How to configure RNDIS on E3372



  • Hi, I found an interesting post:
    https://forum.pfsense.org/index.php?topic=85440.0
    https://forum.pfsense.org/index.php?topic=123052.0

    I would like to configure the modem in RNDIS (LTE) mode and I have questions:
    1. Should I leave the PPP connection configured?
    2. Is the following script enough (where should it be run ?, when to run?):

    ALLDEST="8.8.8.8"
    # Interface to reset, usually your WAN
    BOUNCE=ue0
    # Log file
    LOGFILE=/root/ping.log
    #=====================================================================
    
    COUNT=1
    while [ $COUNT -le 2 ]
    do
    
       for DEST in $ALLDEST
       do
          #echo `date +%Y%m%d.%H%M%S` "Pinging $DEST" >> $LOGFILE
          ping -c1 $DEST >/dev/null 2>/dev/null
          if [ $? -eq 0 ]
          then
             #echo `date +%Y%m%d.%H%M%S` "Ping $DEST OK." >> $LOGFILE
             exit 0
          fi
       done
    
       if [ $COUNT -le 1 ]
       then
          echo `date +%Y%m%d.%H%M%S` "All pings failed. Resetting interface $BOUNCE." >> $LOGFILE
        echo -e 'AT^NDISDUP=1,0\r' > /dev/cuaU1
        sleep 5
        echo -e 'AT^RESET\r' > /dev/cuaU1
        sleep 15
          /sbin/ifconfig $BOUNCE down
          # Give interface time to reset before bringing back up
        echo -e 'AT^NDISDUP=1,1,"internet.tele2.ru"\r' > /dev/cuaU1
          sleep 5
          /sbin/ifconfig $BOUNCE up
          # Give WAN time to establish connection
          sleep 60
       else
          echo `date +%Y%m%d.%H%M%S` "All pings failed twice. Rebooting..." >> $LOGFILE
          /sbin/shutdown -r now >> $LOGFILE
          exit 1
       fi
    
       COUNT=`expr $COUNT + 1`
    done
    

    Best Regards,
    Robert



  • This script is for NDIS mode (NCM, network card), not for RNDIS.
    In order to use this script you will need 21.X (non-HiLink) firmware used in your modem.



  • This post is deleted!


  • Works, one of the following commands helped (switch modem RAS to NDIS ?):
    echo -e 'AT^NDISDUP=1,1,"internet"\r' > /dev/cuaU0.0
    echo -e 'AT^NDISDUP=1,1,"internet"\r' > /dev/cuaU0.1
    echo 'AT^NDISDUP=1,1,"internet"' > /dev/cuaU0.0
    echo 'AT^NDISDUP=1,1,"internet"' > /dev/cuaU0.1

    Speed increased, ue0 appeared (what is it?, fake network card?)


  • Netgate Administrator

    It's a USB connected Ethernet device. So kinda like a fake card. The modem presents as that when it's in the right mode,

    Steve



  • @stephenw10

    Thanks for your support :)

    Is it worth staying with ppp?
    Is the use of ue0 optimally? If ue0 is how to run the modem?

    Best Regards,
    Robert


  • Netgate Administrator

    The ppp link is limited by the fact it is ppp. I believe it maybe limited to 42Mbps.
    The ue0 interface is not limited by that but support for it is not well integrated with pfSense. You can assign the interface and use the connection but should you ever remove the modem or it powers off for some reason pfSense will not fully boot (if it's rebooted) until that interface is reassigned.

    If you can live with the PPP speed I would use that. That's what I do personally as a backup connection.

    Steve



  • @stephenw10

    I did PPP tests, the best result I got was 62 Mbps (download): http://www.speedtest.net/pl/result/7754164121

    This is my primary connection (WAN). Is there any idea to support the ue0 (in the near future) ?

    Robert


  • Netgate Administrator

    I'm not aware of anything.

    62Mbps is pretty good though. Kills my 42Mbps theory!

    If you need to use LTE by far the best solution is an Ethernet terminating external modem like:
    https://www.netgear.com/home/products/mobile-broadband/lte-modems/LB1120.aspx

    Steve



  • This speed is different, once it is 62 Mbps, the second time is 51 Mbps... 30 Mbps, 20 Mbps, 10 Mbps, dependably on the BTS load, weather ?

    I like my home system configurations: pfsense on VMware ESXi 6.7 (installed on HP MicroServer Gen8 + pass through USB 3.0 chip for the best performance with E3372 modem + external dual LTE MIMO antenna and OS in storage SSD).

    I will wait until the ue0 problem is solved, always ready for testing (VM backup).

    Best Reagards,
    Robert



  • @robertw said in How to configure RNDIS on E3372:

    @stephenw10

    I did PPP tests, the best result I got was 62 Mbps (download): http://www.speedtest.net/pl/result/7754164121

    This is my primary connection (WAN). Is there any idea to support the ue0 (in the near future) ?

    Robert

    It can work. Here is a little guide I've just written as I needed to automate it for pfsense. This can hopefully give others a little bit of background on the Hilink vs stick huaweis:

    There has been a lot of conflicting documentation around older versions of pfSense/FreeBSD and people trying to get usb 4g dongles working in NDIS mode.
    The advantages of running in NDIS mode is twofold. Firstly you'll be able to avoid being double NAT'ed as the Hilink dongle does.
    Secondly, you'll be able to avoid being forced to use the PPP mode and hence lower connection speed that the Stick dongle generally uses.

    For this example, I am using the Huawei e3372 4G dongle working directly in stick mode.
    e3372h is sold as a hilink dongle, e3372s is sold as a stick dongle. It is the stick mode that we want for this purpose.
    If you have a hilink dongle, you'll need to flash it to the firmware 21.x.x (22.x.x is Hilink).
    All e3372s can be flashed, however it is critical that you flash the correct firmware for your particular version.
    If you get it wrong, you can still recover your device by using a pin/shorting tool to boot the dongle into recovery mode.
    I will not go into the details here as there are many other resources for you to use. Suffice to say it is complicated.
    If you can buy the dongle in stick mode you can save yourself a lot of work.
    Once your modem is in stick mode and you plug it in to pfSense, you'll see the following in the dmesg once it has initialized;

    uhub0: <0x8086 XHCI root HUB, class 9/0, rev 3.00/1.00, addr 1> on usbus0
    uhub0: 7 ports with 7 removable, self powered
    ugen0.2: <HUAWEIMOBILE HUAWEIMOBILE> at usbus0
    ugen0.2: <HUAWEIMOBILE HUAWEIMOBILE> at usbus0 (disconnected)
    ugen0.2: <HUAWEIMOBILE HUAWEIMOBILE> at usbus0
    u3g0 on uhub0
    u3g0: <HUAWEIMOBILE HUAWEIMOBILE, class 0/0, rev 2.10/1.02, addr 2> on usbus0
    u3g0: Found 2 ports.
    cdce0 on uhub0
    cdce0: <NCM Network Control Model> on usbus0
    cdce0: faking MAC address
    ue0: <USB Ethernet> on cdce0
    ue0: Ethernet address: 00:00:00:00:00:00
    umass0 on uhub0
    umass0: <Mass Storage> on usbus0
    umass1 on uhub0
    umass1: <Mass Storage> on usbus0
    cd0 at umass-sim0 bus 0 scbus1 target 0 lun 0
    cd0: <HUAWEI Mass Storage 2.31> Removable CD-ROM SCSI-2 device
    cd0: 40.000MB/s transfers
    cd0: Attempt to query device size failed: NOT READY, Medium not present
    cd0: quirks=0x10<10_BYTE_ONLY>
    da0 at umass-sim1 bus 1 scbus2 target 0 lun 0
    da0: <HUAWEI TF CARD Storage 2.31> Removable Direct Access SCSI-2 device
    da0: 40.000MB/s transfers
    da0: Attempt to query device size failed: NOT READY, Medium not present
    da0: quirks=0x2<NO_6_BYTE>

    The critical thing here is the ue0 interface. This is the NDIS interface.
    If you have another brand of wireless broadband modem, as long as it presents a usb ethernet (ueX) interface then you will be able to follow the rest of this guide

    The stick should also create a couple of serial interfaces. One is for serial AT commands. It is this one we need to use.
    To get this, you must find out what usb port your device is on. You can check this by typing 'ls -l /dev/cuaU*'

    crw-rw---- 1 uucp dialer 0x5f Dec 2 22:40 /dev/cuaU0.0
    crw-rw---- 1 uucp dialer 0x60 Dec 2 20:36 /dev/cuaU0.0.init
    crw-rw---- 1 uucp dialer 0x61 Dec 2 20:36 /dev/cuaU0.0.lock
    crw-rw---- 1 uucp dialer 0x65 Dec 2 20:36 /dev/cuaU0.1
    crw-rw---- 1 uucp dialer 0x66 Dec 2 20:36 /dev/cuaU0.1.init
    crw-rw---- 1 uucp dialer 0x67 Dec 2 20:36 /dev/cuaU0.1.lock

    Here I have 2 devices /dev/cuaU0.0 and /dev/cuaU0.1
    In my case the serial port to communicate with the modem is /dev/cuaU0.0
    If you type cu /dev/cuaU0.0 you should get into a serial console. The modem will dump its signal to noise reports constantly while you are connected.
    If you type ATZ to reset the modem and get an OK, then you know you have the right port.

    You'll need to create a script and set it executable in order to tell the stick to bring the NDIS interface up and tell the modem what its APN is.
    This will then allow the modem to form a bridge between the ue0 interface and the ISP's wireless network.
    For the sake of cutting down on log messages relating to medium not present, I also disable the cd0 and da0 mass storage.
    I keep my script in /usr/local/bin/e3372.sh :

    #/bin/sh
    echo Initializing e3372 dongle
    camcontrol eject cd0
    camcontrol eject da0
    echo 'AT^NDISDUP=1,1,YOURAPN' /dev/cuaU0.0

    You must replace 'YOURAPN' with whatever your ISP required.
    You must replace /dev/cuaU0.0 with whatever the serial interface the USB modem uses.

    Once the ue0 is present and the script has ran and told the modem what APN to use, pfSense will be able to run DHCPD on the ue0 interface.
    It is after this script is ran that the green led on the stick should stop blinking and remain constantly green.
    Once you see a constant green led then you know the APN has been accepted by the ISP.
    After this, you will need to disable and then re-enable ue0 to allow DHCPd to attempt getting an address from your carrier.

    AUTOMATION
    To automate this stage for the sake of booting, use the shellcmd pkg and create a link to /usr/local/bin/e3372.sh as an earlyshellcmd
    This will allow the modem to come up before pfSense tries to get DHCP

    Hope this helps someone else out there. It took me a while to get it working and after I did, I wasn't sure what of the dozens of commands I'd tried actually worked.
    I've tested this from a full power off too so it works just fine on booting from scratch.

    Cheers
    -D


  • Netgate Administrator

    @dohmar said in How to configure RNDIS on E3372:

    Suffice to say it is complicated.

    Nice. 😀

    There is still the very real potential issue here that if the modem is unplugged or fails then pfSense will not boot correctly if rebooted as one of it's assigned interfaces will have disappeared. It is possible to omit ue from the list of checked interfaces but that still leaves the firewall with an undefined interface.

    Steve



  • @stephenw10 said in How to configure RNDIS on E3372:

    @dohmar said in How to configure RNDIS on E3372:

    Suffice to say it is complicated.

    Nice. 😀

    There is still the very real potential issue here that if the modem is unplugged or fails then pfSense will not boot correctly if rebooted as one of it's assigned interfaces will have disappeared. It is possible to omit ue from the list of checked interfaces but that still leaves the firewall with an undefined interface.

    Steve

    This is correct, I found the same issue mentioned with my Minisys PC when I was troubleshooting a boot issue. Do you know if there is a workaround for this aside from preventing the check? How do I disable the check for the interface?

    The boot issue I faced was the bootloader crashing when trying to boot. The BIOS was seeing the TF/SD reader and attempting to hand off XHCI to the OS. To prevent the bootloader from crashing when trying to boot while the dongle is plugged in, you must go into the bios and disable both the XHCI option as well as the USB mass storage. This should prevent the BIOS boot options from being able to see the tf reader/sd reader.

    I've got no idea how to fix the re-config getting triggered when a defined interface isn't detected on boot. If anyone has any suggestions I'll add it to my guide.

    Edit - Is it possible to create a virtual ethernet port that gets checked at boot, that is then linked to ue0? something like a symbolic link that isnt going to make pfSense crap itself on boot if there is an issue with ue0 ?

    -D


  • Netgate Administrator

    Add it here:
    https://github.com/pfsense/pfsense/blob/1b988ed0e7168ada9e6260274f63fd84b15873a1/src/etc/inc/util.inc#L2201

    But as I say whilst that will allow it to boot it then ends up with an interface defined that doesn't exist.

    Steve



  • @stephenw10 said in How to configure RNDIS on E3372:

    Add it here:
    https://github.com/pfsense/pfsense/blob/1b988ed0e7168ada9e6260274f63fd84b15873a1/src/etc/inc/util.inc#L2201

    But as I say whilst that will allow it to boot it then ends up with an interface defined that doesn't exist.

    Steve

    Ahh. That kind of defeats the purpose all together. I'll skip that I think
    Cheers
    -D


  • Netgate Administrator

    It only affects anything if the interface is removed and then pfSense reboots. In which case adding ue to that list allows it to boot fully so you have access to the gui etc. Otherwise you would need to use the console to re-assign the interfaces without the ue device.
    Other users have done after finding exactly that happened when they lost power or the modem was removed as a troubleshooting step for example. It should never happen normally.

    Steve



  • @stephenw10

    OK good idea, thanks for the tip. Have modified my config to suit
    Cheers
    -D