Nokia IP330 with ZNYX Networks ZX412 NIC addon - RESOLVED!

madjeff

Hey all, I've been searching the forums and web for a straight answer for this and most of the threads are old, so I thought I would post the question.

I have a Nokia IP330 with ZNYX Networks ZX412-B2 NIC Card running pfSense 1.2.1 latest (09/29/08 snapshot). Has anyone ever worked out the flakey MAC issue with the addon card? My first three interfaces work great, but I cannot get either port of the addon card to show a link when connected. I get no link lights on the addon card no matter what I do. When I do an ifconfig in the shell it shows what looks like valid mac addresses on all the interfaces and the OS seems to recognize the addin card ok, and the first three built-in interfaces work great.

I've seen several discussions about spoofing the MAC addresses on the firewall config, but I've yet to find a good explanation on exactly how to do it, or if it actually worked in regards to pfSense.

Here's what I get with an ifconfig (Only the LAN interface is currently plugged in):

# ifconfig
fxp0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=8 <vlan_mtu>ether 02:ea:75:37:39:d9
        inet XXX.XXX.XXX.XXX netmask 0xfffffff8 broadcast XXX.XXX.XXX.XXX
        inet6 fe80::ea:75ff:fe37:39d9%fxp0 prefixlen 64 scopeid 0x1
        media: Ethernet autoselect (none)
        status: no carrier
fxp1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=8 <vlan_mtu>ether 02:7d:e6:ce:84:e0
        inet XXX.XXX.XXX.XXX netmask 0xffffff00 broadcast XXX.XXX.XXX.XXX
        inet6 fe80::7d:e6ff:fece:84e0%fxp1 prefixlen 64 scopeid 0x2
        media: Ethernet autoselect (none)
        status: no carrier
fxp2: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=8 <vlan_mtu>ether 02:40:80:62:83:e6
        inet XXX.XXX.XXX.XXX netmask 0xffffc000 broadcast XXX.XXX.XXX.XXX
        inet6 fe80::40:80ff:fe62:83e6%fxp2 prefixlen 64 scopeid 0x3
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
dc0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=8 <vlan_mtu>ether 00:c0:95:e6:24:3c
        inet XXX.XXX.XXX.XXX netmask 0xfffffff8 broadcast XXX.XXX.XXX.XXX
        inet6 fe80::2c0:95ff:fee6:243c%dc0 prefixlen 64 scopeid 0x4
        media: Ethernet autoselect (none)
        status: no carrier
dc1: flags=8802 <broadcast,simplex,multicast>metric 0 mtu 1500
        options=8 <vlan_mtu>ether 00:c0:95:e6:24:3d
        media: Ethernet autoselect
        status: no carrier
plip0: flags=108810 <pointopoint,simplex,multicast,needsgiant>metric 0 mtu 1500
enc0: flags=0<> metric 0 mtu 1536
pfsync0: flags=41 <up,running>metric 0 mtu 1460
        pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128
pflog0: flags=100 <promisc>metric 0 mtu 33204
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0xa</up,loopback,running,multicast></promisc></up,running></pointopoint,simplex,multicast,needsgiant></vlan_mtu></broadcast,simplex,multicast></vlan_mtu></up,broadcast,running,simplex,multicast></full-duplex></vlan_mtu></up,broadcast,running,simplex,multicast></vlan_mtu></up,broadcast,running,simplex,multicast></vlan_mtu></up,broadcast,running,simplex,multicast> 

Any help would be greatly appreciated. if anyone has got this working can you share your secrets? =)

dotdash

You don't need to spoof the MAC, it appears to be showing the hardware addresses correctly. IIRC, pfSense will auto-spoof anyway, but you are showing ZYNX registered macs. I would try hard setting the media and mediaopts to the correct connection speed. I would test from the shell, then edit the xml once I found out what worked. There are several threads about how to set the speed/duplex if you search a bit.

madjeff

@dotdash:

You don't need to spoof the MAC, it appears to be showing the hardware addresses correctly. IIRC, pfSense will auto-spoof anyway, but you are showing ZYNX registered macs. I would try hard setting the media and mediaopts to the correct connection speed. I would test from the shell, then edit the xml once I found out what worked. There are several threads about how to set the speed/duplex if you search a bit.

Bingo! I just did a test from the shell:

ifconfig dc0 media 10baseT/UTP mediaopt full-duplex

And the link came up! I'll test what settings the interface can handle and get it setup. Thanks for the guidance.  :D

dotdash

Yeah, dc cards are old and many implementations were buggy. The BUGS section on the manpage is substantial. They are not an optimal nic to use, but it should be able to handle WAN speed connections.

madjeff

Everything is working great on this now, I got both interfaces up and running.

For those like me looking for a solution, just connect to the device with SSH and add the following to your conf/config.xml file with vi. Just scroll down to the dc0 and dc1 entries and add the following:

<media>100baseTX</media>
                        <mediaopt>full-duplex</mediaopt>

Save and reboot, and it should now work.

Mods, this should probably get moved or cross-posted to the hardware forum, my bad for posting here. :)

madjeff

@dotdash:

Yeah, dc cards are old and many implementations were buggy. The BUGS section on the manpage is substantial. They are not an optimal nic to use, but it should be able to handle WAN speed connections.

Yeah, I'm just using the interface for a T1 point to point to our colo site backend. I'll be doing some testing today to see how it handles things.

madjeff

Another question for the gurus out there. I had saved the config.xml file with the changes and it was working great. Yesterday I shut down the box and moved it to it's new home in the rack, hooked up the network and booted up. Once it came back up, the DC0 interface no longer was working. When I examined the config.xml, the changes I had made were no longer there.

Does the config.xml get overwritten on each boot? What am I missing? I made the changes and everything is working again, but I don't want to have to redo this every boot.

dotdash

The supported procedure for adding additional items to the config (such as setting speed duplex), is to backup the config, edit it with an xml editor, then restore the config.

madjeff

@dotdash:

The supported procedure for adding additional items to the config (such as setting speed duplex), is to backup the config, edit it with an xml editor, then restore the config.

So I take it that does some extra steps that directly editing the xml file does not.

I'll try it and see what happens, thanks for the tip! =)

madjeff

Well that was ugly. I backed up the interfaces via the backup/restore, made the media and mediaopt changes to the one interface, then uploaded file via restore config. I used win32pad (excellent win txt editor) to edit the config.xml. the only changes I made to the xml was the media and mediaopt entries:

	 <opt2><if>dc0</if>
		<descr>COLO</descr>
		 <bridge><enable><ipaddr>XXX.XXX.XXX.XXX</ipaddr>
		 <spoofmac><mtu><media>100baseTX</media>
		<mediaopt>full-duplex</mediaopt>	
		<subnet>29</subnet>
		<gateway>XXX.XXX.XXX.XXX</gateway></mtu></spoofmac></enable></bridge></opt2>

After the restore I lost all connectivity to the box. I finally took a laptop in and connected via console and there were a ton of errors about the interfaces. I ended up having to do a reset to defaults as I could not get the interfaces reconfigured via console.

I'm going to try it again and see what happens, but has anyone else seen this kind of behavior? I KNOW the config.xml entries were fine, I triple-checked them. But for whatever reason the restore hosed the entire interface config.

dotdash

@madjeff:

	 <opt2><if>dc0</if>
		<descr>COLO</descr>
		 <bridge><enable><ipaddr>XXX.XXX.XXX.XXX</ipaddr>
		 <spoofmac><mtu><media>100baseTX</media>
		<mediaopt>full-duplex</mediaopt>
		<subnet>29</subnet>
		<gateway>XXX.XXX.XXX.XXX</gateway></mtu></spoofmac></enable></bridge></opt2>

That should be:
<media>100baseTX</media>
<mediaopt>full-duplex</mediaopt>

madjeff

@dotdash:

That should be:
<media>100baseTX</media>
<mediaopt>full-duplex</mediaopt>

Holy crap…  ::) I am an idiot. You know how sometimes you stare at something for so long you see what you want to see and not what's really there?  ::)

To make matters worse, I had finger surgery last week and am wearing this big bandage on my right index fingertip. And of course I'm right handed, so it's creating fatfinger havoc to everything I type.

Thanks for the 2nd pair of eyes.  ;D

GruensFroeschli

Hehe. The same happend to me a few weeks ago.

Lesson learned: always leave SSH open so you can log in and revert to the config.xml.backup just in case you wrote something wrong….

madjeff

@GruensFroeschli:

Hehe. The same happend to me a few weeks ago.

Lesson learned: always leave SSH open so you can log in and revert to the config.xml.backup just in case you wrote something wrong….

Happens to the best of us I guess…  ;)

All is working well now and I'm a happy camper so far. I'm using 4 of the 5 interfaces on this IP330 on a 22/2 connection and while the CPU utilization is averaging 80%, I'm not noticing any performance problems. Maybe a slightly slower web interface while looking at the graphs, but not unbearably so. It should do the job for our needs.