Realtek nic and watchdog timeout
-
Hi,
I have had some watchdog(?) watchguard(?) whatever the message is timeouts on my pfsense PC lately.
They are in-frequent and seem to happen when three or more people in the house are working over VPN connections AND the normal house traffic is going on.
The timeouts are causing weird stuff to happen. For example, I am connected to my work vpn, my work laptop sits on my desk just below my personal desktop monitors. So I am watching Netflix on y personal desktop and working from my laptop while it is connected to my workplace VPN. Very similar setups going on with my wife and oldest son. My youngest son is watching Netflix, gaming and surfing the web. My mother-in law is watching Netflix. So then, the watchdog timeouts occur and all devices connected to a VPN can still reach the internet AND local LAN shares. All devices NOT connected to a VPN cannot. Reboot pfsense PC and all is well again. I never have to reboot the cable modem.
Is this just bandwidth issue or maybe cause by the Realtek drivers (all 3 ports on Pfsense are Realtek cards = re0/1/2) and would another Realtek driver possibly resolve this? OR, is it simply my 150/15Mbps connection getting swamped?
Also, the next time my Pfsense PC fails I am going to look for an Intel nic and would like some comments as to the MOST compatible Intel nic for PFsense/FreeBSD. My research has brought me to the Intel i350-T4 v2 and I wonder if someone could suggest something better/faster/more compatible. I will be going GB connection within the next year and maybe within the next few months if this watchdog thing continues.
I was reading this thread in my research on the watchdog timeouts:
https://forums.serverbuilds.net/t/guide-resolve-realtek-nic-stability-issues-on-freebsd-pfsense-2-4-4-2-4-5-2-5-0-opnsense-use-2-5gb-realtek/3555
I am not sure about the person who did this and what difference there is between the driver that comes with FreeBSD and the one available from this website and hesitate to install it on my firewall. I could download the source from Realtek and compile it myself but am not sure if the source from Realtek will give me the same driver as is provided with FreeBSD....
-
Realtek NIC can be like any other NIC : they don't bother you ....
To make a small story short :
(if issues) && (realtek) => ditch realtek.
There is , on this forum, a thead with an updated "re" (realtek) NIC driver. Don't need to go to opsense for that.Btw : all this has nothing to do with "VPN".
And VPN as VPN server ? VPN client ? -
Installing the alternative driver now it exists as a package in FreeBSD is much much easier.
https://forum.netgate.com/post/946321
And doesn't require trusting some random binary from a forum. No one should be using that IMO.
Compile it yourself or use the FreeBSD package.Steve
-
VPN clients in all cases.
Thanks Gertjan. I didn't search the Netgate forums, I did a general search using google and thats the thread I found. It's actually : serverbuilds.net not opnsense; the tthread is just talking about opnsense,pfsense, various NAS devices...
Yes I am going to ditch realtek in my next iteration, I have one more PC left for PFsense then I will buy an appliance..I am hooked on PFSense so no way going to go back to consumer based router/firewalls.
-
thanks Stephen that's awesome. I will do just that.
Quick question about the Netgate realtek driver install instructions.
It says: cat loader.conf.local
if_re_load="YES"does cat loader.conf.local get written over every reboot wiping out any changes and should I do cat loader.conf
if_re_load="YES" instead? -
You should use the .local file specifically because it does not get overwritten. The main loader.conf file does get re-generated with some setting chnages in pfSense.
The cat command just shows you whats in the file. Use:
echo 'if_re_load="YES"' >> /boot/loader.conf.localThat creates the file if it doesn't exist yet and adds the line.
Steve
-
@1of1000quadrillion said in Realtek nic and watchdog timeout:
loader.conf.local
loader.confcan get over written by 'the system'.
loader.conf.localis a 'local' file, maintained by the admin only. The system will use it, if it exists.
@stephenw10 said in Realtek nic and watchdog timeout:
Installing the alternative driver now it exists as a package in FreeBSD is much much easier.
https://forum.netgate.com/post/946321Very nice
-
-
Well, that went smoothly enough - thank you for the simple instructions to follow. I haven't reboot yet because there is a message after driver install as follows:
By default, the size of allocated mbufs is enough
to receive the largest Ethernet frame supported
by the card. If your memory is highly fragmented,
trying to allocate contiguous pages (more than
4096 bytes) may result in driver hangs.
For this reason the value is tunable at boot time,
e.g. if you don't need Jumbo frames you can lower
the memory requirements and avoid this issue with:hw.re.max_rx_mbuf_sz="2048"
I assume that I do not need jumbo frames as my connection speed is 150Mbps down/15Mbps up.
I would like to set that tunable before rebooting.
Can I do this in the normal pfsense web interface on the advanced=> system tunables by clicking the new button and, more importantly, do I enter it exactly as shown or do I have to make an entry for each NIC and identify it, for example, for re0 would the entry read:
hw.re0.max_rx_mbuf_sz="2048"
or just leave it alone and add it like it is.
Does it get added to the loader.conf.local file also and if so can I just do:
echo 'hw.re0.max_rx_mbuf_sz="2048"' >> /boot/loader.conf.local
or will that overwrite the existing file that already has the reload="YES" line in it?
Thanks again guys.
-
You probably don't need to set anything non-default there.
It's probably global for all re interfaces, just
hw.renothw.re0etc.It looks like a loader variable so it must go in loader.conf.local.
The
>>appends to the existing contents of that file.
But you could just use the gui editior in Diag > Edit File.Steve
-
I just used WinSCP edit (notepad ++)
Just wanted to say thank you very much for both your efforts/comments.
I duplicated the type of traffic that would normally set off the watchdog timeouts and went to bed and in the morning when I got up all my stuff was completed. My son was up all night streaming/gaming/VoIP'ing with friends and he said the internet was fine all night, no buffering, no VoIP issues gaming was good.
If anyone wants to know what my tests were:
Connected to my personal VPN on my personal desktop
Connected to my work VPN on my work laptopstarted 10 Linux ISO torrent downloads on my personal desktop
started 10 Linux ISO torrent downloads on my work laptop
started a Windows 10 ISO download on my Win-server
Started streaming a movie from my Plex server on my personal desktop
Started a Netflix movie from my personal desktopMy line is over provisioned I pay for 150 Mbps down/15Mbps up but because of my constant whining about slow speeds I usually see 20Mbps down and 20 Mbps up.
I figure the firewall was bandwidth saturated for about 2 hours or more and that was 3 nights ago. I haven't seen a watchdog error since so I am thinking all is resolved now.
Once again, thank you both very much.
-
It's been almost a week (6 days) and I haven't seen a watchdog timeout since I upgraded the driver. I would have seen one or two a day if this was still an issue.
Thanks again guys.
-
Many thanks for sharing these simple instructions! I agree this was much easier than messing about with compiling drivers and manually editing boot files. Much appreciated
pkg install realtek-re-kmod
then
echo 'if_re_load="YES"' >> /boot/loader.conf.local
then
reboot
then check the boot logs for output from the new driver loading using
grep version: /var/log/dmesg.boot
(output to look for is re0: version:1.96.04)
but also the if_re.ko driver is listed for me when I use
kldstat | grep if_re
which shows output ending in 11e230 if_re.ko (when driver loaded)Source:
https://forum.netgate.com/topic/135850/official-realtek-driver-binary-1-95-for-2-4-4-release/168# -
This post is deleted! -
B bmeeks referenced this topic on
