PfSense on a Riverbed Steelhead
-
You have identical hardware?
https://shoup.io/project-steelwall.htmlit's a little out of date these days. No need to mount RW if you're running Nano as it's always mounted RW.
Always use /boot/loader.conf.local
That hardware appears to be 32bit which means no 2.4.
Steve
-
hi
i also interested to get the two left NICs working.
someone been successful?
Thanks
-
You have access to the BIOS?
Any lan bypass or watchdog functions available there?
Otherwise you will need to switch the relays manually by flipping the control registers. Or by changing the circuit that drives them.
Are you up for a challenge? ;)Steve
-
You have access to the BIOS?
Any lan bypass or watchdog functions available there?
Otherwise you will need to switch the relays manually by flipping the control registers. Or by changing the circuit that drives them.
Are you up for a challenge? ;)Steve
Unfortunately there is no option in the BIOS to activate the relays manually.
I read a few posts on other Websites about bridge the relays power feedpin to an Mosfet to power them from boot.
iam a noob in things like this. But i really want to get it working. do you have some information, maybe some pictures how i had to modify the relais circuit ?
here is a picture
thank you so far
-
Ok, so to be clear there no bypass OR watchdog settings in the BIOS?
And there are no jumpers on the PCB? I can't make out any from your photo but it's not very high resolution.
You have two choices. Electrically bridge the relays by powering them from somewhere. Or, more fun IMO, try to find the GPIO that controls the relays and set it in software.
There will be typically two places that have GPIOs that could have been used, the ICH and the SuperIO chip. They may have used the parallel port but that's crude, unlikely for relays that are on the main board.
Steve
-
I'd go the fun route. It's way more fun. ;D
-
Yup, immensely more satisfying when (if) you get it to work. ;D
Steve
-
I took some pictures in better resolution
maybe you can see something on it
-
I'm afraid the real tracks are on the other side of the board. On top of that, GPIO control is done in software, so you'd have more luck poking around on the GPIO's on the shell.
-
Mmm, with no jumpers and nothing in the BIOS it's time to start poking GPIOs.
You might want to read this thread for some ideas how to do that: https://forum.pfsense.org/index.php?topic=81292.0
Steve
-
Have anyone enable this bypass ports?
-
-
Yup, you'll have to start poking GPIO registers. Tedious but fun when it works!
I can probably offer assistance as time allows.
Steve
-
If you reinstall the original Steelhead code you can toggle the bypass NIC to "fail-to-block" i.e. keep both NICs up all the time. See CLI commands below. The interface name is "inpath0_0". You can do a "show run" CLI command to see all the settings and interface names.
Once you set "fail-to-block", the HW seems to remember the setting (it must be flipping a hidden BIOS setting) so you can install pfsense and have the additional two NICs.
Fail-to-Block CLI commands:
• no interface <interface-name> fail-to-bypass enable: Sets the interface to block when there is a failure.
• interface <interface-name> fail-to-bypass enable: Sets the interface to bypass when there is a failure. -
Hello everyone,
I recently got a Rivebed Steelhead 250L identical to the on the image.
There is a jumper that (J20) located beside the connection between the power supply and the motherboard.
Just tried it now and it resets the bios settings :( not the bypass ports.I am trying to get ESXI or PFsense or FreeNAS to work on it now.
-
So you also have ports stuck in by-pass mode? No BIOS access?
Steve
-
@stephenw10 Thanks for the reply. Yes they are not turning on. I do have bios access ( pressing del on startup) but no option there to change any setting regarding network.
Tried:
Fail-to-Block CLI commands:
• no interface <interface-name> fail-to-bypass enable: Sets the interface to block when there is a failure.
• interface <interface-name> fail-to-bypass enable: Sets the interface to bypass when there is a failure.Curious that i hear no clicks when i execute the commands, maybe power is already applied.
When running on RIOS, these commands do turn the lights off/on on the ports. After reboot and boot from pfsense on usb, the ports remain off. Pfsense detects all ports but only AUX and Primary usable.
I have tried also to install ESXI / Freenas on this appliance with no success even booting.
-
Ok, so unless you can see any jumpers that might set them then, as I said two years ago, you will have to start poking at GPIOs to try to find what controls them. You might find a clue in the RIOS boot logs or filesystem.
Steve
-
Regarding GPIOs, rather than poking around thi maybe this can be of use. Using ipmitool under Linux, these commands are said to enable inpath nics. Never tried it myself.
ipmitool -v raw 0x3e 0x20 0x80 0x7f 0x00 0x00
ipmitool -v raw 0x3e 0x20 0x80 0x7f 0x01 0x00I think the above alters some i2c registers to do the trick. Try it under Linux first. If it works, try a FreeBSD method for setting such registers.
I took a look at the, again Linux based, approach used by rbMode on github. That guy's script refers to SMBUS and I can't figure how how SMBUS addresses relate to the ipmitool addresses.
-
Quick note: Riverbed used Silicom bypass nics in their larger appliances. Silicom has FreeBSD drivers with source code on their web site. The source code might provide insight into methods for enabling your bypass nics. URL for Silicom 2port bypass nic here....
https://www.silicom-usa.com/pr/server-adapters/networking-bypass-adapters/gigabit-ethernet-bypass-networking-server-adapters/pe2g2bpi80-bypass-card/
