Watchguard XTM 5 Series
-
Yes the max and min values for the E8400 (at least the one I have) are 9x and 6x so only 4 speeds. Unless it supports half speeds, I haven't tested.
Lot of warnings when you compile that. I think I went through it and fixed them last time around… too long ago! ::)
Steve
-
This post is deleted! -
Yes, seems to. But I've just seen a horrible typo! :-[
Edit: OK this looks better. Works OK here but YMMV. To be honest it doesn't do much from my testing. Maybe 1W less, at idle at least.
Steve
-
I have not attempted to fiddle with the rest of the code to correct the factory errors. I find the code very confusing, with my limited coding experience - I have done mostly C in the past. I tried the Intel reference manual but that was of not much help either. So if you recall how you fixed the errors it would be great to see a diff.
I have now confirmed that the BIOS (and the CPUs of course) support C1E state, so when idle the power is already as low as it can get even without SpeedStep. The benefit will be at partial loads, but I'm not sure how to quantify it. I looked at it this way - if I can spend a bit of time now and learn in the process it's worth it, even if it saves me only a few $ over the deployment time. At my rates here 1W a year is about $1 saved ::)
-
$1, it all counts! ;D
I was never really doing it for the power saving. That was the same conclusion I came to about C states. My own coding skills are nothing special, I think used trial and error last time.
Steve
-
This post is deleted! -
This post is deleted! -
Has anyone got 2.4.3 update working on XTM 5 yet? For me 2.4.2 update works fine. But if i try updating from 2.4.1 to 2.4.3 the unit stops booting. Any ideas?
-
@747builder: Yes. Loading the compiled .aml file at boot works as long as you're running a BIOS with Speedstep unlocked and enabled.
@diesel678: Yes, running 2.4.3 here. Had no issues upgrading.
Edit: Typo
-
I measured my youngest (manufactured in 2015) XTM5 box power consumption with the Q9505S CPU in all power states with all cores loaded using mprime. This unit is also equipped with 80+ PSU made by FSP, as opposed to my other two units that have Seventeam PSUs. The idle power consumption on this box is only 37W.
But in my measurement I also discovered why Lanner / WatchGuard might have disabled Speedstep. Basically, it looks like the box power consumption savings are smaller than the extra processing time required by the CPU caused by reduced frequency, resulting in net power consumption increase rather than decrease! See the attachment.A good practical case study would be to measure steady state power consumption of a XTM5 box in actual installation with both BIOS configurations. Like a unit doing all its routing / firewalling / UTM duties under controlled traffic…
Edit: I had a momentary lapse of reason and the numbers in the attachment are obviously incorrect, since they assume that when the box is idle it consumes 0W as opposed to 37W. I will post corrected numbers later tonight, but there is a notable overall power saving, so implementing SpeedStep remains worthwhile.
 -
Ok, fresh off the press, here are the corrected power consumption numbers and net energy use for XTM5 with Q9505S in each available processor power state. Note that I was able to load the CPU more consistently by selecting a different mprime torture workload and I repeated each test several times to eliminate measurement variability. Also note that I reformatted the table to make it easier to understand. The numbers look very good and I will definitely keep Speedstep enabled in my deployed box. Under partial loads the energy savings are substantial!
Peter.
Edit: Cleaned-up the attached image for additional clarity.
 -
Nice! Guess I'll leave it enabled then. ;)
I'll do it anyway just to see how it affects stability, if at all.
Steve
-
I've read in a different thread that you do not need to flash the bios on an XTM 505 if you use a hard drive to boot pfsense. I can get the hard drive to boot on a different machine but on my XTM 505 it boots up shows me the bios and just plays a weird post jingle. When I get into bios everything is still view only. So I'm guessing I will have to flash it. Is there a particular bios I should flash with?
-
Yes, it should be possible to boot without flashing the BIOS. I may have already unlocked mine before I put an SSD in there. It certainly boots a CF card without any change.
Either the image I tweaked ages ago or t-rexky's image linked above should unlock the options and allow you to choose what to boot from.
There are details on flashing it earlier in this thread.
Be aware that flashing your BIOS is always inherently risky and that doing so with an image you downloaded from a forum even more so. ;) Your box may end up a brick etc etc
Steve
-
Yes, it should be possible to boot without flashing the BIOS. I may have already unlocked mine before I put an SSD in there. It certainly boots a CF card without any change.
Either the image I tweaked ages ago or t-rexky's image linked above should unlock the options and allow you to choose what to boot from.
There are details on flashing it earlier in this thread.
Be aware that flashing your BIOS is always inherently risky and that doing so with an image you downloaded from a forum even more so. ;) Your box may end up a brick etc etc
Steve
Got it, thank you. The only CF card I have at the moment is the 1GB that came with the Watchguard. When I used Win32DiskImager to image that card with your rom it still wont boot to the CF card. Is there a size limitation or am I goofing something up?
-
What do you mean by "When I used Win32DiskImager to image that card with your rom it still wont boot to the CF card."? You need a CF card with a bootable OS on it, BSD or Linux, a file with the BIOS image and installed 'flashrom' tools to actually do the reading and writing of the EPROM…
Also, the XTM5 boxes boot from SATA devices if there is no CF card installed without a need to flash the BIOS, so there is something else gone south with your attempts. So, unchanged factory BIOS with factory settings should successfully boot a SATA drive as long as you remove the CF card. All you need to do is unplug the CF card and plug-in the SATA drive, then power-up.
-
What do you mean by "When I used Win32DiskImager to image that card with your rom it still wont boot to the CF card."? You need a CF card with a bootable OS on it, BSD or Linux, a file with the BIOS image and installed 'flashrom' tools to actually do the reading and writing of the EPROM…
Also, the XTM5 boxes boot from SATA devices if there is no CF card installed without a need to flash the BIOS, so there is something else gone south with your attempts. So, unchanged factory BIOS with factory settings should successfully boot a SATA drive as long as you remove the CF card. All you need to do is unplug the CF card and plug-in the SATA drive, then power-up.
Ok, obviously I'm being a dummy about the BIOS then. Thanks for the info. I guess I still have some troubleshooting to do with the SSD then.. I can boot pfsense if I plug the SSD into another machine. But for whatever reason the Watchguard just sits there stuck at the different startup options.
-
Keep in mind that the XTM box BIOS defaults to IDE mode on SATA, not AHCI. If you installed pfSense on a machine in AHCI mode then perhaps it chokes on the XTM in IDE mode… I don't know enough about pfSense driver implementation to be able to talk intelligently about this. Hopefully someone else can chip in.
-
Keep in mind that the XTM box BIOS defaults to IDE mode on SATA, not AHCI. If you installed pfSense on a machine in AHCI mode then perhaps it chokes on the XTM in IDE mode… I don't know enough about pfSense driver implementation to be able to talk intelligently about this. Hopefully someone else can chip in.
I did notice the system was in AHCI mode when I was installing to the hard drive. I swapped it to IDE and then booted to a DVD of pfsense and then reinstalled to the drive but I'm getting the same results. I'll test creating the installation media in IDE as well.
-
If you’re wanting to unlock the bios I would remove the CF card and run straight from the ssd and get it working first. Then follow the instructions on page three of this forum. I believe I used putty and fetched it directly and then updated the bios that way.
Investigating the XTM8 box caused me to re-investigate the various bios editing tools available and I have now found that newer versions of amibcp are able to correctly edit the SuperIO tables without corrupting the bios in the process. So now we can have the bios correctly configure the SIO chip for gpio use and set the arm/disarm LED to red at boot, which seems like the way it should have been all along.
Flashing the bios is always a risk and I have bricked my own box doing it many times! However it was always due to a corrupt bios file rather than the flashing process itself and it is possible to recover from a bad flash (see earlier posts here). So the modified bios file is here. Flash at your own risk!
Modifications are:
Bios setup menus are unlocked and some aditional menus are unhidden.
LCD now reports 'pfSense V1.8' at boot time.
Speedstep is unlocked and enabled if you have a compatible CPU.
Arm/Disarm LED is now red from boot.Probably the safest way to get this file, least chance of corruption, is to fetch it straight to the box.
[2.1-BETA1][root@pfsense.localdomain]/tmp(10): fetch https://sites.google.com/site/pfsensefirebox/home/xtm5_83.rom xtm5_83.rom 100% of 1024 kB 1957 kBpsYou can then also check its MD5 sum is correct:
[2.1-BETA1][root@pfsense.localdomain]/tmp(11): md5 xtm5_83.rom MD5 (xtm5_83.rom) = e75bc93ca2db547a3facb8d611f0d441Then write it with flashrom from there:
[2.1-BETA1][root@pfsense.localdomain]/tmp(13): flashrom -w xtm5_83.rom flashrom v0.9.5.2-r1515 on FreeBSD 8.3-RELEASE-p8 (i386), built with libpci 3.1.9, GCC 4.2.1 20070719 [FreeBSD], little endian flashrom is free software, get the source code at http://www.flashrom.org Calibrating delay loop... OK. Found chipset "Intel ICH7/ICH7R". Enabling flash write... OK. Found ST flash chip "M25P80" (1024 kB, SPI) at physical address 0xfff00000. Flash image seems to be a legacy BIOS. Disabling coreboot-related checks. Reading old flash chip contents... done. Erasing and writing flash chip... Erase/write done. Verifying flash... VERIFIED.It may be necessary to reset the CMOS with the on board jumper to get access to the bios menus. My box has been unlocked for so long I can't remember if I had to and I have no easy way to test. ::)
Steve
