Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    2.4.4 fails upgrade and fresh installation

    Installation and Upgrades
    6
    42
    1611
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jbhowlesr last edited by jbhowlesr

      When I try install 2.4.4, the installer fails with a repeated register dump

      0_1537845085789_pfsense 2.4.4 crash dump.jpg

      I tried the upgrade from 2.4.3_1 to 2.4.4 first but received the above and it just keep spitting this out repeatedly. So moved to fresh install and received the same.

      I tried setting the bios for UEFI only with no luck. I tried disabling CSM altogether and still getting the same

      My box is a Kaby Lake Celeron based with 6 Intel 1gb NIC ports and I’m using an msata SSD.

      I tried reverting to 2.4.3_1 which installs fine but snort and pfblocker have been updated and they cause 2.4.3_1 to crash.

      Help please

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        That looks like a problem with your disk controller, or its driver. But it's referring to sdhci which is generally for mmc/eMMC not for mSATA disks.

        We had some issues similar to that with eMMC on certain devices with 2.4.4, the driver in FreeBSD 11.2 was trying to use a different mode than before, and the driver didn't get along too well with that.

        You might search around and see if anyone else on FreeBSD has a matching chipset issue to yours. There may be a workaround specific to your hardware.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        J 2 Replies Last reply Reply Quote 0
        • J
          jbhowlesr @jimp last edited by

          @jimp the board is a system on chip Celeron 3865U which is 7th generation and supports AES-NI. The board doesn’t have a chipset to my knowledge since it’s an SoC. The board itself is a Pico ITX I believe or the size just above.

          I did reach out to the board maker to ask for a bios update. That’s the only thing that strikes me as a possibility.

          1 Reply Last reply Reply Quote 0
          • J
            jbhowlesr @jimp last edited by

            @jimp tried switching to a standard sata based hard drive while disabling PCIe altogether with zero luck. Not sure what else to do at this point. Bout ready to give up and go to a different software set to use like Untangle or Sophos. This 2.4.4 update has rendered my unit unusable with pfsense because even if I revert to the previous version of this software, the utilities I prefer to run have been updated and will not run on the previous version of pfsense. So, I feel like this stuff should have been properly vetted before launching such drastic system update. There is literally no reason my hardware shouldn't be support in 2.4.4. Especially since it is secure boot capable and compliant with Windows 10 ver 1709 and MS Intune. The issue to me seems like a driver issue with something included in 2.4.4. UEFI is fully enabled in this systems bios by default so I am of mind that there is no issue with my hardware.

            Still waiting for some resolution here but it is starting to feel like none is coming.

            1 Reply Last reply Reply Quote 0
            • jimp
              jimp Rebel Alliance Developer Netgate last edited by

              We cannot possibly test every combination of hardware we do not sell. 2.4.4 was in beta for a very long time. At any point you could have tested it out on that hardware.

              Additionally, the problem appears to be a FreeBSD compatibility issue -- something which we do not have any control over.

              Try to replicate the problem on FreeBSD 11.2 and open an issue upstream with FreeBSD if/when the problem still happens there.

              The error you show appears to be from mmc/eMMC like I said and not a SATA/mSATA/m.2 disk, so it's also possible that is something you need to disable on the board or in the BIOS, or find a FreeBSD device hint that matches your hardware to put in at the loader prompt to disable the controller (like hint.sdhci.0.disable=1) or maybe some other related tunable like hw.sdhci.enable_msi=0 or some combination of hw.sdhci.quirk_set and/or quirk_clear, see https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228340 )

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              J 1 Reply Last reply Reply Quote 0
              • J
                jbhowlesr @jimp last edited by

                @jimp The problem, I never get far enough to do any of this. The images above is what happens when I try to fresh install. The system simply never starts the installation and therefor no console options appear. Even if I upgrade and reboot, what is shown in the photo occurs in the boot and pfsense never starts up. Essentially, the system is prevented from even loading or installing.

                1 Reply Last reply Reply Quote 0
                • jimp
                  jimp Rebel Alliance Developer Netgate last edited by

                  You can add those to /boot/loader.conf.local before upgrading, or either way you can do that at a loader prompt. At the boot menu, choose the loader prompt option. If no boot menu shows up, press space when you see the loader spinner (|) moving.

                  Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                  Need help fast? Netgate Global Support!

                  Do not Chat/PM for help!

                  1 Reply Last reply Reply Quote 0
                  • J
                    jbhowlesr last edited by

                    @jimp Sorry for the extreme delay in getting back to you. Let make sure I got this correct. Go to fresh install and when I see the spinning (|), press space to bring up a prompt and type /boot/loader.conf.local? I'm not familiar with the command line side of pfsense but if you can explain this a little further that would be great. I've been using untangle for the last month because I am unable to load 2.4.4 and I'm itching to get back to pfsense. Is there some other screen shots I can post to help the troubleshooting process out?

                    1 Reply Last reply Reply Quote 0
                    • stephenw10
                      stephenw10 Netgate Administrator last edited by

                      If you are coming from 2.4.3 you can just add those values to the file /boot/loader.conf.local before you upgrade. You may need to create that file.

                      If you are installing 2.4.4 fresh, or have already upgraded and it won't boot, you need to set those values at the loader prompt in order to allow it to boot and then add them to the file.
                      That process is detailed here for disabling ACPI but obviously you would want to disable sdhci instead:
                      https://www.netgate.com/docs/pfsense/hardware/boot-troubleshooting.html#disabling-acpi

                      Let us know if that helps. That has worked for others in your situation though.

                      Steve

                      1 Reply Last reply Reply Quote 0
                      • stephenw10
                        stephenw10 Netgate Administrator last edited by

                        Looking at the actual error you're seeing you might also try:
                        hint.sdhci_pci.1.disabled=1

                        Steve

                        J 2 Replies Last reply Reply Quote 0
                        • J
                          jbhowlesr @stephenw10 last edited by

                          @stephenw10 How do I do this on a blank installation? As in there is nothing installed on the box currently and no previous version to edit commands on.

                          1 Reply Last reply Reply Quote 0
                          • J
                            jbhowlesr @stephenw10 last edited by jbhowlesr

                            @stephenw10 Sorry bro but after 4 months, I am still no further with fixing this situation and this forum either doesn't understand the problem or doesn't know how to fix it. I have clearly stated that the system is blank and pfsense will not install. SO there is no means to update or edit commands. Plus, the few links that have been posted so far seem all want me to update and fiddle with commands in a running system which this is not.

                            So here I am, 6 months since pfsense update to this new code and I am no closer to fixing it. I understand none of the people in this forum want to do anymore then issue hints instead of fixes. Fact is though that unless I get this going, I will stop recommending pfsense to my clients and choose other venders.

                            Grimson 1 Reply Last reply Reply Quote 0
                            • Grimson
                              Grimson Banned @jbhowlesr last edited by

                              @jbhowlesr said in 2.4.4 fails upgrade and fresh installation:

                              Fact is though that unless I get this going, I will stop recommending pfsense to my clients and choose other venders.
                              so please help me or loose my client base. Oh, and to be clear, all the help hints issued so far, I don't understand them whatsoever so they are not helpful whatsoever.

                              Given that you obviously aren't using Netgate/pfSense hardware the loss won't be that big.

                              You have already been given information on how to proceed:

                              @jimp said in 2.4.4 fails upgrade and fresh installation:

                              You can add those to /boot/loader.conf.local before upgrading, or either way you can do that at a loader prompt. At the boot menu, choose the loader prompt option. If no boot menu shows up, press space when you see the loader spinner (|) moving.

                              @stephenw10 said in 2.4.4 fails upgrade and fresh installation:

                              If you are coming from 2.4.3 you can just add those values to the file /boot/loader.conf.local before you upgrade. You may need to create that file.

                              If you are installing 2.4.4 fresh, or have already upgraded and it won't boot, you need to set those values at the loader prompt in order to allow it to boot and then add them to the file.
                              That process is detailed here for disabling ACPI but obviously you would want to disable sdhci instead:
                              https://www.netgate.com/docs/pfsense/hardware/boot-troubleshooting.html#disabling-acpi

                              Let us know if that helps. That has worked for others in your situation though.

                              Steve

                              If none of this works then you should choose better hardware.

                              J 2 Replies Last reply Reply Quote 0
                              • J
                                jbhowlesr @Grimson last edited by jbhowlesr

                                This post is deleted!
                                1 Reply Last reply Reply Quote 0
                                • J
                                  jbhowlesr @Grimson last edited by jbhowlesr

                                  @grimson

                                  Look, let’s start over here.

                                  The system is completely blank having a new SSD installed.

                                  Let’s take a step back. I create the install media and boot the system off of it. It boots the media and before giving any prompts or (I) spinning pipes, I get the error in the photo in the beginning of this thread.

                                  I have poured through the system bios which is quite extensive but find no reference or option for sdhci.

                                  I have checked the vender site for a bios update but none exist. It’s a Intel 7th generation muliticore SoC based system with 16gb of ram and a 120gb SSD. All running on a 35watt tdp package.

                                  So being that there is no installed system in the drive, how do I access or edit a loader.conf file? This has been my dilemma. If someone could answer that I’d be very thankful.

                                  For my clients. They are building a large data center and I am in the progress of building them them security appliances with them planning on purchasing a large support contract with netgate.

                                  Grimson 1 Reply Last reply Reply Quote 0
                                  • Grimson
                                    Grimson Banned @jbhowlesr last edited by

                                    @jbhowlesr said in 2.4.4 fails upgrade and fresh installation:

                                    Let’s take a step back. I create the install media and boot the system off of it. T boots the media and before giving any prompts or (I) spinning pipes, I get the error in the photo in the beginning of this thread.

                                    Well if the basic loader already fails you need to choose different/better hardware, especially if this will be a core part of a large production setup. It's as simple as that.

                                    If your clients are willing to pay a large support contract a few bucks for a fitting pfSense appliance shouldn't be a problem.

                                    J 1 Reply Last reply Reply Quote 0
                                    • J
                                      jbhowlesr @Grimson last edited by jbhowlesr

                                      @grimson they don’t want to waste funds buying non reparable hardware and rely on warranty services to replace whole systems. It’s a waste of time and only contributes to the already massive e-waste issue.

                                      Using built systems that can be repurposed or repaired with off the shelf parts and put back into service quickly is what they want.

                                      Pfsense made appliances only serve one purpose. An assembled system such as I’m building can be repurposed to another platform or use at a moments notice.

                                      So let’s leave “better hardware” comments out shall we.

                                      Grimson 1 Reply Last reply Reply Quote 0
                                      • Rico
                                        Rico LAYER 8 Rebel Alliance last edited by

                                        You don't even see this screen when booting the Installer?
                                        0_1552761907747_pfSense_boot.png

                                        -Rico

                                        2x Netgate XG-7100 | 11x Netgate SG-5100 | 6x Netgate SG-3100 | 2x Netgate SG-1100

                                        1 Reply Last reply Reply Quote 0
                                        • Grimson
                                          Grimson Banned @jbhowlesr last edited by

                                          @jbhowlesr said in 2.4.4 fails upgrade and fresh installation:

                                          So let’s leave “better hardware” comments out shall we.

                                          Your current hardware has issues booting with FreeBSD 11.2, so your choices for running pfSense on it are:

                                          • Try workarounds like the ones mentioned here.
                                          • Use different hardware
                                          • Create a bug report with the FreeBSD devs and hope they can fix it, after that wait for a pfSense version that uses a FreeBSD base containing the fix.

                                          Try to boot FreeBSD 12, if that works you could be lucky and use the upcoming pfSense 2.5.0 builds.

                                          1 Reply Last reply Reply Quote 0
                                          • J
                                            jbhowlesr last edited by

                                            @rico it will appear briefly but not show a spinning pipe (I) symbol.

                                            The system is a Intel 7th gen Quad Core with 16gb Ram and SSD. It’s really fast.

                                            Grimson 1 Reply Last reply Reply Quote 0
                                            • J
                                              jbhowlesr last edited by jbhowlesr

                                              @grimson I hope this works out. When is 2.50 coming?

                                              Boot FreeBSD 12? I’ll try that and see what happens.

                                              Do you have a link for a distro I can download?

                                              Is it possible that my hardware is just too new? It worked fine in 2.4.2 and 2.4.3

                                              1 Reply Last reply Reply Quote 0
                                              • Rico
                                                Rico LAYER 8 Rebel Alliance last edited by

                                                Well you can try now by booting and install https://download.freebsd.org/ftp/releases/amd64/amd64/ISO-IMAGES/12.0/FreeBSD-12.0-RELEASE-amd64-bootonly.iso

                                                -Rico

                                                2x Netgate XG-7100 | 11x Netgate SG-5100 | 6x Netgate SG-3100 | 2x Netgate SG-1100

                                                J 1 Reply Last reply Reply Quote 1
                                                • Rico
                                                  Rico LAYER 8 Rebel Alliance last edited by

                                                  And with this image you can verify the problem with your hardware is upstream pfSense in FreeBSD 11.2: https://download.freebsd.org/ftp/releases/amd64/amd64/ISO-IMAGES/11.2/FreeBSD-11.2-RELEASE-amd64-bootonly.iso

                                                  -Rico

                                                  2x Netgate XG-7100 | 11x Netgate SG-5100 | 6x Netgate SG-3100 | 2x Netgate SG-1100

                                                  1 Reply Last reply Reply Quote 0
                                                  • Grimson
                                                    Grimson Banned @jbhowlesr last edited by

                                                    @jbhowlesr said in 2.4.4 fails upgrade and fresh installation:

                                                    Let’s take a step back. I create the install media and boot the system off of it. It boots the media and before giving any prompts or (I) spinning pipes, I get the error in the photo in the beginning of this thread.

                                                    @jbhowlesr said in 2.4.4 fails upgrade and fresh installation:

                                                    @rico it will appear briefly but not show a spinning pipe (I) symbol.

                                                    You said nothing shows up, and now it does show up? What is it now?

                                                    If it does show do what it tells, hit Escape and go from there.

                                                    1 Reply Last reply Reply Quote 0
                                                    • J
                                                      jbhowlesr @Rico last edited by

                                                      @rico

                                                      I’ll try that when I get home.

                                                      I’m a huge fan of snort and is one of about 3 reasons I push pfsense but fact remains that I’m getting this errors on a lot of systems that all worked with previous version of pfsense

                                                      1 Reply Last reply Reply Quote 0
                                                      • jimp
                                                        jimp Rebel Alliance Developer Netgate last edited by

                                                        As it boots, just keep whacking the space bar.

                                                        In the next few days we'll have 2.5.0 snapshots to try, based on FreeBSD 12, which is more likely to help.

                                                        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                                                        Need help fast? Netgate Global Support!

                                                        Do not Chat/PM for help!

                                                        J 1 Reply Last reply Reply Quote 0
                                                        • J
                                                          jbhowlesr @jimp last edited by

                                                          @jimp if I do this and if i get a prompt, I’m unclear as to what I need to do with this file that’s been mentioned

                                                          /boot/loader.conf.local

                                                          1 Reply Last reply Reply Quote 0
                                                          • Rico
                                                            Rico LAYER 8 Rebel Alliance last edited by

                                                            0_1552762937805_pfSense_boot_loader-prompt.png

                                                            -Rico

                                                            2x Netgate XG-7100 | 11x Netgate SG-5100 | 6x Netgate SG-3100 | 2x Netgate SG-1100

                                                            J 3 Replies Last reply Reply Quote 1
                                                            • J
                                                              jbhowlesr @Rico last edited by

                                                              @rico

                                                              Perfect. This is exactly what I have been asking for. Thank you so much.

                                                              On my way home and will give that a shot when I get there.

                                                              1 Reply Last reply Reply Quote 0
                                                              • J
                                                                jbhowlesr @Rico last edited by

                                                                @rico

                                                                Big shout out here cause this worked and the system is installing now.

                                                                I’ll post again after it’s all up and running and report any further issues

                                                                1 Reply Last reply Reply Quote 0
                                                                • J
                                                                  jbhowlesr @Rico last edited by

                                                                  @rico

                                                                  Sir, pfsense is running great. However, anytime a reboot occurs, I gotta enter the disable=1 string in your photo. How do I automate this so it can reboot unattended?

                                                                  1 Reply Last reply Reply Quote 0
                                                                  • Rico
                                                                    Rico LAYER 8 Rebel Alliance last edited by Rico

                                                                    Now to make it persistent run
                                                                    echo "hint.sdhci_pci.1.disabled=\"1\"" >> /boot/loader.conf.local
                                                                    after booting from console or SSH.

                                                                    -Rico

                                                                    2x Netgate XG-7100 | 11x Netgate SG-5100 | 6x Netgate SG-3100 | 2x Netgate SG-1100

                                                                    J 1 Reply Last reply Reply Quote 0
                                                                    • J
                                                                      jbhowlesr @Rico last edited by jbhowlesr

                                                                      @rico

                                                                      To make sure I’m following you

                                                                      Open >> "/boot/loader.conf.local” using the pfsense file editor”

                                                                      And add echo "hint.sdhci_pci.1.disabled="1"" to the bottom of the file.

                                                                      Save then restart the system.

                                                                      1 Reply Last reply Reply Quote 0
                                                                      • Gertjan
                                                                        Gertjan last edited by

                                                                        echo "hint.sdhci_pci.1.disabled=\"1\"" >> /boot/loader.conf.local
                                                                        

                                                                        is the same thing as opening the file /boot/loader.conf.local and adding
                                                                        hint.sdhci_pci.1.disabled="1"
                                                                        in it.

                                                                        No "help me" PM's please. Use the forum.

                                                                        J 1 Reply Last reply Reply Quote 0
                                                                        • J
                                                                          jbhowlesr @Gertjan last edited by jbhowlesr

                                                                          @gertjan

                                                                          I’m in the file system now. A file called loader.conf.local does not exist. However, a file called loader.conf exists and I made a copy of it and renamed to loader.conf.local and edited that file with the line above.

                                                                          EDIT: just tried this and it didn’t work. Obviously I’m missing something?

                                                                          1 Reply Last reply Reply Quote 0
                                                                          • Rico
                                                                            Rico LAYER 8 Rebel Alliance last edited by

                                                                            Just login via SSH and type or copy/paste
                                                                            echo "hint.sdhci_pci.1.disabled=\"1\"" >> /boot/loader.conf.local
                                                                            reboot and thats it.

                                                                            -Rico

                                                                            2x Netgate XG-7100 | 11x Netgate SG-5100 | 6x Netgate SG-3100 | 2x Netgate SG-1100

                                                                            1 Reply Last reply Reply Quote 0
                                                                            • stephenw10
                                                                              stephenw10 Netgate Administrator last edited by

                                                                              The file: /boot/loader.conf.local should contain only the line:
                                                                              hint.sdhci_pci.1.disabled=1

                                                                              You might add more stuff to it later but since you had to just create it it shouldn't right now.

                                                                              Steve

                                                                              J 2 Replies Last reply Reply Quote 0
                                                                              • J
                                                                                jbhowlesr @stephenw10 last edited by

                                                                                @stephenw10

                                                                                Thank you much. I did this and it worked like a champ. It’s now booting automatically without needing interaction.

                                                                                1 Reply Last reply Reply Quote 0
                                                                                • J
                                                                                  jbhowlesr @stephenw10 last edited by

                                                                                  @stephenw10 @Rico If I may ask, what is STHC I and why is it now becoming a problem

                                                                                  1 Reply Last reply Reply Quote 0
                                                                                  • stephenw10
                                                                                    stephenw10 Netgate Administrator last edited by stephenw10

                                                                                    SDHCI is the FreeBSD driver for the SD card bus. For whatever reason it is not playing nicely with the hardware on your board (and a number of other boards). As jimp referred to above the upgrade to FreeBSD 11.2 brought some changes to that driver including the ability to use a different mode which seems incompatible here. If you really needed that you might be able to force it to use the lesser mode but that's not something I've ever tried.

                                                                                    https://www.freebsd.org/cgi/man.cgi?query=sdhci&apropos=0&sektion=0&manpath=FreeBSD+11.2-RELEASE&arch=default&format=html

                                                                                    Steve

                                                                                    J 1 Reply Last reply Reply Quote 0
                                                                                    • First post
                                                                                      Last post