New SG-1000 - can't set port speed



  • Hello,

    I have some space in a data center and wanted to park a NAS there as a backup destination using its onboard firewall and VPN server. That all went fine but the datacenter is selling me 10Mbps in the form of a 10baset full-duplex link right off their port.  My NAS auto-negotiates to 10baset half-duplex with no way to force full duplex.  When they set the port to 100basetx full-duplex everything works fine, but it uses more bandwidth than the 10Mbps we're allotted which = overages. No thanks.

    So, in steps the SG-1000 as a great form factor way to have more finite control.  I couldn't find anything in documentation that said I could force port speed and duplex on it so I ordered one.
    Took it down there last night with our link from the DC set to 10baset half-duplex and the SG-1000 wouldn't pass any traffic. Manually set it to 10baset half-duplex and still nothing.
    Had them change their port to full-duplex and I reciprocated. Still nothing.  Many reboots, many changes of port speed and duplex on both ends, but nothing. Couldn't even ping the gateway.  Had them change their port to 100basetx full-duplex and the SG-1000 trained up at 100basetx half-duplex. Manually forced full-duplex and everything work fine.
    Tried a couple more things with the NOC at the data center and still nothing. The SG-1000 would only link up when the DC's port was set to 100Mb. 
    I rolled with it and used Traffic Shaper to limit the amount of inbound and outbound traffic on the LAN.  First backup after this change went off last night and completed in a better amount of time than when the NAS was directly connected on 10baset half-duplex.

    My question:  Is this a hardware limitation on the SG-1000 series, or a build error that we could see an update to in 2.4-release?

    Thanks


  • Banned

    Congrats on bad datacenter choice.



  • My understanding is that the SG-1000, from a hardware perspective is gigabit.
    Mine autonegs 100Mbit on the WAN (boo, hiss) and 1000Mbit on the LAN port.

    You probably can force it, but it's not somewhere you really want to go.
    Autoneg is what you want where-ever possible.

    You could probably google for freebsd and ethernet speed to get some results.
    But again I would advise against it, you would have to make it persistent in pfSense somehow.
    Then if you upgraded it would probably bust - unless there is some package to allow you to run scripts…
    shudder....



  • The cpsw hardware is a bit odd, it has some internal switching hardware. Mine auto-negotiates perfectly to 100 f/d or GB, but when I tried hard setting to 10baseT full-duplex (other side was a GB switch set to auto) and I couldn't pass any traffic. I had to reboot after messing with the speed/duplex settings to get it talking again. (At GB)



  • If the switch is set to auto-neg the only way to get it to work at 10 Full is to nail both switch and client.
    You, could in theory remove the other media options from the PFSense nic, or the switch so it only advertises 10 Full on the auto-neg.
    If those facilities are available either on the switch or on PFSense.
    My experience is if you attempt to talk a auto-neg switch at 10, you will get 10/half duplex - which means it will work like a dog.
    Using anything other than auto-neg is just not worth the effort.
    If you need to limit the traffic, look at traffic shaping etc.


  • Banned

    It's not that he needs to limit the traffic, it's that the serverhosting is using lame hacks to limit speeds for people. Requiring today's HW to autonegiotate 10BASE-T is completely retarded idea. Find a different datacenter, end of story.



  • It's been a while so I thought I would update as I 'dealt' with this the night after posting.
    The Datacenter (DC) manually configures their switch ports to 10baset full-duplex. Most of their customers that only need that amount of bandwidth put a managed switch in their rack, configure for the same, and off they go.
    My NAS couldn't deal with this, and apparently neither could the SG-1000. 
    The other option from the DC is get a 10Mb link that's "burstable" to 100Mb.  Basically the switch port is set to 100Mb and anything you use over 10Mbps is billable and measured at the 95th percentile.
    Set up that way the SG-1000 get's a full-duplex 100Mb link no problem.  So then I just set up traffic shaper with limiters on both the SG-1000 and the pfSense box on the source end to limit the traffic so that cumulatively the DC connection will never use more than 10Mbps.  We're a month in and there are no overages and the backups are working perfectly.


Log in to reply