Upgrade from 2.4.4 -> 2.5 no networking
Has anyone had any issues with the upgrade from 2.4.4->2.5. I have tried it on 2 boxes so far, both with quad intel nics (em) and both times it resulted in not being able to see any network traffic on any interfaces. Disabling pf with 'pfctl -d' doesnt help and I dont see anything when I 'tcpdump -e -i emX', apart from outbound traffic from the firewall. Yes the links are up on the interfaces, the speed is negotiated fine, and the nic logical to physical mappings are correct. All i did to upgrade was run "/usr/local/sbin/pfSense-upgrade" from the shell and reboot. Am i missing a step, or is this a known issue? Luckily thanks to zfs and beadm rolling back was very easy.
No problems that we're aware of. Do you have any traffic shaping active? There have been reports of issues with Limiters causing traffic to not pass. That doesn't seem to match your symptoms though since that traffic would still have arrived in a packet capture.
If both of your systems have the same card, it might be a problem with the driver for that specific chipset.
Thanks for the reply i will have another go at the weekend, when downtime is less critical. No there was not traffic shaping and its the intel em driver so should be rock solid i would have thought. I might try disabling checksums to see if that helps.
They usually are solid, assuming they are legit cards. There are a lot of counterfeit cards out there being passed off as Intel that tend to fail in unexpected ways like this.
kraduk last edited by kraduk
Tried again and still the same
I might well be being hit by this bug. This will probably affect quite a few of those Chinese pfsense boxes off amazon.
: pciconf -lv|grep Gigabit device = '82583V Gigabit Network Connection' device = '82583V Gigabit Network Connection' device = '82583V Gigabit Network Connection' device = '82583V Gigabit Network Connection' device = '82583V Gigabit Network Connection' device = '82583V Gigabit Network Connection'
this might speed up my idea to virtualize pfsense on this box
Small point of contention: there are no Chinese pfSense boxes sold on Amazon. There might be Chinese boxes sold on Amazon that people try to run pfSense on.
OK i have found a fix, well it seems to work at the moment. Time will tell if it lasts..
Definately related to this
adding the following to loader.conf and rebooting seemed to work
This will catch quite a lot of people out I suspect. Both bits a kit I saw this happen were partaker mini pfsense firewall boxes. They are fairly common out there. One is the 6 port i5 version and the other is the older 4 port j1900 .
I see my point is lost on you.
kraduk last edited by kraduk
Well both of mine shipped with it installed so logically im correct, that doesnt mean they are officially supported or branded as such now does it? Hence why i didnt put a tm symbol on the sentence? That is beside the point though, a lot of people out there do run it, and when they upgrade....
chpalmer last edited by chpalmer
This one to related to that same interface type. Which references the second link above.
Not to beat a dead horse but this is why using development snapshots for production environments is not recommended. However Im sure the extra testing and reports are greatly appreciated. :)
Not at all, this is a preproduction test environment, but it does have other users, that kind of test things so uptime during business hours is still as important, but not critical. Most individuals test environments are virtual, so this issue hand not being picked up due to it being hardware based.