-
Hello guys,
I just want to confirm something.
How does pfsense turn itself on with "snmp ups" set up after shutting down gracefully if the pfsense itself is the primary dhcp server and doing all the routing?
By logic, with pfsense off no network communication will take place and even if the UPS sends a wake up signal to the pfsense ip address, it will not reach the pfsense.
So, am I wrong here somehow? -
A WoL packet does not require IP addresses or routing. As long as the switches are up it should reach pfSense.
But this is usually achieved by having the UPS always fully power down after issuing a shutdown command such that when it powers back up everything that needs to will also power on.
The problems people see are when a UPS gets to battery critical and the software shuts down everything connected to it but then power is restored before it actually turns off.
-
@stephenw10
But the problem in the case of "snmp ups" setup in pfsense is, the ups does not know the MAC address of the pfsense, the pfsense box just polls over ip with SNMP. -
Right but that only works when it's booted. To wake the firewall (or any host) after it's shutdown you have to use WoL. Or possibly wake on USB etc.
What does your UPS support? Or whatever the locally connected UPS management supports?
-
@stephenw10
My UPS is APC SRT5KXLI with builtin NMC3 card. It supports APC PowerChute software, SNMP, and USB. I set it up with SNMP UPS which works for my case, at least for the shutdown. But, it failed to power up after a proper shutdown. -
You are using the apcupsd package in pfSense?
Maybe I'm missing something here but how is the UPS configured to wake pfSense? I wouldn't expect it to start.
-
@Laxarus The SNMP user has to have write permission to the UPS for it to actually shut down. Assuming that you are using NUT, you can test access with the following command:
upscmd -u admin -p password upsname test.battery.start
(you can find the password in /usr/local/etc/nut/upsd.users.)
If it works, you have write access. If it doesn't work, you will have to redo your access.
-
@stephenw10 Yep, that is the problem. UPS doesn't have a native way to wake up the pfsense. APC recommends to enable "Turn on always" option in BIOS.
https://www.apc.com/us/en/faqs/FA159550/
I use nut package.
@dennypage I don't have a problem with shutdown. The problem is to how to turn on the pfsense after power restore. -
If it's powered through the UPS then it will power back up when power is restored. Assuming the BIOS is set to do that.
-
@Laxarus said in SNMP UPS question:
I use nut package.
@dennypage I don't have a problem with shutdown. The problem is to how to turn on the pfsense after power restore.I think you misunderstand. The problem is not that pfSense isn’t shutting down, but that the UPS is not (successfully) being commanded to shutdown (cut power). You need the UPS to actually cut power, and you need SNMP write permission to do that.
When the UPS cuts power, and then restores power following mains being restored, pfSense should boot automatically.
-
-
@stephenw10 I will set to the BIOS to "turn on always" to achieve that. I was always assuming, as long as I configure NUT package properly, it will magically take care of everything.
Thanks for clearing this up Stephen.@dennypage said in SNMP UPS question:
I think you misunderstand. The problem is not that pfSense isn’t shutting down, but that the UPS is not (successfully) being commanded to shutdown (cut power). You need the UPS to actually cut power, and you need SNMP write permission to do that.
When the UPS cuts power, and then restores power following mains being restored, pfSense should boot automatically.
My NUT clients are not configured to send commands to UPS to shut it down. I configure the UPS shutdown sequence in the UPS config itself and it is shutting its outputs and at last itself in the correct order.
I am curious though, why would you want to send a shutdown command to UPS itself from the clients? Does it not have a proper configuration to manage that?
-
@Laxarus said in SNMP UPS question:
My NUT clients are not configured to send commands to UPS to shut it down. I configure the UPS shutdown sequence in the UPS config itself and it is shutting its outputs and at last itself in the correct order.
I am curious though, why would you want to send a shutdown command to UPS itself from the clients? Does it not have a proper configuration to manage that?
"Client" is ambiguous. Did you mean NUT client, or UPS (SNMP) client? Only one SNMP entity should be configured to instruct the UPS to shut down. The other hosts would be set up as NUT clients of the main NUT server.
As to why you would want to send a shutdown command, this is because most UPSs do not actually shut down on their own, and NUT is dependent upon the power actually being cut.
I haven't tested NMC3 behavior in that regard, so I cannot make a dfinitive statement.