USB NIC on 2.4.4.p1 release?
-
You should avoid USB NICs in FreeBSD/pfSense they cause nothing but problems.
-Rico
-
@rico said in USB NIC on 2.4.4.p1 release?:
You should avoid USB NICs in FreeBSD/pfSense they cause nothing but problems.
-Rico
Yes, I'm aware of that, but not much I can do until I can get hardware ordered and received. Is there anything that can be done to get better performance while I am running a USB nic?
-
@greg_e you can try a different OS. You're basically asking for a way to get freebsd to do something it doesn't do well, so you're unlikely to get very far.
-
Yeah USB NICs have a bad rep for a reason.
THose logs show a link issue though rather than the USB device disconnecting entirely for example. I would certainly try swapping cables and switch ports.
Are both USB devices you tested using the same AX88178 chip?
Using VLANs is preferable. A VLAN capable switch can be had quite cheaply these days.
Steve
-
I'll try a different jumper and port on my switch and see if it stabilizes. I did consider a link flap issue, but didn't really see the signs of the link flapping. My switches lock out the port if they flap too many times in a unit of time. But I forgot to check this before resetting it this morning.
-
@stephenw10 said in USB NIC on 2.4.4.p1 release?:
Yeah USB NICs have a bad rep for a reason.
THose logs show a link issue though rather than the USB device disconnecting entirely for example. I would certainly try swapping cables and switch ports.
Are both USB devices you tested using the same AX88178 chip?
Using VLANs is preferable. A VLAN capable switch can be had quite cheaply these days.
Steve
Steve, I think you got it, I think it was a connection issue. A while ago I started putting connections into a different patch bay... This new bay was labeled for the "A" standard and all the rest of my network is "B" standard... I ended up with a few cables that were half a crossover cable and this firewall was on one of them. Spent a little time fixing things, thankfully I'd only moved about 10 connections over to this new patch, and half of the connections were done correctly.
Watching my logs to see if I see any issues pop back up. So far no additional entries in the system log after 10 minutes. Every time I looked before I would have seen ue0 disconnect and reconnect by now. Locking the port out must have been the linkflap detection doing what it was supposed to do and shutting the port down until the cable was disconnected or a timer elapsed.
-
Well, now I'm seeing a different bit of error, getting USB hotplug events which at least seem to reconnect well enough. I have a feeling a lot of this has to do with heat in the adapter. I tried to clamp it to a rack shelf which should allow a bunch of heat to pass into the cooler shelf, but that doesn't seem to be working. Might just need to deal with it until I can get better hardware ordered.
Jan 17 15:40:59 php-fpm 348 /index.php: Successful login for user 'admin' from: 192.168.1.109 (Local Database) Jan 17 15:51:42 check_reload_status Linkup starting ue0 Jan 17 15:51:42 kernel ue0: link state changed to DOWN Jan 17 15:51:42 kernel ue0: link state changed to UP Jan 17 15:51:42 check_reload_status Linkup starting ue0 Jan 17 15:51:43 php-fpm 61964 /rc.linkup: Hotplug event detected for LAN(lan) static IP (192.168.1.1 ) Jan 17 15:51:43 check_reload_status Reloading filter Jan 17 15:51:43 php-fpm 348 /rc.linkup: Hotplug event detected for LAN(lan) static IP (192.168.1.1 ) Jan 17 15:51:43 check_reload_status rc.newwanip starting ue0 Jan 17 15:51:43 check_reload_status Reloading filter Jan 17 15:51:44 php-fpm 61964 /rc.newwanip: rc.newwanip: Info: starting on ue0. Jan 17 15:51:44 php-fpm 61964 /rc.newwanip: rc.newwanip: on (IP address: 192.168.1.1) (interface: LAN[lan]) (real interface: ue0). Jan 17 15:51:44 check_reload_status Reloading filter
-
That's still a hotplug on the Ethenet link not the USB device disconnecting which would produce much more serious errors.
If you think it's temperature related try blowing a fan on it to be sure. Maybe even remove the case as a test. Not sure how practical that might be...
Steve
-
@greg_e said in USB NIC on 2.4.4.p1 release?:
2.4.4-release-p1 with Celeron N3150 (4 cores and AES-NI support)) and 8GB of RAM. New to pfSense, but got it running with e2guardian to filter websites and pretty happy with everything for the moment, except for one issue...
My USB 2.0 NIC keeps doing something where it no longer connects to the network (connection light is off). Unplug and plug back in clears this problem. I'm running this on a little Foxconn "bookshelf" computer which only has a single wired NIC, so USB is really the only choice for me (no I can't or don't want to do router on a stick with vlans). It is an AX88178 chip and I only need to get through a couple of months until I can buy proper hardware to set this up the correct way. This is my proof of concept device which I had on hand and need to demonstrate that it is worth buying the ~$1000usd worth of hardware to get this working correctly with real wired NICs (onboard or PCIe card).
So the question is, do I have several defective cheap USB NICs (I've tried 2 of them)? Or do I have a switch/cable problem (I don't think this one is the case)? Or is the operating system somehow putting the USB to sleep?
Just looking for things to check. Please keep in mind that I am not a Unix specialist, so will request some hand holding when I need to look up log files and check config files. I have a little Linux experience and can move around by terminal commands a little, but not very strong with this.
Thanks.
Let me update this with info from the system log:
Jan 16 13:16:54 kernel ue0: link state changed to DOWN Jan 16 13:16:54 kernel ue0: link state changed to UP Jan 16 13:16:54 kernel ue0: link state changed to DOWN Jan 16 13:16:54 check_reload_status Linkup starting ue0 Jan 16 13:16:54 kernel ue0: link state changed to UP Jan 16 13:16:54 check_reload_status Linkup starting ue0 Jan 16 13:16:54 check_reload_status Linkup starting ue0 Jan 16 13:16:55 php-fpm 25976 /rc.linkup: Hotplug event detected for LAN(lan) static IP (192.168.1.1 ) Jan 16 13:16:55 check_reload_status Reloading filter Jan 16 13:16:55 php-fpm 17504 /rc.linkup: Hotplug event detected for LAN(lan) static IP (192.168.1.1 ) Jan 16 13:16:55 check_reload_status rc.newwanip starting ue0 Jan 16 13:16:55 check_reload_status Reloading filter Jan 16 13:16:55 php-fpm 72697 /rc.linkup: Hotplug event detected for LAN(lan) static IP (192.168.1.1 ) Jan 16 13:16:55 php-fpm 25976 /rc.linkup: Hotplug event detected for LAN(lan) static IP (192.168.1.1 ) Jan 16 13:16:55 check_reload_status rc.newwanip starting ue0 Jan 16 13:16:56 php-fpm 25976 /rc.newwanip: rc.newwanip: Info: starting on ue0. Jan 16 13:16:56 php-fpm 25976 /rc.newwanip: rc.newwanip: on (IP address: 192.168.1.1) (interface: LAN[lan]) (real interface: ue0). Jan 16 13:16:56 check_reload_status Reloading filter Jan 16 13:16:56 php-fpm 25976 /rc.newwanip: rc.newwanip: Info: starting on ue0. Jan 16 13:16:56 php-fpm 25976 /rc.newwanip: rc.newwanip: on (IP address: 192.168.1.1) (interface: LAN[lan]) (real interface: ue0).
Router on a stick is probably your best bet. I know you don't want to do it but until you get new hardware you will have to ask yourself do you want stability? I have done a router on a stick configuration and it worked flawlessly and as far as I know it has been up for 4 years now with no issues, the customer has not called me once.
-
When I played around with using a usb-NIC, I was getting random periods where the USB nic was not passing traffic. If I remember correctly it would sometimes be up for two days before the nic would fail but just like clock work it would fail at the wrong time when I needed access to something on my network and I wasn't home. Seems to me from what you have mentioned about your switch dealing with port flapping you already have a smart switch so the configuration should be simple enough. If you need help with it there are plenty of folks including myself that would be glad to help.
As a side note I have used a switch as a wan aggregator to connect multiple cable modems to my firewall in lab at work and have achieved gigabit speeds, it worked flawlessly. Just needed to change the MAC for each WAN interface since I was using modems from the same ISP.
-
The problem isn't really setting up router on a stick, but in how the two networks can be connected. This is a department level network that I manage, and the internet is provided on the college's larger network. We've found that the only real way to connect between the two (for various reasons) is with an external piece of hardware like a router.
If I absolutely need to do something else, I'll put one of my old Cisco routers between the two networks and then use vlans to run through the firewall.
But the more reliable I make it right now, the less likely I'll get the proper hardware to make it work. So far it seems reliable except when I was grabbing massive numbers of OS updates and working it really hard. Been running good all day since I clamped it to the rack shelf for a heatsink, but I also haven't been pulling huge amounts of data. I'll probably grab a big aluminum heatsink out of a dead power supply and see if I can dissipate more heat. I was thinking of pulling the plastic case apart and seeing how I might cool it better.
Anyway, my department chair is back on Tuesday and that means I can get ordering things (I hope) to make this work correctly. Even better quality USB3 adapters might work, and they are cheap and quick to get, and I can use them other places as needed when I'm done with this project.
Going to buy a SuperMicro 1u server, some RAM, and put an old SSD in it. Then I'll have the two onboard NICs and if I need more I can add a PCIe card later. Probably $600 worth of parts.
-
Cooling won't fix usb lan instability. It's more likely to be a power surge or even noise from the cable if we take that slippery road of assumptions. A supermicro with ssd and $600 is again overkill, unless you are doing it at 10G speeds too.
-
@greg_e said in USB NIC on 2.4.4.p1 release?:
If I absolutely need to do something else, I'll put one of my old Cisco routers between the two networks and then use vlans to run through the firewall.
I'm not parsing that. It seems like you could just route between the VLANs in pfSense using a router on a stick setup.
But anyway getting hardware with real NICs is better.
Steve