NIC crashes or freezes under heavy traffic - S930 - Try a lot
-
Hello everyone,
some time ago I finally got my fiber optic connection with gigabit speed. At the same time, I converted my entire network to a gigabit LAN and it has worked great so far. Only the hardware for the pfSense has been bothering me for a while...
The configuration with several VLANs, a Captive-Portal and a few rules was quick and worked without any problems.The basis for my pfSense is a Fujitsu Futro S930 that I still had lying around by me. After spending some time watching tutorials and reading discussions, I purchased and installed the remaining hardware. I installed a 32GB mSATA SSD, 8GB DDR3 RAM and of course an Intel NIC (Pro/1000 PT Dual Port).
So now the problem begins. When I start my pfSense, it runs for a few hours until it freezes at some point. When I do a speed test, it crashes immediately. The GUI (and the Internet) is then no longer accessible and I have to restart the pfSense...So this always happens when there is a lot of internet traffic.
I've been reading a lot of posts and discussions on the internet for days now and I still can't find a solution to the problem. I have already replaced the RAM, SSD, NIC and cables. I also installed the latest version in the BIOS and on the pfSense. Oh, and I've already tried settings like "Hardware Offloading" or "Gateway "Monitoring"...
I also connected a monitor and searched the logs, but there were no errors or other indications that would cause the computer to freeze. With one NIC (Pro/1000 PT) pfSense crashes completely and then restarts and with the second NIC (i340 T4) it just freezes without logs/notices. The power supply is the original one with 65W.The Fujitsu Futros are very popular as hardware for pfSense with the Intel NICs and that's why I'm surprised by this problem. Many of the common errors/solutions didn't work for me.
Does anyone have any other ideas and can help me?
Thanks -
I forgot to write that the S930 has a quad-core CPU at 2.4GHz. To avoid overheating, I built a small fan over the heat sink right from the start.
-
Sounds like defective or incompatible hardware. Was it working before the network conversion?
-
@w0w There was a simple Netgear Rouer installed without VLANs and such. I've swapped and changed a lot of hardware. What surprises me is that with the i340 NIC the pfsense doesn't crash but just freezes.
-
@Leon98
Overall, the idea of using a thin client that is 7 years old is risky because it may have already exhausted its resources. I'm not claiming this is the case, but it seems like your Fujitsu is just freezing, and the network is simply provoking the issue. In any case, it doesn't seem like a software problem. Try to change the PSU or use some similar. -
@Leon98
check the logs on the bios for some hardware errors if available.I searched over months an issue why my pcie broadcom card stop working sometimes under load. The issue was an pcie error and reset on the pcie bus, replacing the network card fixed this issue.
-
@slu I'll see where I can see the BIOS logs... What exactly was your PCIE error and how did you fix it? The PCIE x4 slot is currently on the 1.0 generation. A switch to generation 2 was also unsuccessful.
-
@Leon98 said in NIC crashes or freezes under heavy traffic - S930 - Try a lot:
What exactly was your PCIE error and how did you fix it?
The server board log something like "bnxt0: Clearing PCIe errors" and "bnxt0: Correctable PCIe error reported by APEI".
At the end of the day the Broadcom card was faulty from the first day and reset the PCIe bus results in connection loss before reboot pfSense...
But that's one example what would be an issue..
-
When it stops passing traffic is the console still responsive?
If you have the console connected and then trigger the issue with a speedtest does it show an error?
-
@stephenw10 said in NIC crashes or freezes under heavy traffic - S930 - Try a lot:
When it stops passing traffic is the console still responsive?
If you have the console connected and then trigger the issue with a speedtest does it show an error?
I connected the monitor and keyboard and did another speed test. Also on the monitor no errors are displayed and the pfSense no longer responds... I will find another network card and test it. Otherwise, I'll get another hardware.
-
I had time to test again at home today. My internet connection is significantly slower, but that doesn't matter.
Booted up the S930 Thin-Client with the quad port NIC and did a speed test, it froze again. Nic installed in a desktop PC and installed pfsense, several speed tests without any problems. Then I put the NIC back into the Thin-Client and I was able to do several speed tests without changing anything. This completely confuses me now...To briefly say something about the project: it's about a small hotel with a restaurant that wants to make internet available to its guests. In addition to a few own devices, a few access points for the WiFi are installed. In total, I'm counting on 100 - 200 devices, although of course not all of them need a lot of internet. The pfSense only has to separate the networks (VLANs and Routing), Captive Portaland assign DHCP addresses...
-
Potentially could have updated the NIC firmware if it ever booted into a different OS or newer pfSense.
-
@stephenw10 said in NIC crashes or freezes under heavy traffic - S930 - Try a lot:
Potentially could have updated the NIC firmware if it ever booted into a different OS or newer pfSense.
The Quad Port NIC is from Fujitsu with Intel i340 chipset. As far as I know, it can't be updated normally.
-
-
@w0w Yes. The BIOS also doesn't show any messages except an old message that the RAM has been replaced.
I tested it several times today and had no more problems. Even if I removed and reinstalled the NIC. I didn't change any settings or anything. How can the problem suddenly disappear into thin air?Somehow I don't trust it and I think I'm looking for other hardware. Maybe a used SG Sophos and then pfSense? Or an SFF PC?
-
@Leon98 Hi, I have the same Fujitsu i340 T4 card, it is a server class controller, it works great in all hardware where I have pfsense installed.
It is currently in use on Lenovo M920Q Tiny i5 8500T which could be a more robust solution for managing a network of 100-200 connections, VPN, etc
15w / 20w consumption, lots of information on the net. -
@Leon98
SFF is the best for me, and literally any mATX PC will do the job.
@Leon98 said in NIC crashes or freezes under heavy traffic - S930 - Try a lot:Even if I removed and reinstalled the NIC. I didn't change any settings or anything. How can the problem suddenly disappear into thin air?
Cold soldering, or detached BGA (Ball Grid Array), bad slot contact, too much dust in slot. Anything.
-
The idea that it could be due a cold soldering is a good one and I hadn't even thought of that.
For under €200 I can get a Sophos firewall (XG210, SG210/230 or UTM220). With the Sophos firewalls, you could upgrade the CPU. In many posts you also read about Supermicro servers (Xeon / Atom CPU) or other servers like the Dell R210 II. Or of course a normal SFF PC or firewall hardware from other manufacturers like Juniper or Protectli.
I think that 8 to 16GB of RAM is sufficient. And first the quad port gigabit NIC with Intel chipset. You can always switch to a NIC with SFP later. I'm really overwhelmed when it comes to choosing a CPU and can't even estimate which one makes sense. Firstly, which Intel CPU itself (Xeon, Atom, i3, i5, i7) and then also how many cores/threads are needed and the clock speed.
Most of the instructions and discussions deal with the hardware for a home network. However, my project requires significantly more power, for at least a gigabit uplink and perhaps over 200 DHCP clients (users). -
@Leon98 take a look at the Netgate hardware comparison chart and compare the CPU's vs performance that they are spec'ing in their products to get an idea.
I wouldn't mess with repurposing a Sophos unit if you don't already own it. Maybe as a side project to use as a cold backup.
However, my project requires significantly more power, for at least a gigabit uplink and perhaps over 200 DHCP clients (users).<<
Its all relative but most modern Intel CPU's can handle a GB uplink easily.
There are plenty of threads discussing new hardware if you share your budget and requirements - packages running, VPN, etc.
-
@Leon98
"Buy cheap, buy twice." Do you know what this means?Consider the Minisforum MS-01 or the Qotom Q20332G9-S10 along with a managed 10/1/Gbit switch. These are good alternatives if you don't want Netgate hardware.
