NOkIA ip330 works great
-
Update. The cable we found to access the nokia IP330 was not a true null modem cable. It allowed us to see when the freebsd fired up but nothing of the bios initial boot. Our null modems finally came in on Thursday and we were able to see the entire boot process and enter the bios. There is not much there and no power management. I don't think the power supplies are ATX so there will be no hardware halt (no big deal). I am running our first rebranded nokia ip330 at my house and it seems fine. Andy, a colleague, has order two K6-2 500mhz to replace the current K6-2 266mhz that came with our used ip330s. These seem much better to play around with than the Nortel Contivity 100 boxes we got.
thanks,
Jim -
Does the IP330 have any special encryption accelleration build into it? For some reason in the back of my mind I thought it did, could be wrong tho.
-
Got it going and it auto assigned mac addresses to the nics. Very nice touch from the pfsense team.
thanks,
JimAm I correct in assuming, based on your post, that I no longer have to manually add the <spoofmac>tag to the xml config file? I have been using an IP330 for a while now and I have always had to add the <spoofmac>tags for each interface or all of my interfaces come up as ff:ff:ff:ff:ff:ff</spoofmac></spoofmac>
-
correct, pfSense will add some fake mac-adresses to interfaces showing non valid macs automagically.
-
Also a note if you are reading this thread and having problems. I did the dig through the old box O cables thing and found one that seemed to work. Mine brought up the POST screen but keep looping through the bios setup again and again. After much frustration I discovered that this is a known problem with some NOKIA and some cable/terminal programs. The dirty solution is just to hot patch the serial after boot…..
-
Having the choice between an unused IP330 and a 1U Pentium 4 @ 2Hz for pfSense, I wonder what would be the best. It would be for a 100Mbits WAN. Could the IP330 handle that easily with pfSense ? I also have an unused Watchguard Firebox II but I wonder if it would work fine, and it seems difficults to setup with pfSense.
-
Go with the 2ghz box. The IP330s are a glorified older pc maxing out at 500mhz IIRC.
-
Well I finally got my ip330
Lots of learning going on. Firstly, pay attention to the specs if you're buying one. Mine came with Intel Pentium 166 CPUs which are bloody slow, and make the whole machine feel very sludgy. The web suggests that an AMD K6 II clocked at 266 MHz is the standard CPU. However there are some with K6 II at 500 and 550 MHz, but those ones have a special shroud covering the CPU and one of the cooling fans to make a wind tunnel.
I simply replaced the 64 Mb SDRAM with a 256 Mb SDRAM without problems. My ones had a 4.3 Gb IDE Western Digital drive whereas most documentation says an 8 Gb IDE drive.
There is a compact PCI slot on the left - note its nothing like a normal PCI slot. There's also a hidden RJ45ish plug on the front and a space in the rear for some kind of module.
Things I haven't got working right - the serial console. I have a normal null modem cable which works for booting, but does not allow me to access the BIOS. I also don't get a console menu despide dmesg reporting
sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
sio0: type 16550A, consoleThats a work in progress. Also I changed /etc/platform to say "wrap" which is supposed to mount the CF card read-only (but didn't) and minimise writes to the CF card.
Now in relation to installing… The IP330 has a generic AWARD BIOS and can apparently boot from CD. You can use a normal 2 port IDE cable and a molex Y power splitter to run a normal CDROM and the internal drive all at once. I have not got this to work cos I can't get to the BIOS.
I put the drive into another PC and tried to install pfSense from the 1.0 Beta3 installer but that failed to detect a drive. Nokia may have done something screwey with the drives. So I simply drilled four holes and mounted my IDE/CF card reader in the same spot. Works a treat except I had more interfaces in the old firewall and so opt5 became opt1, and I had to recreate rules and so on. I should have edited a backup xml and reuploaded it, but didn't think of that till later.
On my other one I used a spare hard drive that was lying around and that installed fine on a normal PC. However I failed to set up NICs and IPs with that one, and it doesn't have a serial console enabled either, so I have to move the drive to a normal box and then modify config.xml manually.
I've got stacks of pictures at http://criggie.dyndns.org/tech/ip330/
So, my unresolved questions:
-
How to enable serial console on the PC platform?
-
How to enable read-only mode for the CF card?
-
What CPU shall I install for "More Power"?
-
What is the strange hidden RJ45ish plug on the front for?
-
What is the rear connector for?
-
Does anyone have a spare cPCI card for testing?
-
-
Seems that polling is a bad thing on this machine.
CPU states: 0.0% user, 0.0% nice, 1.5% system, 47.5% interrupt, 51.0% idle
With polling enabled on all three NICsCPU states: 0.4% user, 0.0% nice, 3.1% system, 3.1% interrupt, 93.4% idle
With polling disabled.Anyone got any ideas?
–-
Later... Turns out that really low spec CPUs do not benefit from polling. -
Got serial console working too now. I had to change "off" to "on" in /etc/ttys for the line starting ttyd0
No idea why "serial console" didn't show up under the advanced tab.
-
It won't show up for embedded systems as those have the serial console enabled by default.
-
It won't show up for embedded systems as those have the serial console enabled by default.
Okay fair enough - still it didn't actually turn on the serial console.
My next issue is the CPU upgrade. I bought and installed an AMD K6 II at 450 MHz, but the system has no jumpers to change the clock speed or the multiplier. So I've lost a F00F bug and gained two AMD MTRRs, but its still running at 166 MHz.
Silkscreened on the board is a table of multipliers, but they refer to BF0 BF1 and BF2 which are not to be found. Does anyone have any ideas about this? I'm not adverse to doing some soldering, but I don't know what to solder :)
-
Yeah I too ended up with a 166 mhz model. I looked and looked for the jumpers and I can't figure it out. I pulled the plastic covering with the writing off the front, it was partially coming off anyways and I wanted to paint the whole unit black. To get to the point that the connector to the right of the 3 rj45 connectors is a modem. On the board there is a jumper between the serial port and the modem so you can select which one is used. I have a stick of 256mb memory to swap for the 64mb in there eventually, but I wanted to swap the cpu at the same time. If you figure it be sure to post.
As far as the bios options, if you plug the null modem cable into the console port (bottom one) it will show the bootup screen and say press (i think its f2) to enter the bios. You have to open hyperterminal, etc first and connect, then turn on the ip330. I don't even use the serial port on the front. With the default options from installing the pfsense embedded image to the cf flash card I can see the pfsense menu through the console port (same with monowall that I had installed before). Suspossedly the ip330 does a vga to text conversion.
I like pfsense alot, but if I didn't need the nat reflection (only 1 public ip and multiple servers) I would switch back to monowall for the ip330 box. Pfsense is alot slower than monowall, but I like the features it offers.
Heres a few pics. BTW, you know where to get a set of mounting ears for a netgear switch? I bought them both used off ebay and the gigabit one didn't come with the rack mount ears :-/ Mine had a T1 compact pci card but I removed that. I'm probably going to put some sort of sticker over the hole, or make a new cover out a some scrap metal.
-
BTW, you know where to get a set of mounting ears for a netgear switch?
If you take the ones off the other switch, and run them into a machine shop I'm sure some can be made up from the sample. Actually - I have a bunch of FS518 switches coming spare, but shipping on even a small box is likely to be massive.
You could also do with a cable management bar or two there :) Something like http://www.cdlnz.com/cdl.html?VS=p&G=PP-CM&P=NC900&ID=3065532
You also have an extra LED to the right of your modem port - I only have two there…. Top is the Power LED and below that is Fault LED.
-
BTW, you know where to get a set of mounting ears for a netgear switch?
If you take the ones off the other switch, and run them into a machine shop I'm sure some can be made up from the sample. Actually - I have a bunch of FS518 switches coming spare, but shipping on even a small box is likely to be massive.
You could also do with a cable management bar or two there :) Something like http://www.cdlnz.com/cdl.html?VS=p&G=PP-CM&P=NC900&ID=3065532
You also have an extra LED to the right of your modem port - I only have two there…. Top is the Power LED and below that is Fault LED.
How much would it cost me to get a set from you with the mounting screws to mount it to the netgear box shipped to Northern VA in the United States (not sure where your located)? I'd offer to buy the whole switch from you but the fibre gigabit doesn't interest me from a money standpoint. Now if you had any that you were phasing out with copper gigabit uplinks I would be interested. You can send me an email with the details ryan @ wgnrs.dynu.com
I found the LED when I pulled off the plastic front. It was peeling off everywhere, the IP330 boxes are old so I figured why not paint it. Mine originally only had the console port, but I added the top serial connector as I had extra laying around. The modem port on mine was not covered to begin with. Seem to me the configuration on these was flexible. Now if only I could figure out how to set the jumper for the CPU I would be in business. I also replaced all 4 fans in the back as when I first turned it on those fans were abnoxiously loud. The connectors on board are 2 pin but a 3 pin fan works fine if you leave part of it hanging off.
Cable management bars are a good idea. I just got that rack setup in my basment. Its for my own purposes and anything with the word rackmount is crazy expensive so its taken some time to build. The white box in the back (above post, bottom pic top right) is where the CAT 5 cables come in. The house had CAT5 wire to each phone jack and I modified them to run data/voice a few years back and had a switch laying on a table next to the box. I'm eventually planning to put a patch panel on the back wall and use a 110 punchdown to organzie the wiring better.
The mounting brackets for the IP330 don't seem like enough to hold it with it just being front mounted. Do you know if thats the design for them. I have it sitting on whats pictured below.
-
-
The IP330s are a glorified older pc
All nokia 1u equipment is such.
In fact all nokia firewalls are glorified PCs. The 400 and above are almost standard PCs (ie, standard motherboards and everything)
The 100-300 ones are PCs or x86 compatibles in custom boards, and lack VGA/keyboards. Anything below a 100 is not a PC or x86.
-
I changed from a Pentium CPU to a AMD K6 at 450 MHz. Now I have to find out how to up the clock speed/multipliers and I'm happy. Mind you - I've lost the F00F bug and gained some MTRR registers, so it was a good thing to do.
CPU: AMD-K6
3D processor (167.05-MHz 586-class CPU)
Origin = "AuthenticAMD" Id = 0x58c Stepping = 12
Features=0x8021bf <fpu,vme,de,pse,tsc,msr,mce,cx8,pge,mmx>AMD Features=0x80000800 <syscall,3dnow>real memory = 268435456 (256 MB)
avail memory = 253104128 (241 MB)
wlan: mac acl policy registered
K6-family MTRR support enabled (2 registers)</syscall,3dnow></fpu,vme,de,pse,tsc,msr,mce,cx8,pge,mmx> -
Anyone know how to reduce the noise from this IP330 box? it is really noisy..I put this in my bedroom..the sound out from IP330 is louder then my dekstop PC.
BTW I have two of IP330 running smoothwall and pfsense,,,and two of them worked great.
So any idea to solve the problem of the sound/noisy? If I turn off the 4 fans…it'll make IP330 box turning bad?
-
This box is meant to be stored in a rack with a lot of other equipement that produces heat. In your case being installed in your bedroom with no additional sources of heat you should be able to reduce the noise by some modifications. I did the following with a standard PC to make it noiseless: Reduce the FAN of the PSU from 12V to 5 V (just attached it to the 5V of an unused drive powersupply). The CPU cooler was replaced with the biggest socket a cooling block that I was able to find and I removed the CPU FAN from it. As this machine runs without HDD this isn't an additional source of heat/noise either. This system now is noiseless. You even don't hear the PSU fan anymore but can feel the flow of air behind it. That system is running about 2 years already with these modifications.
You might want to try something similiar but don't make me responsible if your hardware gets toasted. If you do these kind of modifications monitor your hardware the first hours after you modded it and do some stresstests.