it's not a concern.
But I'm curious what it means.
When it happened before It was obvious that routing and ability to ping it's lan interface address
happened at the same time.
a reboot would get it back but then as soon as you passed any significant traffic it would happen again.I did not see any of these messages on the AMD re system running latest 1.7 snapshot.
-
See: https://docs.freebsd.org/en/books/faq/#lock-order-reversal
And: https://forum.netgate.com/topic/174821/reporting-lock-order-reversal-lor-backtraces
Yes, they are unwanted but mostly harmless. You are seeing them because witness is enabled in 2.7 snaps currently.
Steve
