Load bnxt driver in 2.4.5
-
I asked on here previously about the possibility of making a built-in Aquantia network interface work with PfSense and was advised that adding an expansion card to provide the additional network interface(s) I needed "would be the easiest way forward".
Thus, a colleague ordered up an Intel i350 2-port card, which I understood should be supported by the igb(4) driver. Unfortunately the Dell rack PC rejected the card (it could not even be powered on to access BIOS until we removed the card) and Dell refused to help because we didn't buy the i350 card through them. My colleague therefore asked Dell to recommend a card that would be compatible with both the PC and PfSense. They came back with the Broadcom BCM57416 which is on the FreeBSD supported hardware list under the bnxt(4) driver. We installed the Broadcom card in the rack PC today and it hasn't killed it like the Intel card did but PfSense is only showing the built-in NIC which means we still cannot use it as a firewall (because we only have one NIC available to PfSense but need one for WAN and second for LAN, as a minimum). We don't really mind whether these are 1gb or 10gb NICs, we just need at least two of them working.
It appears from this feature request that, despite the PfSense website linking to the FreeBSD hardware list, version 2.4.4 did not actually include the drivers for the Broadcom card. Is that still the case with PfSense 2.4.5 and if so do we need to return the Broadcom card to Dell and ask them what else they can offer?
I did find this in the FreeBSD manual which suggests that the bnxt driver can be loaded as a module by adding the line if_bnxt_load="YES" to loader.conf. I think I found that file (using the command-line shell that is available on the installer USB stick) and tried to add the line but the text editor reported an error when I tried to save my changes and the file was not modified. Is this something I should be attempting on a business-critical system anyway?
-
maybe it can be useful(?)
you haven’t written anything about the Dell unit, so I can only guess...
Yes, Dell has severe restrictions on hardware:
It can be used without any problems, in this setup Dell R210II:
https://www.bargainhardware.co.uk/broadcom-bcm5709-quad-port-rj45-1gbps-low-profile-pcie-x4-nic
(but it's only 4x1Gig)https://www.freebsd.org/cgi/man.cgi?query=bce&sektion=4
what I can say is,that pfSense works well with this card + Dell
-
Hmm, yes it looks like that driver is not in the pfSense kernel. Yet.
You can load it as a module though. You will need the if_bnxt.ko file from a FreeBSD 11.3 iso filer or install.
Copy that to /boot/modules in pfSense
Create the file /boot/loader.conf.local and add to it the lineif_bnxt_load="YES".Steve
-
Thank you both for the replies, my colleague's not keen on returning the card and trying to obtain another so I'll be pursuing the option of loading the driver as a module.
@stephenw10 I will try to obtain the if_bnxt.ko file, but how do I access the pfSense file system to make changes? As I wrote above, when I tried using the rescue shell available on the pfSense installer it wouldn't let me save changes. I later tried to mount a USB drive so that I could copy the file to another machine to edit it but the mount command returned an error (read-only file system if I recall correctly) which leads me to believe that what I thought was my pfSense installation's file system is actually the contents of the installer USB drive. How do I access my pfSense file system (on the hard drive in the Dell rack PC) from the pfSense live-USB (rescue shell)?
-
Hi,
this is the essential:
as @stephenw10, Steve has already described the process:
Copy that to /boot/modules (****.ko) in pfSense
Create the file /boot/loader.conf.local and add to it the line if_bnxt_load="YES".and
F.E.:
https://winscp.net/eng/download.php- SSH
this is how you will see the filesystem if you use winscp:
-
Yes, you have one working NIC in that system so access it via that using SSH/SCP.
You can copy the file onto it from USB if you had to but SCP is going to be far easier.
Steve
-
Thank you @DaddyGo and @stephenw10 - I've added the two files as advised and pfSense now sees the new network interface. All is looking good.
-
good news
-
Possibly spoke a bit too soon there, the expansion card interfaces show up now that the bnxt driver is loaded but as soon as I turned VLANs on at the switch ping, DHCP etc. all stopped working. All sorted now though.
I found the solution elsewhere on this forum for another Broadcom NIC. As suggested in that topic I have enabled promiscuous mode on the interface that I have VLANs on. This appears to have resolved the issues although I haven't been testing it for long.
