Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Rpi zero usb ethernet to pfsense

    Scheduled Pinned Locked Moved General pfSense Questions
    31 Posts 3 Posters 5.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stephenw10S
      stephenw10 Netgate Administrator
      last edited by

      There is no way to do that I know of.

      pfSense can only route traffic to interfaces it knows about and that's mostly Ethernet. If you're not using Ethernet then it has to appear as some other interface type such as PPP or PPPoE.
      That's the only way to avoid using the rndis adapter I can imagine.

      It looks like the Pi Zero can appear as a virtual com port also so you could potentially run some PPP connection across it. pfSense can cope with vanishing com ports far better, that's how 3g/4g modems appear.

      Steve

      1 Reply Last reply Reply Quote 0
      • X
        xbipin
        last edited by

        well like how pfsense generates and routes it own localhost traffic if some how we can achieve this then it would be possible but lets see what i find or else having to create interfaces is the only option i guess

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Internal routing between processes etc is very different to over USB.

          I honestly think your best bet here is some varient of PPP connection unless you want to hack around with the code to make the virtual Ethernet connection work as you need it to.

          It can work. You get the exactly the same deal with a tethered phone for example. There are a few threads detailing that for iphone and Android.

          Steve

          1 Reply Last reply Reply Quote 0
          • X
            xbipin
            last edited by

            even if i use a ppp or serial connection etc i still need to initially create a interface in pfsense right? rpi can also emulate serial so in that case also a virtual com port will appear in pfsense to which i need to assign a interface then bridge to lan.

            usb Ethernet mode would be better i guess compared to serial

            1 Reply Last reply Reply Quote 0
            • X
              xbipin
              last edited by

              the last option being connecting a wifi dongle to the rpi but i have tried that and it lags thats y i was trying this USB Ethernet method

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                You could potentially create a PPP connection via the virtual com port and then assign that. pfSense can cope with that disappearing since that's how many (now older) 3g devices appear.

                A real USB/Ethernet adapter connected to the Pi would probably be better than USB wifi or emulated USB ethernet.

                Steve

                1 Reply Last reply Reply Quote 0
                • johnpozJ
                  johnpoz LAYER 8 Global Moderator
                  last edited by

                  Why don't you just buy a dongle for the pi zero.  I don't recall the one I got off the top of my head for mine.. But will take a look at it when get home.. I currently do not have it connected to anything or would look remotely.. But my zero is currently sitting in a cup on my desk at home ;)  I needed its sd card for something else and have not gotten around to replacing and bringing it back up ;)

                  I will look in my my amazon orders to see if I can find out… BRB

                  edit: found it
                  https://smile.amazon.com/gp/product/B00RM3KXAU
                  Plugable USB 2.0 OTG Micro-B to 10/100 Fast Ethernet Adapter for Windows Tablets & Raspberry Pi Zero (ASIX AX88772A chipset)

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S
                    stephenw10 Netgate Administrator
                    last edited by

                    Yup. That. ^

                    I mean it's probably less fun…. but it will work much better!

                    Steve

                    1 Reply Last reply Reply Quote 0
                    • X
                      xbipin
                      last edited by

                      Well to my testing the emulated Ethernet is very reliable so far, gives good speeds compared to a actual USB Ethernet adapter, btw I have a rpi zero w with built-in Wi-Fi but the drivers are a bit broken on it and I have reported it to the devs so till they fix I was trying this fun thing. The wifi drivers for the built-in Wi-Fi chip give inconsistent ping and network speeds and I need to run freeswitch on this for a project, a USB wifi dongle performs much better but I wanted to try this emulated Ethernet and it's good and gives almost no lag in calls through freeswitch.

                      1 Reply Last reply Reply Quote 0
                      • johnpozJ
                        johnpoz LAYER 8 Global Moderator
                        last edited by

                        Sounds great - could you provide some sort of guide or howto on how you got this up and running.. Be willing to give it a go on my pi zero..

                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                        If you get confused: Listen to the Music Play
                        Please don't Chat/PM me for help, unless mod related
                        SG-4860 24.11 | Lab VMs 2.8, 24.11

                        1 Reply Last reply Reply Quote 0
                        • X
                          xbipin
                          last edited by

                          sure, give me some time till i write down all the steps, will post it here soon

                          1 Reply Last reply Reply Quote 0
                          • X
                            xbipin
                            last edited by

                            here r the steps but i have a few issues which i will mention below but for a start to configure the rpi zero as a RNDIS gadget using the otg port do the following:

                            in the /boot/config.txt add the below

                            dtoverlay=dwc2
                            

                            in the /boot/cmdline.txt add the below after the part it says rootwait

                            modules-load=dwc2,g_ether g_ether.dev_addr=8e:7a:7e:37:6f:bb  g_ether.host_addr=8e:7a:7e:37:6f:aa
                            

                            the first problem im facing is it assigns the proper mac id to itself but the host mac id doesnt apply when connecting this to pfsense but it does when connecting to a windows machine so this causes pfsense to always see this device changing mac ids when the rpi reboots

                            then what i did was assign this adapter in interfaces to opt1 and enabled it with ip set to none and later bridged it to LAN and under rules added a UDP pass rule for DHCP to pass through.

                            the second issue is the rpi still isnt taking a ip from dhcp on LAN, i tried setting a static ip but still from LAN i cant ping it nor the rpi can ping anything on LAN

                            1 Reply Last reply Reply Quote 0
                            • X
                              xbipin
                              last edited by

                              regarding pfsense not reading the actual mac that the rndis gadget supplies i was told on the rpi firmware github page to use g_ether.use_eem=0 but that too also doesnt work, on researching a bit found out its a driver issue in freebsd and quiet a few discussion on it already

                              1 Reply Last reply Reply Quote 0
                              • X
                                xbipin
                                last edited by

                                regarding freebsd not reading mac id the devs there provided a patch to test but i have no clue on how to integrate it into pfsense, can some1 provide some help

                                https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220852

                                1 Reply Last reply Reply Quote 0
                                • stephenw10S
                                  stephenw10 Netgate Administrator
                                  last edited by

                                  You would need to recompile the urndis module in FreeBSD and import it again to test in pfSense. Though you could test in FreeBSD directly instead.

                                  I find it interesting that your device appears to be using the cdce driver. Connecting my Nexus 4 in a similar way gives log messages:

                                  Apr 14 22:00:02 	kernel 		ugen0.4: <lge>at usbus0 (disconnected)
                                  Apr 14 22:00:02 	kernel 		ugen0.4: <lge>at usbus0
                                  Apr 14 22:00:02 	kernel 		urndis0: <rndis communications="" control="">on usbus0
                                  Apr 14 22:00:02 	kernel 		ue0: <usb ethernet="">on urndis0
                                  Apr 14 22:00:02 	kernel 		ue0: Ethernet address: 4a:aa:0d:9a:9b:59</usb></rndis></lge></lge> 
                                  

                                  Steve

                                  1 Reply Last reply Reply Quote 0
                                  • X
                                    xbipin
                                    last edited by

                                    Well this is raspberry pi so maybe the code is different to Nexus 4.

                                    I can try it in freebsd directly but that patch provided isn't in the release so how do I add that and recompile and test, any guide would be helpful as I'm a beginner to this.

                                    1 Reply Last reply Reply Quote 0
                                    • stephenw10S
                                      stephenw10 Netgate Administrator
                                      last edited by

                                      It's been a while but as I recall it should be pretty straight forward.

                                      Bring up a FreeBSD 10.3 VM (or a real machine, whatever) and include the source code during the install.

                                      Edit the five lines into the code at /usr/src/sys/dev/usb/net/if_urndis.c. It's only 5 lines so you can probably just edit them in manually or fetch and merge the .diff file.

                                      Then go to: /usr/src/sys/modules/usb/urndis and run: make

                                      The new modules should appear in that folder. You can sftp it out and into pfSense as you did with the original module.

                                      Steve

                                      1 Reply Last reply Reply Quote 0
                                      • X
                                        xbipin
                                        last edited by

                                        thanks for the help, which location do i copy this module in pfsense or do i need to copy anywhere and add an entry to load it on boot?

                                        1 Reply Last reply Reply Quote 0
                                        • X
                                          xbipin
                                          last edited by

                                          i loaded up freebsd 11 in VM then added the patch and compiled and the resulting if_rndis.ko file i copied over to pfsense and loaded it on boot using the loader.conf file but im still seeing the same behavior

                                          Enter an option: ugen0.2: <linux 4.9.37+="" with="" 20980000.usb=""> at usbus0
                                          cdce0: <rndis communications="" control=""> on usbus0
                                          cdce0: No valid alternate setting found
                                          device_attach: cdce0 attach returned 6
                                          cdce0: <rndis ethernet="" data=""> on usbus0
                                          cdce0: faking MAC address
                                          ue0: <usb ethernet=""> on cdce0
                                          ue0: Ethernet address: 2a:c9:1a:f8:7f:00</usb></rndis></rndis></linux>
                                          

                                          to check if the module i loaded from pfsense shell i typed kldload /boot/modules/if_urndis.ko and it says

                                          kldload: can't load /boot/modules/if_urndis.ko: module already loaded or in kern
                                          el
                                          

                                          so im a bit confused if my compiled ko is being used or the in kernel one in pfsense, if u think the above is correct shall i report it to the dev on freebsd that the patch doesnt work?

                                          1 Reply Last reply Reply Quote 0
                                          • stephenw10S
                                            stephenw10 Netgate Administrator
                                            last edited by

                                            The if_urnidis kernel module is not included with pfSense either in the kernel or as a loadable module so if you are seeing that it means you have copied it across to the correct place (/boot/modules) and loaded it correctly at boot time with a line in loader.conf.local.

                                            If that was the module created with the patched code rather than whatever you had there before then it looks like the patch did not work.

                                            It still concerns me that the device created is cdce0 and not urndis0. It looks to me as though it's not even using the urndis driver. What happens if you remove the module entirely and boot without it?

                                            Steve

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.