Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    USB Ethernet support for AX88179 USB adapter

    Scheduled Pinned Locked Moved Hardware
    11 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      presence
      last edited by

      When I plug in the startac USB31000S adapter into the system, it is recognized and brings the interface up as "ue0".  I can even configure it for IPv4 and IPv6, but it won't send out DHCP leases, won't ping any other system on the same switch/vlan/subnet, and I don't see any IPv4 traffic at all when I sniff on it.  I see much SSDP traffic and ICMP6 and nothing else.  Its as if the interface is IPv6 enabled only, which is strange.  Is this normal for these adapters with 2.3.4-RELEASE?

      ugen4.2: <ax88179 asix="" elec.="" corp.="">at usbus4, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (248mA)

      bLength = 0x0012
        bDescriptorType = 0x0001
        bcdUSB = 0x0210
        bDeviceClass = 0x00ff  <vendor specific="">bDeviceSubClass = 0x00ff
        bDeviceProtocol = 0x0000
        bMaxPacketSize0 = 0x0040
        idVendor = 0x0b95
        idProduct = 0x1790
        bcdDevice = 0x0100
        iManufacturer = 0x0001  <asix elec.="" corp.="">iProduct = 0x0002  <ax88179>iSerialNumber = 0x0003  <0000249B043782>
        bNumConfigurations = 0x0001

      ue0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
              options=80008 <vlan_mtu,linkstate>ether 00:24:9b:04:37:82
              hwaddr 00:24:9b:04:37:82
              inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255
              inet6 fe80::1:1%ue0 prefixlen 64 scopeid 0x7
              nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (1000baseT <full-duplex>)
              status: active</full-duplex></performnud,auto_linklocal></vlan_mtu,linkstate></up,broadcast,running,simplex,multicast></ax88179></asix></vendor></ax88179>

      1 Reply Last reply Reply Quote 0
      • ?
        Guest
        last edited by

        Since it says:  media: Ethernet autoselect (1000baseT <full-duplex>)
        I'm guessing the driver and firmware are both fine. This probably means that it's a configuration issue and not a hardware issue. Maybe you didn't allow firewall access for those IPv4 things?</full-duplex>

        1 Reply Last reply Reply Quote 0
        • P
          presence
          last edited by

          I considered that even after verifying that its not being blocked.  Thing is, not even getting mac layer stuff to any of the other devices on that subnet that isn't multicast.

          1 Reply Last reply Reply Quote 0
          • ?
            Guest
            last edited by

            @presence:

            I considered that even after verifying that its not being blocked.  Thing is, not even getting mac layer stuff to any of the other devices on that subnet that isn't multicast.

            What does tcpdump -vvv -i ue0 show? (on the shell)

            1 Reply Last reply Reply Quote 0
            • P
              presence
              last edited by

              Pretty much just these items (ssdp and icmp6 discovery/advert stuff)
              tcpdump: listening on ue0, link-type EN10MB (Ethernet), capture size 65535 bytes
              11:24:39.055420 9b:bd:b0:03:08:00 (oui Unknown) > 5e:7f:ff:fa:00:08 (oui Unknown), ethertype Unknown (0x4500), length 134:
                      0x0000:  007a 0000 4000 0111 c5d6 c0a8 02fa efff  .z..@…........
                      0x0010:  fffa 91ce 076c 0066 ef70 4d2d 5345 4152  .....l.f.pM-SEAR
                      0x0020:  4348 202a 2048 5454 502f 312e 310d 0a48  CH..HTTP/1.1..H
                      0x0030:  6f73 743a 2032 3339 2e32 3535 2e32 3535  ost:.239.255.255
                      0x0040:  2e32 3530 3a31 3930 300d 0a4d 616e 3a20  .250:1900..Man:.
                      0x0050:  2273 7364 703a 6469 7363 6f76 6572 220d  "ssdp:discover".
                      0x0060:  0a53 543a 2073 7364 703a 616c 6c0d 0a4d  .ST:.ssdp:all..M
                      0x0070:  583a 2035 0d0a 0d0a                      X:.5....
              11:24:41.103883 9b:bd:b0:03:08:00 (oui Unknown) > ff:ff:ff:ff:00:08 (oui Unknown), ethertype Unknown (0x4500), length 61:
                      0x0000:  0031 0000 4000 4011 b372 c0a8 02fa c0a8  .1..@.@..r......
                      0x0010:  02ff d0b1 7e9c 001d b2dd 4d2d 5345 4152  ....~.....M-SEAR
                      0x0020:  4348 202a 2048 5454 502f 312e 310d 0a    CH.
              .HTTP/1.1..
              11:24:41.105133 9b:bd:b0:03:08:00 (oui Unknown) > ff:ff:ff:ff:00:08 (oui Unknown), ethertype Unknown (0x4500), length 61:
                      0x0000:  0031 0000 4000 4011 b372 c0a8 02fa c0a8  .1..@.@..r......
                      0x0010:  02ff b1f9 7e9e 001d d193 4d2d 5345 4152  ....~.....M-SEAR
                      0x0020:  4348 202a 2048 5454 502f 312e 310d 0a    CH.*.HTTP/1.1..
              11:24:43.745360 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 56) fe80::1:1 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 56
                      hop limit 64, Flags [other stateful], pref medium, router lifetime 30s, reachable time 0s, retrans time 0s
                        dnssl option (31), length 24 (3):  lifetime 10s, domain(s): xxxxxxxxxxxx.com.
                          0x0000:  0000 0000 000a 0965 6972 6567 7561 7264
                          0x0010:  0363 6f6d 0000
                        mtu option (5), length 8 (1):  1500
                          0x0000:  0000 0000 05dc
                        source link-address option (1), length 8 (1): 00:24:9b:04:37:82
                          0x0000:  0024 9b04 3782

              1 Reply Last reply Reply Quote 0
              • ?
                Guest
                last edited by

                Are any of the offloading options on? In any case: turn all offloading options off, like TCP Checksum etc

                1 Reply Last reply Reply Quote 0
                • P
                  presence
                  last edited by

                  Nothing is setup for offload, but I have ran out of time and patience on it.  The solution is temporary, as the system is way too large and power hungry to use for this purpose anyway.  I've ordered a low power fanless solution, and just wait for it to arrive.  In the meantime, no DMZ.  Annoying, but no disaster.

                  1 Reply Last reply Reply Quote 0
                  • ?
                    Guest
                    last edited by

                    Fair enough. USB Ethernet is a shitshow anyways. Does the fanless PC you ordered have Intel NICs and AES-NI? If so, you'll be set for the next 5 years.

                    1 Reply Last reply Reply Quote 0
                    • P
                      presence
                      last edited by

                      4x intel gigabit lan and AES-NI, yeah.  I only loaded this up because I was in the lurch when my old firewall device tossed a disk and controller at the same time.  Only think I had to remediate quickly so I didn't lose work time.

                      https://www.amazon.com/gp/product/B0742Q3NT6/ref=oh_aui_detailpage_o02_s00?ie=UTF8&psc=1

                      If this one lasts as long as the last one (over a decade), I'll be happy.

                      1 Reply Last reply Reply Quote 0
                      • ?
                        Guest
                        last edited by

                        @presence:

                        4x intel gigabit lan and AES-NI, yeah.  I only loaded this up because I was in the lurch when my old firewall device tossed a disk and controller at the same time.  Only think I had to remediate quickly so I didn't lose work time.

                        https://www.amazon.com/gp/product/B0742Q3NT6/ref=oh_aui_detailpage_o02_s00?ie=UTF8&psc=1

                        If this one lasts as long as the last one (over a decade), I'll be happy.

                        Not sure what you paid for it, hope it's not the $400+ price tag on amazon. The box on display is a rebranded Qotom box. You can get an i3 version for half the money and same guarantee and delivery speed at: https://aliexpress.com/store/product/Pfsense-as-router-firewall-4-LAN-Mini-pc-with-core-I3-4005U-Fanless-QOTOM-Q330G4/108231_32807735278.html?spm=a2g0z.12010608.0.0.59105060hnaJ0R

                        They have smaller and bigger versions too, so if you have the option to cancel at amazon and get the non 'rebranded' version for less that's maybe worth thinking about.

                        1 Reply Last reply Reply Quote 0
                        • P
                          presence
                          last edited by

                          I can't wait a week for this to get worked out.  The i3 is probably a 2x performer, and would have saved me probably $75 after shipping, but 7 days is too long.  If it sucks, Ill ship it back after getting a replacement from ali.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.