A day with the VigorNIC



  • Preamble:

    In case you haven't heard about it yet, Draytek's VigorNIC 132 series of cards are routers in PCIe form that can be switched into bridge mode to be used as a ADSL2(+) / VDSL modem, allowing to build clean single enclosure routers driven by the router software we all love, pfSense.

    Using the current FreeBSD 8.2 based branch of pfSense, the VigorNIC card works out of the box. It shows up as a Realtek NIC dubbed "re0" in pfSense.

    My LAN is set up to make use of the 192.168.0.0 /24 network. Out of the box my card was set up to use IP 192.168.1.1. Someone else reported his card to having been set to 192.168.2.1, so keep that in mind when setting up routing later.

    Getting access to the card's web and telnet interfaces is a necessity. By plugging a computer into another computer you're building a cascade. Since you can't access a computer hidden behind another computer without routing and routing being only possible between different networks, you need to make sure that both the card and pfSense actually are on different networks. In my case the aforementioned IP address ranges were already set up perfectly, but if you're already working inside the 192.168.1.0 network, you have to at least temporarily switch your computer and pfSense to a different network before you can access the VigorNICs web interface through routing.

    The following guide is written using the IP address ranges given above.

    How-To:

    Plug the card into your router and boot it up. Set the "re0" interface to be used as the WAN port via the console.

    In the pfSense webinterface, go to "Interfaces" -> "(assign)". From the drop down menu to the left of the green "+ Add" box, select the "re0" network port and click said green "+ Add" button and then "Save". It should look something like this:
    http://i.imgur.com/mlD2oMx.png

    Click on the newly created OPT1 interface to access its settings or go via "Interfaces" -> "OPT1". Give it a static IP in the same (presumed) address range as your VigorNIC card. Looks like this for me:
    http://i.imgur.com/PPBfy12.png

    Open "PPPs" and edit the entry that reads "pppoeX" in the "Interface" column and "re0" in the "Interface(s)/Port(s)" column. Enter the login information as obtained from your ISP and hit "Save". Should look similar to this:
    http://i.imgur.com/zDRAGHU.png

    Head on to "Bridges", where you add a new bridge configuration like so:
    http://i.imgur.com/GNsUBBg.png

    Finally, go to "Firewall" -> "NAT", select "Outbound", check "Manual Outbound NAT rule generation. (AON - Advanced Outbound NAT)" and add this new rule:
    http://i.imgur.com/Ax4mZiA.png

    Done. You should now have access to both the telnet and web interfaces of your VigorNIC card.

    The web interface is the biggest pile of non-working manure I've seen in a long while. The only thing it's good for really is to flash a new firmware. Other than that it doesn't save some settings you make because there are no "apply" or "save" buttons in certain areas while in other areas it wrongfully complains about correcting settings you want to disable but won't let you actually continue the disabling or remember the corrections.

    Have your way with the web interface and see what is what. After you've tested everything and find you can't get pfSense to connect to the internet, push the reset button on the back of the card, wait for it to finish booting, grab a telnet client, log in using "admin" and "admin" and simply tell it "vigbrg on". That puts the card into bridge mode ready to be used by pfSense.

    Pros and cons of the VigorNIC

    • really fast boot time
    • downstream attainable transmission rate much closer to the actual rate compared to other modems, meaning no headroom when the line is negatively affected by something
    • bugged web interface

    I'm going to keep it and see if DrayTek release one or two new versions of the firmware. I'm also interested to find out how the card behaves during the next couple of weeks. Right now however I in good consciousness can't recommend it to anyone.



  • Hey Dylsic,

    thanks for sharing your knowledge about the VigorNic 132!

    I am thinking about replacing my Draytek Vigor 130, with this PCIe Card and I have a couple of questions.

    Is it possible to use the secondary Ethernet Port (WAN2) in pfSense, for example as a Lan port to connect to the rest of the network?
    Has the web interface been improved upon through an update, during the month you own that card?
    Has it been stable so far or did you encounter any problems during daily-use?

    Kind regards,
    Jannik



  • Hi Jannik,

    sorry for responding so late.

    Only the card itself shows up as a new ethernet port. The physical ports themselves don't seem to be mapped; 'ifconfig' didn't display any new adapters besides re0.

    No firmware update has been released until around a week ago when I last checked for updates.

    The card has been stable although a bit on the slow end on my DSL 16MBit line. Had to reduce SNR by 6db to get the performance I was used to. Line has been stable despite this reduction.

    On my new VDSL2 100MBit line though, the card paints a very different picture as it drops my connection at least twice a day, no matter what I set SNR to. The training process also takes about two minutes, compared to the ~15 seconds training took on my old DSL 16MBit line.

    I've got an external modem incoming (TD-W9980) to run some more tests to figure out whether the line or the modem is causing these issues. Should be waiting for me when I get home. Right, Amazon? ;)

    [edit]
    Turns out I had a faulty cable in my house wiring. Using a cat 6 cable not only got rid of the disconnects, it also improved the speed with which the card syncs by 2 MBit.

    I bricked my TD-W9980 unfortunately. Got OpenWRT installed just fine (necessary for vectoring support), but when making some changes to the LAN configuration something went wrong. Turns out the  usual OpenWRT recovery procedure doesn't work on this model so I need to do some soldering, which I can't because I lack the equipment. Have to ask a co-worker next year.

    Got myself a ZyXEL VMG1312-B30A too and put it into bridge mode. Syncs 21mbit higher than the VigorNIC but takes equally long to do the actual synchronization. Net speed is about the same (11.3 MByte/s). Gonna keep all three of them to have spares just in case and for demonstration purposes.



  • Hello Dylsic,

    Many thanks for the instructions on how to configure the VigorNIC. I did it 5 times and i'm encountering the same error… :( I cant access the website or even telnet as you mention. When i do a ping to 192.168.1.1, it says host unreachable...any idea? I check the firewall rules, NAT, all looks fine...did i miss something..? :)

    Cheers
    Yan



  • Did you set up a new virtual interface in pfSense with an IP in the 192.168.1.0 /24 network and assign it to re0? Try pinging 192.168.1.1 (one possible address of the VigorNIC) via Diagnostics -> Ping and see if that works. If it doesn't, try changing the IP address of the virtual interface to something in the 192.168.2.0 /24 network and try pinging 192.168.2.1 (another possible address of the VigorNIC).

    If none of that works, please provide me with screenshots of your OPTx settings.

    The idea is to get your pfSense box to see the card first prior to any routing. Only when that works we can tackle routing.



  • @Dylsic:

    Did you set up a new virtual interface in pfSense with an IP in the 192.168.1.0 /24 network and assign it to re0? Try pinging 192.168.1.1 (one possible address of the VigorNIC) via Diagnostics -> Ping and see if that works. If it doesn't, try changing the IP address of the virtual interface to something in the 192.168.2.0 /24 network and try pinging 192.168.2.1 (another possible address of the VigorNIC).

    If none of that works, please provide me with screenshots of your OPTx settings.

    The idea is to get your pfSense box to see the card first prior to any routing. Only when that works we can tackle routing.

    Screenshot attached for the OPT Interface. Do i need to assign an IP to this interface? If i assign an IP, when i log via the web interface it goes to the pfsense console instead to the Draytek console.




  • Yes, you do need to give it its own IP. If you can then access your pfSense box using this IP everything is fine, but not really what you're after. Try accessing the VigorNIC's presumed IP instead.

    Here's what the OPT1 settings look like for me:

    http://i.imgur.com/PPBfy12.png



  • @Dylsic:

    Yes, you do need to give it its own IP. If you can then access your pfSense box using this IP everything is fine, but not really what you're after. Try accessing the VigorNIC's presumed IP instead.

    Here's what the OPT1 settings look like for me:

    http://i.imgur.com/PPBfy12.png

    Thanks. That was the missing puzzle :) I didn't assign an IP to the interface.. so it;s all good now.

    Regarding the firmware, i applied the one that suitable to my ISP, i'm able to achieve the max. speed in terms of download/upload. Before applying the firmware that's suitable for my ISP, i was using the standard firmware, not optimized one for specific ISP,  the download speed was around half of it.



  • Hi Dylsic,

    I'm attempting to set up this same configuration, but I'm having a problem with your fist steps,

    "How-To:

    Plug the card into your router and boot it up. Set the "re0" interface to be used as the WAN port via the console.

    In the pfSense webinterface, go to "Interfaces" -> "(assign)". From the drop down menu to the left of the green "+ Add" box, select the "re0" network port and click said green "+ Add" button and then "Save". It should look something like this:
    http://i.imgur.com/mlD2oMx.png"

    If I assign "re0" via the console to the WAN interface, I am unable to also set it to opt1 through the web interface, have I misunderstood something?  I see that your WAN is reported as "PPPOE0(re0)" whereas mine just says "re0" and the mac address, is this why I don't have the option of setting re0 to OPT1.  The attached screen shot illustrates the problem.

    Any assistance you can offer would be appreciated.

    Thanks

    Scott.

    ![Screenshot PFSense Interfaces web.jpg](/public/imported_attachments/1/Screenshot PFSense Interfaces web.jpg)
    ![Screenshot PFSense Interfaces web.jpg_thumb](/public/imported_attachments/1/Screenshot PFSense Interfaces web.jpg_thumb)



  • Hi Yan777,

    Sounds like you managed to get this working, could you possibly please help with my query above, regarding the dual assignment of the re0 interface? Any help would be greatly appreciated.

    Many thanks in anticipation.

    Scott


  • Netgate Administrator

    I haven't use that NIC but if it's like Drayteks other external "modems", v120 v130 etc, then it will be in bridge mode by default.

    You only need to assign the re0 NIC on the card directly in order to access the cards telnet interface. If it's in bridge mode already you don't need to do that.

    I assume you are using a PPPoE VDSL/ADSL connection?

    Go to the PPPs tab in Interfaces > assign and create a new connection to your ISP using re0 as the parent interface.

    Then go back to the Interfaces assign tab and assign WAN as the new PPPoE0 connection.

    If you need to access the cards telnet interface then assign re0 as a new interface, OPT1 say. That's not necessary for PPPoE to work though.

    Now go to Interfaces > WAN and set the IPv4 type to PPPoE. The details should all be there if you added them earlier but you can edit it there if required.

    Assuming the card is in bridge mode the connection should come up.

    Steve