Nokia IP330 with ZNYX Networks ZX412-B2 NIC Card
-
Since it has been a few months since I last posted a message on the newsgroup relating to this matter, I thought that I might try again on this forum.
In short, I have been happily using a Nokia IP330 with m0n0wall and then, since November 2006, with pfSense as our network gateway router/firewall/VPN server. This IP330 has the optional ZX412 dual port NIC installed. I have had the ZX412 working in the past with a version of m0n0wall (I don't remember which version) but I would desperately like to get it working with pfSense. I've done quite a bit of research into finding a solution but have not been able to obtain the needed information. Hacking pfSense is not something that I care to do without some guidance. I do have a decent understanding of Linux and have compiled kernels, etc., but have not had the time to work with FreeBSD. Therefore, if someone can tell me #1: Is this possible to do? #2: If so, can you provide me with a general idea of what is required? #3: If it is more complicated than can be easily described, could someone provide paid assistance… within reason? For my purpose, I would prefer to spend a little money on getting the ZX412 NIC working, if possible, than to purchase or build another 5 NIC appliance. Especially since I have 3 of these IP330's in service. :)
I would be happy to provide more detail about the ZX412 card if needed.
Thanks and regards,
Mitch -
I have never used an IP330, but isn't that nic dec/intel (dc) based? I'm assuming you've read the monowall howto and manually entered the macs (maybe that's just for the base nics). Anyway, I would pull the drive and load FreeBSD 6.2 on it to test. I think dc is in the base kernel. If that works, you can copy the kernel module to pfsense (in the kernel dir) and add if_dc_load="YES" to your loader.conf
Perhaps, as dc is not a very common nic these days, it has been removed from the base pfSense kernel. -
Thank you for your reply. pfSense does detect the ZX412 and tries to use the dc drivers as indicated below:
dc0: <intel 10="" 21143="" 100basetx="">port 0xe000-0xe07f mem 0xd8000000-0xd80003ff irq 10 at device 5.0 on pci1
miibus3: <mii bus="">on dc0
dcphy0: <intel 21143="" nway="" media="" interface="">on miibus3
dcphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
dc0: Ethernet address: 00:c0:95:e3:cf:04
dc1: <intel 10="" 21143="" 100basetx="">port 0xe400-0xe47f mem 0xd8001000-0xd80013ff irq 12 at device 6.0 on pci1
miibus4: <mii bus="">on dc1
dcphy1: <intel 21143="" nway="" media="" interface="">on miibus4
dcphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
dc1: Ethernet address: 00:c0:95:e3:cf:05It reads a MAC address for each interface but it is not the correct MAC as listed by the original Nokia software. But, the problem appears to be deeper than just spoofing a MAC, etc. I cannot get a link on either of the two ports. Could it be that pfSense is not detecting the hardware correctly? The Nokia software detects the ZX412 as being Digital DC21143 chipset and uses the tulip driver. I don't remember which driver was used in the version of m0n0wall that I had working a few months ago. I'm currently using pfSense 1.2 snapshot 4-23-07 which I understand is FreeBSD 6.2 based. I had also tried v1.0.1 which I have been running on our firewall/router since November 2006. Maybe I can try different versions of m0n0wall until I find the one that worked before if that would be of help to anyone.
Thanks again for your reply. Any additional suggestions from anyone would be appreciated.
Sincerely,
Mitch</intel></mii></intel></intel></mii></intel> -
If anyone is interested, I was able to make a few modifications to Ubuntu Linux 6.06.1 and get it installed and working with all 5 NIC's. While I am able to do everything that I need in the way of routing, firewalling, VPN server, etc., I don't have the very nice Web Interface that we all love from pfSense. Oh well… pfSense can't be all things to all people on every piece of hardware so I guess I'll just have to live with command line configuration. (at least until I learn to hack FreeBSD) Not that I mind using the command line myself, but for my colleagues who have yet to get their feet wet in Linux or the BSD's. Personally, I got hooked a few years ago and have enjoyed every minute of it... 8)
Thanks again to "dotdash" for offering assistance!!
Regards,
Mitch -
I'm curious, what "few modifications" did you make to Ubuntu? Highly unlikely to be the same, or even similar, on FreeBSD but still curious.
-
CMB,
I first used the 6.06.1 Server CD install but had issues with the Nokia IP330 rebooting every time it starting loading GRUB. I found that to be a known bug with certain older machines with using the Server CD. I then used the 6.06.1, i386, Alternate CD, server install which solved the rebooting issue because it loaded a different kernel.
I started the installation by removing the hard drive from the IP330, adding a dual connector IDE cable so I could add a CD-ROM drive in addition to the hard drive and modify an old power harness so that I could power both the HD and CD-ROM. And, of course, change the BIOS to boot from the CD. Using my laptop connected to the console port on the IP330, I booted up the Alternate CD. At the menu selection screen, I hit "Esc" to get a command line and typed in "linux console=ttyS0,9600". This allowed me to do the install via the serial console and then modify the needed files after the installation. I only say this to show that Ubuntu can be installed via the serial console. But after doing this a couple times, I determined that it was easier to install onto the HD from another computer and then put the HD back into the IP330. So now to the modifications…
Boot the CD on the "loaner" computer. (I used an old Pentium III, 800 Mhz). At the boot command line use "server acpi=off". If you don't turn off ACPI you will get boot error messages after getting Ubuntu installed. (there is still one PCI error message that I haven't looked into but it's not causing any problems) I used all normal installation options including the default partitioning of the complete HD. Once installed, I updated the installation with apt-get update and apt-get upgrade. I then installed openssh-server, verified that my hosts file, resolv.conf were correct. Modified /etc/apt/sources.list to include the universe repository. I then modified /boot/grub/menu.lst and /etc/inittab so I could have console output from the IP330. I did this with the following:
In /etc/inittab/ uncomment the line:
#T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100In /boot/grub/menu.lst add the following lines near the top:
serial –unit=0 --speed=9600 --word=8 --parity=no --stop=1
terminal serialNear the bottom of menu.lst, add the following to the end of the kernel boot line after the words "ro quiet splash acpi=off"
console=ttyS0,9600n8Now, setup your /etc/network/interfaces file for static addresses on eth0, eth1 and eth2. Be sure to include the "hwaddress ether" line to spoof the MAC's for each interface. Like the following: (no gateway except on eth0)
auto eth0
iface eth0 inet static
address 192.168.0.155
netmask 255.255.255.0
gateway 192.168.0.1
hwaddress ether 00:11:22:33:44:55In /etc/modprobe.d/blacklist, change the blacklisted item from eepro100 to e100. This will force the use of the eepro100 Becker driver for the 3 onboard NIC's.
In /etc/iftab, remove or comment out all lines related to any interfaces like so:
#eth0 mac 00:15:f2:bc:56:19 arp 1Shut down the loaner computer, remove the HD and place back into the Nokia IP330. Remove the Zynx card and then boot up the Nokia IP330. You should have output from the serial console during all phases of bootup. (hit "Esc" twice to stop the memory test) Verify the interfaces are working with ifconfig and some pings to other computers, etc. Either SSH into eth0 or using the console terminal, add eth3 and eth4 to the /etc/network/interfaces file just as you did the other interfaces. Shut down the IP330, install the Zynx card and boot up again. The Zynx card should be using the Tulip driver and the onboard NIC's should be using the eepro100 driver.
All 5 NIC's should be working and you have yourself a small, inexpensive, command line based Linux server/router with 5 interfaces. I will be using Shorewall and OpenVPN for my firewalling and VPN connections. In order to have some graphs, I will use my Zenoss server and will monitor the IP330 via snmp.
I realize that this has been more information than you requested, or needed, but I thought that it may be of help to someone else that might have an IP330 with the ZX412 interface card. As you see, it didn't require any hacking of source code or other things beyond my capabilities. I was just able to find solutions to other peoples hardware problems and apply modified solutions to the problems that I was having with the IP330. Anyway…. it worked!!
I still use pfSense on our remote WRAP based VPN appliances and will continue to do so. I convinced my boss to ask for some funds in our July budget so that I could help sponsor pfSense development. And, of course, I would happily go back to pfSense on the IP330 if I could ONLY get the ZX412 interface card working. :)
Sincerely,
Mitch -
You might want to try a Intel Dual Port NIC…
Have a look at the M0n0Wall forum and searce for Neoware. You will find my treat about Dual Port NIC's. I may be help you...
bt
-
Hi Mitch,
I have several Nokia IP330 devices that have the Zynx card in them. I tried messing around with it last month and had no luck, down to the issues you previously listed. However, I thought there was a known issue with the ZX412 cards in them. Almost all of the web posts and forums I visited pertaining to this card mentioned that it would give problems in FreeBSD, even though the drivers come up for it when the system is booted. Linux was mentioned as the OS that had no problem seeing it.
It is interesting that you mention you were able to get the two ports to come up when m0n0wall was running on the system. Not sure if I want to give that a shot, as I need the features that pfsense has, but I may give it a try if I have some spare time. If the latest versions of m0n0wall can indeed make it work, I wonder what pfsense and other BSD distro's are doing differently.
Thanks for you suggestions and methods thus far in getting the card to work for you.
-
According to my post on the m0n0wall list from October, 2006, http://m0n0.ch/wall/list/showmsg.php?id=298/85 I was using v1.23b1 when I had the ZNYX card working. There were some other issues, however, that I never solved.
Mitch