Is it possible to set up a console over USB serial?
-
Is it possible to set up a console over USB serial?
I've run out of ports on my KVM switch and I would like to be able to see messages when the firewall boots and interact with the console out of band?
I know I'm not going to get BIOS messages, and it may not get the very early messages, but I'll take what I can get.
Thanks.
-
Yes, this should be possible. You will need to run dmesg |grep uart to see the USB serial device. You can then use commands like the ones below in your /boot/loader.conf.local file to change the console port:
#Redirect Console to UART 2 comconsole_port="0x3E0" hint.uart.2.flags="0x10" #Redirect Console to UART 1 #comconsole_port="0x2F8" #hint.uart.0.flags="0x0" #hint.uart.1.flags="0x10" #hint.atrtc.0.clock="0" -
Yes, this should be possible. You will need to run dmesg |grep uart to see the USB serial device. You can then use commands like the ones below in your /boot/loader.conf.local file to change the console port:
#Redirect Console to UART 2 comconsole_port="0x3E0" hint.uart.2.flags="0x10" #Redirect Console to UART 1 #comconsole_port="0x2F8" #hint.uart.0.flags="0x0" #hint.uart.1.flags="0x10" #hint.atrtc.0.clock="0"Thanks for the answer… just did a dmesg, and no sign of anything that looks like UART.
Here is the portion of the dmesg during boot that relates to USB. In the process, I
realized that I'm going to need to install a usb to serial adapter before there is anything
to see (don't know if there is a usb to usb solution??). Just for laughs I plugged in a USB
to parallel adapter to see what it put in the dmesg, and all I got was a single ID line. That
makes me wonder about what kind of driver am I going to need to make serial to USB work,
and how far into the process do things have to get before it's even possible to load a driver.Any input would be appreciated.
usbus0: EHCI version 1.0
usbus0 on ehci0
isab0: <pci-isa bridge="">at device 31.0 on pci0
isa0: <isa bus="">on isab0
acpi_button0: <sleep button="">on acpi0
orm0: <isa option="" rom="">at iomem 0xc0000-0xce7ff on isa0
sc0: <system console="">at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
vga0: <generic isa="" vga="">at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
ppc0: cannot reserve I/O port range
est0: <enhanced speedstep="" frequency="" control="">on cpu0
est1: <enhanced speedstep="" frequency="" control="">on cpu1
est2: <enhanced speedstep="" frequency="" control="">on cpu2
est3: <enhanced speedstep="" frequency="" control="">on cpu3
Timecounters tick every 1.000 msec
hdacc0: <intel (0x2882)="" hda="" codec="">at cad 2 on hdac0
hdaa0: <intel (0x2882)="" audio="" function="" group="">at nid 1 on hdacc0
pcm0: <intel (0x2882)="" (hdmi="" dp="" 8ch)="">at nid 4 on hdaa0
random: unblocking device.
usbus0: 480Mbps High Speed USB v2.0
ugen0.1: <intel>at usbus0
uhub0: <intel 1="" 9="" ehci="" root="" hub,="" class="" 0,="" rev="" 2.00="" 1.00,="" addr="">on usbus0
uhub0: 8 ports with 8 removable, self powered
ugen0.2: <vendor 0x8087="">at usbus0
uhub1: <vendor 2="" 9="" 0x8087="" product="" 0x07e6,="" class="" 0,="" rev="" 2.00="" 0.14,="" addr="">on usbus0
uhub1: 4 ports with 4 removable, self powered</vendor></vendor></intel></intel></intel></intel></intel></enhanced></enhanced></enhanced></enhanced></generic></system></isa></sleep></isa></pci-isa> -
The UART serial interfaces only show up as one line for each devices as well.
You should be able to create a serial device with two USB to RS232 adapters and one db9 gender changer In theory this should work, but I have never used a setup like this.Are you sure your machine has no com or UART interfaces? What is your motherboards?
Here are the adapters I use for my machine.
DB9 Female / DB9 Female Null Modem Mini Adapter: https://www.amazon.com/gp/product/7507825604/
USB to RS232 DB9 Serial Male Converter Adapter Cable with FTDI: https://www.amazon.com/gp/product/B00QUZY4JC/ -
Is it possible to set up a console over USB serial?
…interact with the console out of band?What exactly do you have currently? (eg. pfsense hardware, where's serial, where is USB)
For out of band management you could create an additional interface with its own subnet and exclusively allow ssh access there.
Or use a board with an IPMI port (HP calls it ILO) -
Thanks guys..
The UART serial interfaces only show up as one line for each devices as well.
You should be able to create a serial device with two USB to RS232 adapters and one db9 gender changer In theory this should work, but I have never used a setup like this.
Are you sure your machine has no com or UART interfaces? What is your motherboards?Here are the adapters I use for my machine.
DB9 Female / DB9 Female Null Modem Mini Adapter: https://www.amazon.com/gp/product/7507825604/
USB to RS232 DB9 Serial Male Converter Adapter Cable with FTDI: https://www.amazon.com/gp/product/B00QUZY4JC/Is it possible to set up a console over USB serial?
…interact with the console out of band?What exactly do you have currently? (eg. pfsense hardware, where's serial, where is USB)
For out of band management you could create an additional interface with its own subnet and exclusively allow ssh access there.
Or use a board with an IPMI port (HP calls it ILO)Thanks Guys….
I had not seen those FTDI USB connectors.... that's neat... I'm going to try and get one of those.
Do you have this hooked up to pfSense? Which side, and what does the dmesg look like?
The pfSense box is a little net appliance from China... 4 Intel Nics
https://www.amazon.com/gp/product/B019Z8T9J0/ref=oh_aui_detailpage_o00_s00?ie=UTF8&psc=1I do at this point have one real serial port on my Windows Box which I will be using to do the admin, so I should be OK, but I don't have an extra NIC (although a USB NIC is a possibilty if absolutely necessary. Out of band is not essential as it's a home network, but "nice to have" if easy to do.
What if anything will come out over the USB serial during reboot? (SSH is obviously dead till everything is up)
-
Thanks guys..
The UART serial interfaces only show up as one line for each devices as well.
You should be able to create a serial device with two USB to RS232 adapters and one db9 gender changer In theory this should work, but I have never used a setup like this.
Are you sure your machine has no com or UART interfaces? What is your motherboards?Here are the adapters I use for my machine.
DB9 Female / DB9 Female Null Modem Mini Adapter: https://www.amazon.com/gp/product/7507825604/
USB to RS232 DB9 Serial Male Converter Adapter Cable with FTDI: https://www.amazon.com/gp/product/B00QUZY4JC/Is it possible to set up a console over USB serial?
…interact with the console out of band?What exactly do you have currently? (eg. pfsense hardware, where's serial, where is USB)
For out of band management you could create an additional interface with its own subnet and exclusively allow ssh access there.
Or use a board with an IPMI port (HP calls it ILO)Thanks Guys….
I had not seen those FTDI USB connectors.... that's neat... I'm going to try and get one of those.
Do you have this hooked up to pfSense? Which side, and what does the dmesg look like?
The pfSense box is a little net appliance from China... 4 Intel Nics
https://www.amazon.com/gp/product/B019Z8T9J0/ref=oh_aui_detailpage_o00_s00?ie=UTF8&psc=1I do at this point have one real serial port on my Windows Box which I will be using to do the admin, so I should be OK, but I don't have an extra NIC (although a USB NIC is a possibilty if absolutely necessary. Out of band is not essential as it's a home network, but "nice to have" if easy to do.
What if anything will come out over the USB serial during reboot? (SSH is obviously dead till everything is up)
Yes, i use that setup on my pfsense box in my signature.
Serial console allows you to access the terminal before ssh and see the full boot process /debug if needed.
-
Yes, i use that setup on my pfsense box in my signature.
Serial console allows you to access the terminal before ssh and see the full boot process /debug if needed.
I assume that you are using a "real serial port" is on the pfSense box, and the USB is on the machine you are using for management correct?
I don't know a lot about either FreeBSD or USB, but from what I have read (and may or may not have understood or remembered correctly), a "Real Serial Port", is (or at least can be) interrrupt driven I/O, but a USB serial is polled I/O (Am I correct???). Is that going to work with pfSense (FreeBSD)?
-
Yes, i use that setup on my pfsense box in my signature.
Serial console allows you to access the terminal before ssh and see the full boot process /debug if needed.
I assume that you are using a "real serial port" is on the pfSense box, and the USB is on the machine you are using for management correct?
I don't know a lot about either FreeBSD or USB, but from what I have read (and may or may not have understood or remembered correctly), a "Real Serial Port", is (or at least can be) interrrupt driven I/O, but a USB serial is polled I/O (Am I correct???). Is that going to work with pfSense (FreeBSD)?
Yes, I am using real serial port on my pfSense box (RS232) with a RS232 to USB adapter to a raspberry Pi.
I am not sure if a usb serial device will work via FreeBSD.
-
Unfortunately I don't have a USB port on my pfSense box, so I don't have a choice. I wonder if there is anyone here who knows FreeBSD well enough to know if it is possible or not.
-
Unfortunately I don't have a USB port on my pfSense box, so I don't have a choice. I wonder if there is anyone here who knows FreeBSD well enough to know if it is possible or not.
I did some more research on this….. I don't think the console will work over usb
-
Thanks… I was afraid of that.
-
You can still use telnet or ssh to monitor your console, once your pfSense has booted up.
-
You can still use telnet or ssh to monitor your console, once your pfSense has booted up.
Thanks, yes I do that now… was just hoping not to have to pull a monitor off a PC to watch the FW boot. Not the end of the world, don't have to boot very often, and as long as it boots within 2-3 minutes, I likely don't really need to see it live, I can just dmesg.
-
…hoping not to have to pull a monitor off a PC to watch the FW boot...
Still 2 possibilities.
a) Get a streaming device that converts your VGA to an IP stream to be viewed with any streaming receiver OR
b) look at your motherboard and find out what the white pin header at bottom center is. (see pic attached) Could be a serial port.
-
…hoping not to have to pull a monitor off a PC to watch the FW boot...
Still 2 possibilities.
a) Get a streaming device that converts your VGA to an IP stream to be viewed with any streaming receiver OR
b) look at your motherboard and find out what the white pin header at bottom center is. (see pic attached) Could be a serial port.Thanks for the reply… Can't cost justify a)... likely cheaper to upgrade from a 4 to 8 port KVM switch.
b) is a possibility... not sure how I would do it though, or how I would work out the mechanics of an external connection without making the box look like a piece of crap.Open to suggestions. For now, I'll run it headless as long as it boots OK, and if it hangs for any reason, I'll have to pull the KVM leads off another box. I might consider the serial mods on my FreeNAS box, it has a real serial port... then I have a spare KVM port.
-
…the mechanics of an external connection without making the box look like a piece of crap...
Come on!
There are two (unused ?!!) holes for wireless antennas already in the box. Use a 3,5mm jack and install it in one of them. All you need are 3 pins for TX, RX and GND and a custom cable with a 3,5mm stereo connector to a db9 plug.Or wire the db9 socket with 2m of small cable directly through the hole. I use small diameter AES/EBU microphone cables for that (2 leads and 1 screen). Done.
Something like that:
https://www.amazon.com/24AWG-Extra-Digital-Audio-Cable/dp/B00HRO5A02/ref=sr_1_13?ie=UTF8&qid=1470139237&sr=8-13&keywords=24AWG+AES%2FEBU+cable
Your local music store is happy to help you with that. -
Good point… I've been staring at the port side of the box because of where it's mounted, so I forgot about those holes, so I could see possibly doing that.
Only thing is, if that is a serial port, wouldn't it show in dmesg? I don't have the FreeBSD background to know how to probe for the UART.
So before cracking open the case and risking physical damage I would want to:
Step 1: Detect the presence of a UART though software to determine if it exists and what it's hardware is.
Step 2: Determine if there is a driver for that hardware, and if it needs CTS/RTS flow control to operate.If I get though 1 & 2, then I'd do a test with the box open, and if that passed, I'd worry about making it pretty, but unless I get 1 and 2 figured out first, don't want to put the effort into the physical stuff.
**An aside:
Also, how to you reassemble the unit. I looked inside when I installed memory and SSD, and that heat sink arrangement looked pretty scary to put back together if the motherboard was removed. **BTW… does your original image file have higher resolution of the components around that connector? When I looked at it, my first guess was that it was power to support a SATA device plugged into the SATA port.
-
… does your original image file have higher resolution...
Me?
That's a picture from the Amazon article description. I don't know more about that unit than what's written here or there. I don't have one. -
Good point… I've been staring at the port side of the box because of where it's mounted, so I forgot about those holes, so I could see possibly doing that.
Only thing is, if that is a serial port, wouldn't it show in dmesg? I don't have the FreeBSD background to know how to probe for the UART.
So before cracking open the case and risking physical damage I would want to:
Step 1: Detect the presence of a UART though software to determine if it exists and what it's hardware is.
Step 2: Determine if there is a driver for that hardware, and if it needs CTS/RTS flow control to operate.If I get though 1 & 2, then I'd do a test with the box open, and if that passed, I'd worry about making it pretty, but unless I get 1 and 2 figured out first, don't want to put the effort into the physical stuff.
**An aside:
Also, how to you reassemble the unit. I looked inside when I installed memory and SSD, and that heat sink arrangement looked pretty scary to put back together if the motherboard was removed. **BTW… does your original image file have higher resolution of the components around that connector? When I looked at it, my first guess was that it was power to support a SATA device plugged into the SATA port.
I think your best bet is to switch one of your 8 KVM devices to use the serial console and change your pfSense box to that open KVM connection.
I agree that we should be seeing the serial port show up in dmesg if it was detected on the motherboard. Do you have any serial or com port settings in the BIOS?
I also agree that putting this machine back together may be difficult with the heatsink
