Changing from Realtek NIC to an intel NIC, cannot access the firewall after swapping cards.
-
We run the XG-1537, It's a few years old.
Basically, we're having problem with the 4 ports Realtek NIC. Looking on the web, there seems to be a lot of problem related to this NIC.
Once in a while, when there is too much traffic, the firewall locks up completely and only a physical hard reset will let it come back up. (specially frustrating when we're all remote and no-one is at the office since COVID times...)
We've established that changing the Realtek NIC for an Intel NIC would most likely solve our problem.
The problem I am facing currently is that, once I shutdown the firewall, swap the card and boot it up. Everything seems fine at first, the firewall doesn't throw me any errors when booting. When I try to access the GUI, it just doesn't work. I'm using the default LAN port that's still on 192.168.1.1, it works fine even without any NIC card plugged in. But as soon as I boot it up using the Intel NIC, 192.168.1.1 doesn't work anymore, so I can't configure it.
Our Realtek NIC is used in a LAGG, our LAN and WAN port have different config, so everything should still be working on the LAN port when using the same IP (192.168.1.1).
I figured that I'd just have to change the 2x ports used in our LAGG for the new port on the intel nics . Should be fairly simple right?
We thought about doing a factory reset, swap the cards and then push the config back but I'm not too sure about that, would you guys have any tips/pointers for me?
I've tried searching for a console guide so that I try to see what's going on and fix it but I can't find anything relevant.
Thank you.
-
@klemire
Maybe not so much help, but...
Boot with realtek and drop to command. Do an ifconfig and note the I/F names. Then take out realtek and boot. drop to command and do ifconfig note names. Then put intel card in, and note the I/F names. See if any conflict - like duplicates. You should also see carrier / I/F status. -
@klemire said in Changing from Realtek NIC to an intel NIC, cannot access the firewall after swapping cards.:
and then push the config back
Short answer : Noop.
Config backup and restore is a button press solution when 'hardward doesn't change'.
You did change the hardware.Long answer:
Backup your config.Install new NIC.
Boot pfSense.
Assign a minimal LAN and WAN.
Backup up again the config.Now, with a text editor, like Notepad++, open both backup files.
Compare the <pfsense><interfaces> <NIC> sections, where 'NIC' is LA? WAN, etc.
You see there is a line called <if>re0</if> in the WAN section of the old config.
Change it for what you've found in the new - intel based - minimal config file. For example, hange 're0' for 'em1'.
Etc.When done, import your modified old - but edited - old config file.
Now your ok - or very close to ok. -
You will be seeing two issues here.
The firewall still boots because lagg is a subinterface excluded from the check. So even though it boors without issue the defined lagg will still be re NICs and hence invalid.
When you add a 4 port Intel NIC it it's using the igb driver the WAN and LAN ports will probably have moved onto the card. The ports are numbered in the order they are detected and the expansion card is usually parsed first.
See: https://docs.netgate.com/pfsense/en/latest/solutions/xg-1537/io-ports.html#optional-intel-1-gbps-expansion-card-portsSteve