pfSense Newbie Needing Solarflare Card Help

MacWarrior

@stephenw10 Hi Steve, 1st - in reference to adding "kldload sfxge" as a loader variable so it loads at every boot, how do I add that? I searched in the forums and docs and couldn't find how to accomplish that without screwing up my computer.

2nd - here is the strange part to me about the DNS Lookup. I used a 2nd computer I had and loaded it with pfSense with a Spectrum connection directly to the WAN and the 4 DNS Lookups work great. However, when I try it with my main 1st computer with pfSense unit hooked up to a MetroNet connection directly to my WAN, it says "No Response" to all 4 DNS Lookups. The reason I'm scratching my head is I checked every setting from my 2nd computer and compared it to the 1st computer, and it is identical to each other but I get the "No Response" on the 1st computer. Not sure what I am missing here. Thx.

MW

stephenw10

To load it at boot create the file /boot/loader.conf.local then add to it the line:

if_sfxge_load=YES

Try a lookup from the command line directly. First make sure it can ping out:

22.05-DEVELOPMENT][admin@apu.stevew.lan]/root: ping -c 2 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=116 time=7.352 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=116 time=7.288 ms

--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 7.288/7.320/7.352/0.032 ms

Then try to query it:

[22.05-DEVELOPMENT][admin@apu.stevew.lan]/root: dig @8.8.8.8 google.com

; <<>> DiG 9.16.23 <<>> @8.8.8.8 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36555
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;google.com.			IN	A

;; ANSWER SECTION:
google.com.		67	IN	A	172.217.16.238

;; Query time: 7 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Feb 15 13:01:47 GMT 2022
;; MSG SIZE  rcvd: 55

If that works what errors do you see trying to query the configured servers?

Steve

MacWarrior

@stephenw10 HI Steve, results:

[2.5.2-RELEASE][admin@Birds-of-Prey.macwarriors.lan]/root: ping -c 2 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=61 time=13.298 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=61 time=14.437 ms

--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 13.298/13.867/14.437/0.569 ms
[2.5.2-RELEASE][admin@Birds-of-Prey.macwarriors.lan]/root: dig @8.8.8.8 google.com

; <<>> DiG 9.16.16 <<>> @8.8.8.8 google.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

[2.5.2-RELEASE][admin@Birds-of-Prey.macwarriors.lan]/root: ping -c 2 1.1.1.1
PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: icmp_seq=0 ttl=60 time=34.296 ms
64 bytes from 1.1.1.1: icmp_seq=1 ttl=60 time=32.973 ms

--- 1.1.1.1 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 32.973/33.634/34.296/0.662 ms
[2.5.2-RELEASE][admin@Birds-of-Prey.macwarriors.lan]/root: dig @1.1.1.1 cloudflare.com

; <<>> DiG 9.16.16 <<>> @1.1.1.1 cloudflare.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

MW

MacWarrior

@stephenw10 said in pfSense Newbie Needing Solarflare Card Help:

To load it at boot create the file /boot/loader.conf.local then add to it the line:

Hi again Steve,
I followed your directions above but they still don't load.

MW

stephenw10

@macwarrior

Ah, I'm sorry it's not shown as an interface type for some reason. Change that line to:

sfxge_load=YES

Hmm, so you can ping but not connect with UDP. What firewall rules do you have on that interfaces? Can we see a screenshot?

Steve

MacWarrior

@stephenw10 Hi Steve, I hope you are monitoring right now. After changing the boot/loader file, it has stopped booting up. I have done a fresh install of 2.6 and created the boot/loader file again with the new parameter you gave me and it does the same thing by not booting up. Hmmm.
???

MW

MacWarrior

@stephenw10 I am currently at the Manual Config window after a clean install of 2.6 asking if I want to make any final manual mods.

stephenw10

Urgh, I'm sorry. Did it throw some error when it tried to boot?

You can override the loader.conf variables at the loader prompt if something is causing a problem. So you might do:

set sfxge_load=NO
boot

That should then boot as before allow you to change the loader file.

The loader.conf.local file is not stored in the config so you should be able to go ahead and complete the install and restore your config.

Steve

MacWarrior

@stephenw10

Hi Steve,
I was able to get the fresh install of 2.6 running early this AM but when I went in to try to write to boot/loader it says I have permissions off. I spent 2-3 hours looking and trying different solutions for permissions in the Shell but nothing worked. I checked tons of websites and YouTube but nothing fit what I was trying to do. (I wanted to try to figure this part out on my own but I failed. Still trying to learn the in's and out's of Terminal and different Shells) It is showing commands after "chmod" ([-fhv] [-R [-H etc...]] mode file ...) that I understand what they do but can't get to work.

I do have Good News though! My DNS and DDNS issues are fixed and the update is showing up working on the Dashboard. WooHoo!! Anyway, I just need some help now with the SFP+ NIC issue and turning permissions on for Shell. Thank you!

MacWarrior

stephenw10

Hmm, if you're logged in as admin or root you should not see any permissions errors.

Create the file: /boot/loader.conf.local
Add lines to it.

I usually do that from the gui unless I already have a CLI open.

If it fails to boot again you can override those values at the loader prompt. You will also see errors just after that when it tries to load the modules at the console.
For example I tried to load a bad igb module a short time ago:

Loading configured modules...                                                   
don't know how to load module '/boot/modules/if_igb.ko'
/boot/kernel/sg5100.ko size 0x1d00 at 0x40a0000
loading required module 'superio'                                               
/boot/kernel/superio.ko size 0x5d98 at 0x3cfe000 
/boot/kernel/zfs.ko size 0x39ae70 at 0x3d05000

Steve

MacWarrior

@stephenw10

Hi Steve,
I assume you're talking about the "Command Prompt"? If so, [I think I know the steps, but to make sure I am doing it right] can you give me the steps to do it? I Greatly Appreciate it!

MacWarrior

stephenw10

The console, where you will see the module loading, is what you see when you physically attach to the firewall. So either VGA and keyboard or a serial terminal.
https://docs.netgate.com/pfsense/en/latest/hardware/connect-to-console.html

The loader prompt is what you reach if you interrupt boot at the console when the boot loader menu appears. It allows you enter options before the kernel is loaded.

For example:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/boot-issues.html#booting-with-an-alternate-console

Steve

MacWarrior

@stephenw10
Hi Steve,

I just wanted to clarify that I meant "Command Prompt" from the GUI as you suggested. (My bad). I thought you were reading my mind when I typed back to you (LOL).

MW

MacWarrior

@stephenw10
The other thing is when I interrupt the boot like you referred to is where I get the “write permission is off” issue. That’s why I tried to use the Command Prompt from the GUI but I don’t quit understand it to build the boot/loader file.

MW

stephenw10

To create the loader.conf.local file you can just use Diag > Edit File

Or you can do it from the command line using something like:

echo 'sfxge_load=YES' >> /boot/loader.conf.local

I'm not really sure why you would see that permissions error unless maybe you were doing it from the installer?
However it shouldn't matter, you don't need to write anything there. Settings you make at the loader prompt apply for that boot only. You have to make a more permanent change once it boots.

Steve

MacWarrior

@stephenw10
Hi Steve,

Here is where I stand. I removed the SFP card from my newly built machine and put it into a much older computer. The /boot/loader is working and it loads the driver every time. I connected the SFP from Solarflare to my D-Link SP-1012-10P SFP port but, I can't get it to connect. Should I try to drop the speed of the Solarflare and if so, how do I do that? Or, should I just switch to Chelsio SFP NIC cards to make it easier and more compatible? Would like your thoughts.

I also have 2 x D-Link SP-1012-28P which I want to separate all 3 switches on their own networks [using the Quad Solarflare NIC], but the same subnet so I can still connect to them with the same computers to make any changes or updates. I want to make separate networks with the Quad SFP NIC card, Port 1 - WAN, Port - 2 for the main computers and other devices, Port - 3 for the VoIP network, port 4 - for the Security Camera Network. Currently, I have my network set to 10.12.25.1/12. When I assign IPs to the SFP ports, it says that I am overlapping them.

Could use come config help.

Thank you,

MW

stephenw10

If you are connecting to 1G devices you may well have to set the link speed manually. That is done in the interface config in pfSense. It's common to need to do that on any 10G NIC.

You can't have more than one interface in the same subnet, it would break routing between them.
If you really need them in the same subnet you would need to bridge them:
https://docs.netgate.com/pfsense/en/latest/bridges/index.html

Steve