-
On a fresh upgrade of pfsense, how to verify the version of the driver if.re.ko being used?
On a fresh upgrade of pfsense, how to install pkg realtek-re-kmod and verify the version of the driver being install/loaded by that?
On a fresh upgrade of pfsense, how to verify that when the pkg realtek-re-kmod is listed as already installed, that it is being used?My issue below:
Since the upgrade from 2.4 to 2.5 I have been getting these in my logs approx. every 12-16 hours.
/rc.linkup: The command '/usr/sbin/arp -s '192.168.175.2' '30:9c:23:2c:dc:79'' returned exit code '1', the output was 'arp: writing to routing socket: Cannot allocate memory'
and watchdog timeout randomly. I had resolved the watchdog timeout with an alternative if_re.ko driver in 2.4.
When the issue occurs every IP that is DHCP mapped has this error in the logs in a row. So all are affected at the same time.
Googling says it is probably the realtek driver that comes with FreeBSD thats causing both errors.
I tried installing the driver that is available through the packaging system of pfsense and that was a nogo:[2.5.0-RELEASE][admin@Majesty.wimpy.lan]/root: pkg install realtek-re-kmod
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installedI know it said the package is already installed but how to verify it is using the 1.96.4 FreeBSD 12.2 stale driver? No way to tell as far as I can see (Not Unix expert for sure) kldstat did not show the module loaded so what can I do to verify.
So I go out to other driver sources. Like the one here: https://forums.serverbuilds.net/t/guide-resolve-realtek-nic-stability-issues-on-freebsd-pfsense-2-4-4-2-4-5-2-5-0-opnsense-use-2-5gb-realtek/3555
It has the 1.96.4 driver for FreeBSD 12.2 -devel (better than nothing) I load it up, verify it is loaded and am now monitoring. I would rather do this from the pfsense packaging system or even the FreeBSD packaging system if necessary.
I just want to add that after the driver install I found a thread on reddit that someone had traced this error down to pfblockerNG when adding many lists, I have many lists. To resolve it the Firewall table entries were increased from default to 2000000 as per a post from bbcan177 - so I figured if the dev of pfblockerng suggests this cahnge then I will try it!. I had done this (after the 1.96.4 driver install) and am monitoring.
Also, I in the available packages I see a message under my installed version of pfblockerng - Newer version available. Package is configured but not (fully) installed or deprecated - but when I look for a newer version all I see is the dev version - is THAT the newer version that is available?
-
Looks like you have a static ARP entry set which is pretty much never required.
You see that error though because it cannot allocate memory in the ARP table for an IP in a subnet the firewall doesn't have an interface in. Which is probably because the re NIC has gone AWOL.
Installing the pkg is not enough. You still need the loader line to load it at boot:
See: https://forum.netgate.com/post/962889Steve
