pfSense not enabling port
-
@georgelza Ok, so what happens then if you select the 10Gbase-SR in that drop down and save and Apply?
-
Yeah try setting it from the GUI.
A good test here might be to try to link two ports on pfSense directly. Obviously they can't pass traffic but if they link in that scenario it implies a link negotiation issue with the switch/modules.
-
@stephenw10
hehehe ye prefer the ui in this case as it protects me from me... but then when i click wrong or it does not work then i'm disconnected, then it's where's the wifi keyboard and the very long HDMi cable as it's up above a cupboard some 8m away.Let me try again.
G
-
tried... got disconnected, got back onto console and saw invalid media type message... reset back to igc1. cable connected and then reset my vlans back onto igc1
G
-
a side note... a unexpected behaviour, when i do these configurations... it seems to get itself into a knot and loose my pppoe settings assigned to my WAN port. Also noticed when this happens my Route settings changes, and i need to reset it to auto detect.
-
Hmm, what pfSense version?
You mean the default route/gateway changes? Is it set to auto in System > Routing? Almost always better to have that set to a specific gateway or group.
-
2.7.2
i'm doing all of these changes on either igc1 (2.5GbE/Cat6 port) and/or ix0 which is the SFP+ port.
My WAN lives on igc0, not touching it. but found than when i do the above changes... and it crashes. then i need to go console and re-assign interfaces. which then wipes out my pppoe settings... pretty sure thats expected behaviour... considering i did a re-assign...
when i do option 1... it would be great to say don't touch WAN, only re-assign/reconfigure lan interface.
sure the route "drop/change" is associated with the above option #1
G
-
Ah, you're re-assigning all the interfaces at the console.Then, yes, that would happen.
Can you not re-assign them in the webgui? You can assign single interfaces there.
-
you forgetting i'm re-assigning the main lan interface... i have one lan interface over which i run multiple vlans, this is the link between me... wifi into core switch or hard wired into core switch.
so when it breaks i need to hdmi cable onto the pfsense device and plug in keyboard, this no web interface.
G
-
@georgelza Why do you change the main LAN interface? Wasn't ix0 something you are planning on using, once you get it to work? Meaning you keep all settings on the igcN interfaces as they are and only play with ix0/1.
-
My main lan is on igc1 at the moment which is eth1 on the host, it also carries traffic for vlan30 and vlan40.
This is patched into my core Unifi switch onto port 24 via 2.5GbE currently.I'm trying to reconfigure that lan (and all associated vlans) to run across ix0 to the SFP+ port SFP1 on the switch.
G
-
@georgelza I get that, but until you have ix0 working there is no point in reconfiguring igc... At the moment you are not getting pfsense to use the SFP+ links at all, right?
I mean you don't have to move LAN over to the ix0 interface to verify that it's working, or not... All you need is to see if pfsense gives you a "green light" to verify that the link is up... and the same on the switch side.
Although you said you have lot's of those Dell modules, a DAC cable is quite cheap and would likely resolve everything. Since it seems you are not able to get the Dell's to play ball, other than on the Unifi side...
-
I'm in South Africa, nothing is cheap or easily "procurable"
I also only have the one switch, and one way to get to the pfSense.
G
-
@georgelza Ok, but you seem to have several of these Dell modules, and the fiber patches as well?
So on your Unifi switch, you can isolate one port that you want to use for testing. One way to do that is to create a separate VLAN (Untagged) on that port only. No need to create a VLAN on pfsense, it's simply to isolate that port from the rest of the switch.
Then you connect it to the pfsense SFP+ and start experimenting.
If/when it works, you will be able to see in the Unifi Controller interface what speed that port has linked up at, and the same on pfsense. Doesn't have to be traffic flowing to know that it is working, but clearly it's not working at all now, right. So no link on pfsense, or the switch.
-
@georgelza said in pfSense not enabling port:
I'm in South Africa, nothing is cheap or easily "procurable"
I also only have the one switch, and one way to get to the pfSense.
G
What cable length are we talking about? DAC cables don't seem more expensive in SA than what I can find in Europe:
https://www.senetic.co.za/product/UACC-DAC-SFP10-05M.
https://www.firstshop.co.za/products/ubiquiti-unifi-10g-sfp-direct-attach-cable-0-5m -
will try and get... this does add up as i was hoping to use the Dell SFP+
s and leads that I got... vs buying 10 of these...G
-
@Gblenn
know the 2.5GB ports are i226 based.
think need to figure out what chipset the 10GbE SFP+ cages are.the Unifi's are taking the Dell/EMC SFP+'s happily... i would have expected it to have more of a problem than the Topton.
G
-
@georgelza Why ten? The Topton only has 2 SFP+ ports and it's only on the pfsense side that you are having the issue.
The Unifi Pro Max seems to recognize the modules but it too only has 2 SFP+ ports, right? All the rest are RJ45? If you plan on getting more switches, and stick to Unifi, I'm sure you can make use of all those Dell SFP+ modules you have.
But don't give up just yet, perhaps you can get pfsense to work with the Dell module as well?
So instead of messing with your LAN, create a "test bed" the way I explained earliers, by isolating the port on the Unifi. I believe they have something called port isolation as well, but not sure how that works vs your uplink port. -
@Gblenn ...
I have 6 top ton's. and 2 other machines.
first is the pfSense, going into core,
Core to go into 8 port aggregation, where the other topton's and 2 other machines are to go.Their 10GbE SFP+ cards are still to be ordered,
<My storage network is going 10GbE, everything else is to be 2.5Gbe via the i226 ports>G
-
@georgelza Ok, but will you run pfsense on all of the Toptons? My guess this is a driver issue and it will likely work with e.g. Linux, which I would suggest you test on one of the other machines then.
Another way could be to virtualize pfsense on Proxmox for example. If Proxmox works fine with the modules, you can assign the virtual interface instead. Not sure what performance degradation you would see but it's one way around the issue at least. And the i5-1335 seems powerful enough, as it beats the i5-11400 which I have in my machine running pfsense on Proxmox. At least comparing per thread performance.