TippingPoint X506 Hardware

Sifter

@stephenw10:

Can you try setting up the NICs with the microdrive?
First you need to find out if you can actually get any networkaccess at all. I aimagine it might be VLANs to whatever the chip under the heatsink is but they may require setting up via some out of band service like i2c which would be bad.

Steve

So even after assigning vlan's 100, 200, and 300 to the sis0 interface, no interfaces come alive when I plug in a CAT5 cable to each of the 6 jacks.

Sifter

And here is our mystery chip under the heatsink.

stephenw10

Ok so as suspected a switch IC. These are normally configured via spi in soho routers but usually (often) that's only neccessary if you need to change the default config.
You can't just assign VLANs at random. Assign the sis interface directly. Run a packet capture on it. Whilst it's running send some traffic into external switch ports. Now look at the capture to see what vlans traffic arrived on. Of course you'll have to get the capture file off the box to analyse it, or do it the hard way.  ;)

Steve

Sifter

@stephenw10:

You can't just assign VLANs at random. Assign the sis interface directly.

Steve

I need 2 interfaces before pfsense will proceed, do I assign one generic vlan as WAN and then assign the sis0 directly to LAN?  How would you do it?

stephenw10

PfSense only requires 1 interface. But yes you could use one real interface and one VLAN interface.
The other possibility is that the default config of the switch is no vlans at all, just like an unmanaged switch.

Steve

_Adrian_

I'm keeping an eye on this thread :)

_Adrian_

I wonder if this has similar hardware :P
http://www.ebay.ca/itm/HP-Tippingpoint-Core-Controller-48-Port-Gigabit-Switch-/321258224413?pt=US_Network_Switches&hash=item4acc7b7b1d

stephenw10

Unlikely. You need some serious power for a 48 port gig switch. You're suggesting it might have an x86 backend? Maybe if it has any firewall or routing features. I doubt it though.

Steve

_Adrian_

@stephenw10:

You're suggesting it might have an x86 backend?
Steve

Its a posibility…

And that's what I'm after :)

Sifter

@stephenw10:

PfSense only requires 1 interface. But yes you could use one real interface and one VLAN interface.
The other possibility is that the default config of the switch is no vlans at all, just like an unmanaged switch.

Steve

Ive now assigned sis0 as LAN and since it asked for WAN first, I just filled in a random vlan name.  However, nomatter what cable or port I plug into, none of the ports light up.  They dont recognize that a cat5 cable is plugged in.

If it doesnt see that a cat5 cable is plugged in, how is a packet capture going to work?  Dont we first have to work through getting sis0 "UP"?

stephenw10

Ah, well that makes things a lot more complex. If the default config of the switch is no config at all, everything off, then it needs to be configured before anything will work. Yes you need to see sis0 as UP before anything else.
Where are you reading this though, at the console I assume. What do you see from 'ifconfig -a'? If it is vlans only at sis0 then an interface set to use no tags or vlan1 might show as down. What does is show for media and status?

Steve

Sifter

Im doing everything from the console at this point.

Enter an option: 1

Valid interfaces are:

sis0  02:63:c0:d6:7b:7e   (up) NatSemi DP8381[56] 10/100BaseTX

Do you want to set up VLANs first?

If you are not going to use VLANs, or only for optional interfaces, you should
say no here and use the webConfigurator to configure VLANs later, if required.

Do you want to set up VLANs now [y|n]? y

WARNING: all existing VLANs will be cleared if you proceed!

Do you want to proceed [y|n]?y

VLAN Capable interfaces:

sis0    02:63:c0:d6:7b:7e   (up)

Enter the parent interface name for the new VLAN (or nothing if finished): sis0
Enter the VLAN tag (1-4094): 1

VLAN Capable interfaces:

sis0    02:63:c0:d6:7b:7e   (up)

Enter the parent interface name for the new VLAN (or nothing if finished):

VLAN interfaces:

sis0_vlan1      VLAN tag 1, parent interface sis0

*NOTE*  pfSense requires *AT LEAST* 1 assigned interface(s) to function.
        If you do not have *AT LEAST* 1 interfaces you CANNOT continue.

        If you do not have at least 1 *REAL* network interface card(s)
        or one interface with multiple VLANs then pfSense
        *WILL NOT* function correctly.

If you do not know the names of your interfaces, you may choose to use
auto-detection. In that case, disconnect all interfaces now before
hitting 'a' to initiate auto detection.

Enter the WAN interface name or 'a' for auto-detection: sis0_vlan1

Enter the LAN interface name or 'a' for auto-detection
NOTE: this enables full Firewalling/NAT mode.
(or nothing if finished): sis0

Enter the Optional 1 interface name or 'a' for auto-detection
(or nothing if finished):

The interfaces will be assigned as follows:

WAN  -> sis0_vlan1
LAN  -> sis0

Do you want to proceed [y|n]?y

Writing configuration...done.
One moment while we reload the settings... done!
*** Welcome to pfSense 2.1-RELEASE-nanobsd (i386) on pfSense ***

 WAN (wan)       -> sis0_vlan1 ->
 LAN (lan)       -> sis0       -> v4: 10.0.0.169/24

 0) Logout (SSH only)                  8) Shell
 1) Assign Interfaces                  9) pfTop
 2) Set interface(s) IP address       10) Filter Logs
 3) Reset webConfigurator password    11) Restart webConfigurator
 4) Reset to factory defaults         12) pfSense Developer Shell
 5) Reboot system                     13) Upgrade from console
 6) Halt system                       14) Enable Secure Shell (sshd)
 7) Ping host                         15) Restore recent configuration

Enter an option:

[2.1-RELEASE][root@pfSense.localdomain]/root(1): ifconfig -a
sis0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=83808 <vlan_mtu,wol_ucast,wol_mcast,wol_magic,linkstate>ether 02:63:c0:d6:7b:7e
        inet6 fe80::7422:d7c0:c46:842%sis0 prefixlen 64 scopeid 0x1
        inet 10.0.0.169 netmask 0xffffff00 broadcast 10.0.0.255
        nd6 options=1 <performnud>media: Ethernet autoselect (none)
        status: no carrier
enc0: flags=0<> metric 0 mtu 1536
pfsync0: flags=0<> metric 0 mtu 1460
        syncpeer: 224.0.0.240 maxupd: 128 syncok: 1
pflog0: flags=100 <promisc>metric 0 mtu 33192
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
        options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
        nd6 options=3 <performnud,accept_rtadv>sis0_vlan100: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 02:63:c0:d6:7b:7e
        inet6 fe80::7422:d7c0:c46:842%sis0_vlan100 prefixlen 64 scopeid 0x6
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (none)
        status: no carrier
        vlan: 100 vlanpcp: 0 parent interface: sis0
sis0_vlan200: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 02:63:c0:d6:7b:7e
        inet6 fe80::7422:d7c0:c46:842%sis0_vlan200 prefixlen 64 scopeid 0x7
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (none)
        status: no carrier
        vlan: 200 vlanpcp: 0 parent interface: sis0
sis0_vlan300: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 02:63:c0:d6:7b:7e
        inet6 fe80::7422:d7c0:c46:842%sis0_vlan300 prefixlen 64 scopeid 0x8
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (none)
        status: no carrier
        vlan: 300 vlanpcp: 0 parent interface: sis0
sis0_vlan1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 02:63:c0:d6:7b:7e
        inet6 fe80::7422:d7c0:c46:842%sis0_vlan1 prefixlen 64 scopeid 0x9
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (none)
        status: no carrier
        vlan: 1 vlanpcp: 0 parent interface: sis0
[2.1-RELEASE][root@pfSense.localdomain]/root(2):</performnud,accept_rtadv></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></promisc></performnud></vlan_mtu,wol_ucast,wol_mcast,wol_magic,linkstate></up,broadcast,running,simplex,multicast> 

stephenw10

@Sifter:

sis0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=83808 <vlan_mtu,wol_ucast,wol_mcast,wol_magic,linkstate>ether 02:63:c0:d6:7b:7e
        inet6 fe80::7422:d7c0:c46:842%sis0 prefixlen 64 scopeid 0x1
        inet 10.0.0.169 netmask 0xffffff00 broadcast 10.0.0.255
        nd6 options=1 <performnud>media: Ethernet autoselect (none)
        status: no carrier</performnud></vlan_mtu,wol_ucast,wol_mcast,wol_magic,linkstate></up,broadcast,running,simplex,multicast> 

Hmm, well that doesn't look good. I would expect that sis0 is always connected to the switch. The switch may have autonegotiation disabled on that port. You could try setting sis0 to 100Mbps FD and see if shows carrier. Though even if auto was disabled it should still fall back to 10Mb HD if a connection is detected.  :-\

You might be able to port (if someone else hasn't done it already some roboswitch code from, for example, OpenWRT.

Steve