-
@hspindel said in NUT Package (2.8.1 and above):
Changed nut.conf MODE=netserver
upsd.users: added a new user and password, upsmon slave
Changed upsd.conf. Added LISTEN <ipOfPFsense> 3493nut.conf is not used on pfSense. You are not hand editing the ups config files are you? If you are, then that's not the right way to configure NUT on pfSense--every time you restart they will be overwritten.
Please post the configuration you have in Services / UPS / UPS Settings.
-
@dennypage said in NUT Package (2.8.1 and above):
nut.conf is not used on pfSense. You are not hand editing the ups config files are you? If you are, then that's not the right way to configure NUT on pfSense--every time you restart they will be overwritten.
Please post the configuration you have in Services / UPS / UPS Settings.
nut.conf is the only file I hand edited because I couldn't see how to do it in the GUI. The rest of the files I used the GUI to modify.
What is the right way to specify MODE=netserver?
My config page looks like this:
UPS Type: Local USB
UPS Name: EatonUPS
Enable notifications: yes
Driver: usbhid
No extra arguments to driver
No extra arguments to upsmon.conf
ups.conf: pollinterval=10
upsd.conf: LISTEN pfSenseIP 3493 (also tried LISTEN 0.0.0.0 3493)
upsd.users:
[howard]
password=xxxxxxx
upsmon slaveThank you!
-
@hspindel said in NUT Package (2.8.1 and above):
What is the right way to specify MODE=netserver?
There isn't one. The file nut.conf is unused in pfSense, and most other places. It is intended to be used by generic OS distributions, but I haven't really seen much uptake on it for the systems I work with.
Returning to the attempt to connect remotely... Have you checked the firewall log? Are you able to successfully telnet to port 3493 from the LAN?
-
@dennypage said in NUT Package (2.8.1 and above):
There isn't one. The file nut.conf is unused in pfSense, and most other places. It is intended to be used by generic OS distributions, but I haven't really seen much uptake on it for the systems I work with.
Okay, then NUT on pfSense is automatically configured as remotely accessible? I haven't found a setting to enable/disable it.
Returning to the attempt to connect remotely... Have you checked the firewall log? Are you able to successfully telnet to port 3493 from the LAN?
Nothing in the firewall logs. Yes, I can telnet in. There is no banner message, but if I type Hello I get a response ERR UNKNOWN-COMMAND. Tried to guess at a valid command. "LIST UPS" returned a good looking response. Couldn't guess any other commands.
So perhaps this is more a problem in Home Assistant.
-
@hspindel said in NUT Package (2.8.1 and above):
Okay, then NUT on pfSense is automatically configured as remotely accessible? I haven't found a setting to enable/disable it.
It is not remotely accessible by default. You are making it remotely accessible by addition of the LISTEN directive in the Extra arguments to upsd.conf.
Yes, I can telnet in. There is no banner message, but if I type Hello I get a response ERR UNKNOWN-COMMAND. Tried to guess at a valid command. "LIST UPS" returned a good looking response. Couldn't guess any other commands.
Try these commands:
USERNAME howard PASSWORD xxxxxxx LOGIN EatonUPS
If you receive "OK" in response to the commands it will confirm your setup.
Then you can then move on to beating your head against HomeAssistant.
Never done it myself, but...
If you are using the hass add-on, I assume you have all of these set, yes?
mode: netclient remote_ups_host: pfSense_IP_Addr remote_ups_name: EatonUPS remote_ups_user: howard remote_ups_password: xxxxxxx
No leading or trailing spaces, yes? No '#' or other special characters in the password, yes?
If it is still failing, you will have to go into the HomeAssistant container for NUT and look at the logs there to see what's happening.
-
@dennypage said in NUT Package (2.8.1 and above):
Try these commands:
USERNAME howard PASSWORD xxxxxxx LOGIN EatonUPS
All of these responded with OK.
Then you can then move on to beating your head against HomeAssistant.
Time to do that!
If you are using the hass add-on, I assume you have all of these set, yes?
mode: netclient remote_ups_host: pfSense_IP_Addr remote_ups_name: EatonUPS remote_ups_user: howard remote_ups_password: xxxxxxx
I'm using a Synology DS1522 container for Home Assistant. It doesn't appear to have any of these settings - it just set things up automagically when I installed it.
If it is still failing, you will have to go into the HomeAssistant container for NUT and look at the logs there to see what's happening.
The log isn't very helpful (at least to me). It says:
ERROR (SyncWorker-2) [homeassistant.components.nut] Failure getting NUT ups alias, socket error.[0mI will pursue this with the HomeAssistant people. My gut-level feeling right now is that this is some kind network problem with a container connecting to pfSense.
Thank you for your help.
-
I am using the NUT package to connect to an Eaton UPS via SNMP v3.
Unfortunately I found I was not able to get the configuration as needed by using the pfSense UI to add additional items to the various configuration files, so having saved the configuration with no extra settings in the UI, I edited the configuration files directly in /usr/local/etc/nut to contain the entries required. Once this had been done, NUT started correctly and communicated with the Eaton UPS successfully for about 12 days. After that I started receiving emails that the UPS had disconnected. On checking, I found that the configuration files had become reset and lost all the settings I had added. I restored a backup copy of the configuration files, restarted the NUT service and it connected immediately.
Is there something I am missing here - do the configuration files get overwritten on a periodic basis, or how can I prevent a re-occurrance.
-
@simon_hp said in NUT Package (2.8.1 and above):
I found I was not able to get the configuration as needed by using the pfSense UI to add additional items to the various configuration files, so having saved the configuration with no extra settings in the UI, I edited the configuration files directly in /usr/local/etc/nut to contain the entries required.
What were you not able to configure in the UI?
-
@dennypage said in NUT Package (2.8.1 and above):
@pfpv I you would like my recommendation on a solution, the first thing I would do is connect the UPS to a system other than a Synology as Synology has a rather messed up NUT implementation, and only support Synology systems as clients.
In my opinion, it would be much better to use pfSense or a linux system as the server and have the Synology be a client. FWIW, after doing this I would also recommend a run-time calibration, regardless of how old your batteries are.
In answer to your questions about versions: The version of NUT is actually FreeBSD's nut-devel-2023.10.07_1, which is based on git just prior to the 2.8.1 release. You can see this on the Installed Packages screen. The upper level package, pfSense-pkg-nut-2.8.2, is labeled as 2.8.2 because of a mistake being made at the moment of package publication. This is mentioned earlier in this thread. The published package should have been pfSense-pkg-nut-2.8.1_1, but once it was published as 2.8.2 the version number could not be downgraded. It doesn't affect anything other than human perception. If you really want to know more, you can read the discussions in the Redmine and Git PRs.
Hi @dennypage, I respectfully disagree about Synology. It's just a server that passes UPS messages. It's very stable, does it properly, has worked for years and I haven't seen any complaints. I chose to connect my UPS to Synology because in my opinion it is the most critical piece of equipment to be properly shut down, and it provides a NUT server for other equipment. The messages are up to NUT on the client system to interpret. Synology itself didn't bork unlike pfSense.
I can assure you that equipment is not at fault. And here is the proof:
https://github.com/networkupstools/nut/issues/2104
https://github.com/networkupstools/nut/pull/2108The NUT 2.8.1 release notes have the following now: "Also upsmon should now recognize OFF and BYPASS flags in ups.status and report that these states begin or end. The OFF state usually means than an administrative action happened to power off the load, but the UPS device is still alive and communicating (USB, SNMP, etc.); corresponding MONITOR'ed amount of power sources are considered not being "fed" for the power value calculation purposes. The BYPASS state is now treated similarly to ONBATT: currently this UPS "feeds" its load, but if later communications fail, it is considered dead. This may have unintended consequences for devices (or NUT drivers) that do not report these modes correctly (e.g. an APC calibration routine seems to start with a few seconds of "OFF" state), so the reported status is only considered as a loss of feed if it persists for more than OFFDURATION seconds. [#2044, #2104]"
Link: https://networkupstools.org/historic/v2.8.1/docs/release-notes.chunked/NUT_Release_Notes.html#_release_notes_for_nut_2_8_1_what_8217_s_new_since_2_8_0I read your notes about the release of your 2.8.2 pfSense NUT package. You used nut-devel as there was no indication the a new NUT release was coming. But NUT 2.8.1 came out shortly after and it included a fix for the described faulty behavior.
Since APC UPS's have bi-monthly self-test routines I predict that forums will soon be flooded with messages like mine about "administratively OFF or asleep" and pfSense equipment suddenly shutting down for no reason.
Please, please, please update the pfSense NUT package to 2.8.1 NUT release. It will mitigate the problem.
-
@pfpv said in NUT Package (2.8.1 and above):
I respectfully disagree about Synology. It's just a server that passes UPS messages. It's very stable, does it properly, has worked for years and I haven't seen any complaints. I chose to connect my UPS to Synology because in my opinion it is the most critical piece of equipment to be properly shut down, and it provides a NUT server for other equipment.
I don't disagree that there is a bug in NUT, and I will be looking at that shortly. That said...
I'm in my third generation of Synology equipment. Fifteen plus years. I have handled a number of support issues arising from Synology's NUT implementation, both mine and others. Their NUT implementation started out very straight forward, but over time it has evolved, becoming more and more specialized and complex. With DSM 7.2, it's gotten to the point that I don't consider it to be completely reliable, and view it as a primary of last resort.
I will point out one thing that you said that you may wish to reconsider. You indicate that the NAS is the most important thing to have a proper shutdown. I agree with this general sentiment. However, by running the NAS as the NUT primary, you are actually incurring higher risk for the NAS rather than less.
The NUT primary does not initiate a shutdown until all the associated secondaries have logged out of the primary. Assuming a default polling interval of 5 seconds, a pfSense or Linux system will take something on the order of 10-15 seconds before they log out, and another 30-90 seconds to complete a shutdown. This means that the NAS will not begin its shutdown until 10-15 seconds after the UPS declares a low battery. Depending upon configuration and current activity, a Synology usually takes over 2 minutes to complete a shutdown. If the UPS is off in calculating remaining runtime, you run the risk of exhausting the battery before the NAS has completed its shutdown.
If you reverse this situation and use pfSense or a Linux system as the primary, then the NAS will begin its shutdown within 5 seconds. Not only does this give a wider margin of safety for the NAS, it can give an increased margin of safety for the other systems as well. When the NAS shuts down, there is suddenly a lot less load on the UPS, which gives more time for the other systems to complete their shutdown even if the estimated remaining runtime was incorrect.
The relevant passage from upsmon.conf:
# Also, since the primary system stays up the longest, it suffers higher risks # of ungraceful shutdown if the estimation of remaining runtime (or of the # time it takes to shut down this system) was guessed wrong. By consequence, # the "secondary" systems typically monitor the power environment state # through the 'upsd' processes running on the remote (often "primary") systems # and do not directly interact with an UPS (no local NUT drivers are running # on the secondary systems). As such, secondaries typically shut down as # soon as there is a sufficiently long power outage, or a low-battery alert # from the UPS, or a loss of connection to the primary while the power was # last known to be missing.
As a general rule, you want to have systems that represent the highest UPS load and/or longest shutdown time as secondaries, and a system that represents lower load and is fast to shut down as the primary.
-
@hspindel said in NUT Package (2.8.1 and above):
I'm using a Synology DS1522 container for Home Assistant. It doesn't appear to have any of these settings - it just set things up automagically when I installed it.
If you don't have those settings, then I assume you are not using the hass add-on. What then are you using? And how are you configuring it?
As an aside, if you have HomeAssistant running in a container on your Synology, why are you running NUT inside the container? I assume it is not for shutting down the container which would be handled by the Synology. Are you running HA automation based on the UPS values?
-
@dennypage said in NUT Package (2.8.1 and above):
@hspindel said in NUT Package (2.8.1 and above):
I'm using a Synology DS1522 container for Home Assistant. It doesn't appear to have any of these settings - it just set things up automagically when I installed it.
If you don't have those settings, then I assume you are not using the hass add-on. What then are you using? And how are you configuring it?
Within Home Assistant, one has the option to select Settings/Devices and Services/Add Integration. From the Add Integration page, one can search for NUT. Upon selecting NUT, Home Assistant pops up a dialog box to "Connect to the NUT server" which wants host, poirt, username, and password. There are no configuration options offered, and nothing I've tried in the dialog box gets a response other than "Failed to Connect."
As an aside, if you have HomeAssistant running in a container on your Synology, why are you running NUT inside the container? I assume it is not for shutting down the container which would be handled by the Synology. Are you running HA automation based on the UPS values?
AFAIK (and I could be confused) I am not trying to run NUT inside the container, just the Home Assistant NUT client.
I have using Home Assistant to shut down two other Synologies (APC units). The UPSes for those Synologies are connected to a Windows machine and a Linux machine. Windows and Linux are running apcupsd, which is not understood by Synology. So Home Assistant is configured to watch apcupsd and send a shutdown message to the relevant Synology.
Another UPS (an Eaton) is connected to pfSense. So I was trying to configure Home Assistant to pay attention to the NUT server on pfSense and operate similarly to the way the APC/Synologies work with Home Assistant.
If I can't get that to work, my next try would be to get the Synology as a NUT client to pay direct attention to the NUT server on pfSense. I have read that Synology's non-standard implementation of NUT makes this problematic, but I can search for a known working configuration.
-
I guess the whole Home Assistant thing is a fuggediboutit now.
I was able to get the Synology to directly connect to the NUT server on pfSense.
Since all I care about is powering down the Synology correctly in the event of a power failure, I'm good now.
Thank you for your help.
-
@dennypage Thank you for your quick response, much appreciated.
When I installed the UPS some weeks ago, I did struggle when I tried to use the additional settings entries in the pfSense Nut UI. As I mentioned, I ended up saving only the UPS Type, UPS name, notifications, and Remote IP address or hostname. After that I manually edited the conf files and the service started successfully.
Fast forward 12 days and I stated getting notifications of comms failure to the UPS. The conf files seemed to have reverted to default,, so I restored the files and all started correctly and I made a post above that you responded to.
In order to answer your question correctly, I went back in and reconfigured the UPS through the UI - which is a very much preferred way of doing it. I am not sure what I did differently - but I was successful getting the UPS connected via the UI settings this time (YAY!). The entries I made below were (details changed to protect the innocent)PostUpload1.txt
I am also unsure of the difference between the entry in upsmon.conf which nominates "primary", and the upsd.users file that nominates "master".
I am not using pfSense to relay UPS status to any other machine, as my Windows and Linux servers directly connect to the UPS themselves, and my monitoring system (Zabbix) also directly connects using snmp.
Appreciate any suggestions or explanations,
Regards
Simon -
@hspindel said in NUT Package (2.8.1 and above):
I have using Home Assistant to shut down two other Synologies (APC units). The UPSes for those Synologies are connected to a Windows machine and a Linux machine. Windows and Linux are running apcupsd, which is not understood by Synology. So Home Assistant is configured to watch apcupsd and send a shutdown message to the relevant Synology.
This is kinda convoluted, and sounds fragile to me. I think using NUT directly on all the systems would be a better choice. NUT has a shutdown interlock for secondaries that will be lost by using HA. FWIW, NUT does support being a client of apcupsd, but there is no way to configure this on Synology.
@hspindel said in NUT Package (2.8.1 and above):
If I can't get that to work, my next try would be to get the Synology as a NUT client to pay direct attention to the NUT server on pfSense. I have read that Synology's non-standard implementation of NUT makes this problematic, but I can search for a known working configuration.
Synology does use a very non-standard configuration for NUT, but what you are talking about is easily accomplished. The only restriction is that you must use default values for ups name, username and password.
See post #2 in this thread, Notes on remote access to NUT for details on setting up remote access, and see Synology setup details in the Notes on Synology section at the end of the post.
-
@simon_hp said in NUT Package (2.8.1 and above):
I am also unsure of the difference between the entry in upsmon.conf which nominates "primary", and the upsd.users file that nominates "master".
In 2.7 and below, NUT used the terms "master" and "slave". In NUT 2.8+, the terms "primary" and "secondary" were added, but are fully interchangeable with the prior terms.
-
@pfpv said in NUT Package (2.8.1 and above):
administrative
Hey guys, I faced this very same issue twice, very annoying indeed. In my situation, I don't want a graceful shutdown for my pfSense.
I setup my box to come back when the power is back. With a graceful shutdown that wouldn't happen, correct me if I'm wrong.Anyways, to avoid the NUT to shutdown my pfSense I did the following
Edited the file /usr/local/etc/nut/upsmon.conf removing the following lines
SHUTDOWNCMD "/sbin/shutdown -p +0" POWERDOWNFLAG /etc/killpower
Then, you can just restart the service. I belive that does the job, but again, correct me if I'm wrong. I want NUT just to keep monitoring my UPS which is attached to my NAS. I don't want my pfSense goes down when I have a power failure.
-
@robertofelix said in NUT Package (2.8.1 and above):
I don't want a graceful shutdown for my pfSense.
I setup my box to come back when the power is back. With a graceful shutdown that wouldn't happen, correct me if I'm wrong.Yes, that is wrong. You have an incorrect BIOS setting. Change the Power setting from 'Last State' to 'Power On'.
-
@dennypage You're right. I changed that setting to 'Power On'.
Now, I believe if the NUT package misbehaves, the box will shut down, but it will power on back by itself, is that right? -
@robertofelix said in NUT Package (2.8.1 and above):
You're right. I changed that setting to 'Power On'.
Now, I believe if the NUT package misbehaves, the box will shut down, but it will power on back by itself, is that right?The behavior of that bios setting is that the host will boot whenever power is applied to the box.
When NUT executes a shutdown, one of the very last things it does is to instruct the UPS to cut power after a sort delay. So following the return of mains, when the UPS brings power back on, the host will boot automatically.