Watchguard Firebox X Peak platform
-
Yes, this second adapter you show here is similar to the one I used.
So, any thoughts about running it with different fans? Would that improve the power consumption?
I'm not really too concerned about the power consumption, although maybe I should be ;)
–J
-
Well my first thought about different fans is that it should definitely be possible as the heatsink on the CPU seems to run stone cold all the time.
My second thought was that you shouldn't really go messing about with the cooling without having a way of reliably reading the system temps. Using the bios is good for this since it also has no idle code to keep the processor cool. However with no bios access, yet, the perhaps some BSD equivalent of lmsensors? Like I said I'm pretty inexperienced with BSD. The original Watchguard software had the capability to monitor the system I believe, although I've never used it.
The fitted fans are Sunon GM1204PQB1-8A. It seems hard to find any useful info but they seem to rated for 15.3CFM at ~40dB. You can easily, and quite cheaply, get much quieter ones but of course they shift less air. The Watchguard is not exactly a masterpiece of aerodynamics though. The grill across the back of the fans is largely not needed as the rotating part of the fans is on the inside of the box. Also there is, in my opinion, nowhere near enough air inlets. Just the two side grills. There's a grill on the front, just above the 10/100 sockets, but it's completely blocked by the front facia. Room for improvement I think.Reducing the power consumption is basically about fitting a lower power processor. I'm wondering if I could find out which processors the board supports from the bios. It's a modular bios where some modules can be swapped in and out without effecting the key bios code, the splash screen for example. One of the modules is the microcode required for different processors. You'd think that might contain a list of processors? I need a BIOS expert! :D
Steve
-
Ok so because the board has a Winbond W83627HF chip mbmon works quite nicely. Newer programs don't and because ACPI is disabled by default in the bios you can't just read sysctrl directly. For reference.
/etc/rc.conf_mount_rwBecause I'm using an embedded image I first mount it read-write.
pkg_add -r mbmonAdd the mbmmon package.
/etc/rc.conf_mount_roRemount the CF card read only.
./mbmon -d ioctl(smb0:open): No such file or directory SMBus[Intel8XX(ICH/ICH2/ICH3/ICH4/ICH5/ICH6)] found, but No HWM available on it!! Using ISA-IO access method!! * Winbond Chip W83627HF/THF/THF-A found.Test mbmmon can find something. Success!
./mbmon ioctl(smb0:open): No such file or directory Temp.= 39.0, 9.0, 43.0; Rot.= 20454, 20454, 19852 Vcore = 1.52, 2.24; Volt. = 3.36, 5.08, 12.10, -11.96, -0.67What you get.
The fan speeds are nice and seem to change appropriately if you speed up one of the fans by covering it up. Although I think the fans are rated at 9600rpm :P. Voltages look good I suppose.
The temperatures are there. Don't know about the second one. I'm not sure any of those are the actual on die temperature. Quite cool anyway. :DThis should mean the phpsysinfo would work just fine but it doesn't appear in the package list on my install.
Steve
Update: Of course because i'm using embedded mbmon disappears after a reboot. Doh! ::)
Also real measurements have shown the heatsink temperature to be 25°C at idle and 30°C with the system halted in a 20°C ambient with the case open. Definately some headroom to play with.Update: The heasink temperature with the system off after an hour shows 22°C, some discrepency between my two very cheap thermometers! Still a 3° rise is impressive cooling,way more than is required.
Update: In fact it remains installed across a reboot no problem you just have to call the program using the whole path. e.g. /usr/local/bin/mbmon
-
I played around with phpsysinfo and mbmon, it all seemed to work well, although the mbmon returns an error when trying to access /dev/smb0. Adding the argument -I to the mbmon script in /usr/local/etc/rc.d didn't help.
-
So after testing my procedure on another system that did have video and keyboard I got brave and reflashed my modified bios. Make sure to use the /cc switch with awdflash to clear to CMOS and force it to load the defaults.
I wasn't sure it had worked at first but at least it didn't brick it. It definately reflashed it though as I changed the bios message. Any way after much key pressing and googling:Phoenix - AwardBIOS v6.00PG, An Energy Star Ally Copyright (C) 1984-2003, Phoenix Technologies, LTD Modified by Steve for default console. Main Processor : Intel(R) Celeron(R) CPU 2.00GHz(100x20.0) Memory Testing : 524288K OK CPU Brand Name : Intel(R) Celeron(R) CPU 2.00GHz Memory Frequency For DDR266 (Dual Channel Mode Enabled) Primary Master : LEXAR ATA FLASH V1.02 Primary Slave : None Secondary Master : None Secondary Slave : None Phoenix Technologies, LTD System Configurations +==============================================================================+ | CPU Type : Intel(R) Celeron(R) CPU Base Memory : 640K | | CPU ID/ucode : 0F27/37 Extended Memory : 523264K | | CPU Clock : 2.00GHz Cache Memory : 128K | |------------------------------------------------------------------------------| | Diskette Drive A : None Display Type : MONO | | Diskette Drive B : None Serial Port(s) : 3F8 2F8 | | Pri. Master Disk : CHS,PIO 4, 15MB Parallel Port(s) : 378 | | Pri. Slave Disk : None DDR at Bank(s) : 0 2 | | Sec. Master Disk : None | | Sec. Slave Disk : None | +==============================================================================+ PCI device listing ... Bus No. Device No. Func No. Vendor/Device Class Device Class IRQ -------------------------------------------------------------------------------- 0 29 0 8086 25A9 0C03 USB 1.0/1.1 UHCI Cntrlr 11 0 29 1 8086 25AA 0C03 USB 1.0/1.1 UHCI Cntrlr 5 0 29 4 8086 25AB 0880 Base Sys. Peripherals NA 0 29 5 8086 25AC 0800 I/O(X) APIC Cntrlr NA 0 31 1 8086 25A2 0101 IDE CntrlrCI Cntrlr 14 0 31 3 8086 25A4 0C05 SMBus Cntrlr 12 2 1 0 8086 1075 0200 Network Cntrlr 10 3 13 0 16AE 000A 1000 En/Decryption Cntrlr 9 3 14 0 8086 1079 0200 Network Cntrlr 9 3 14 1 8086 1079 0200 Network Cntrlr 9 4 6 0 168C 001A 0200 Network Cntrlr 10 4 9 0 8086 1209 0200 Network Cntrlr 5 4 10 0 8086 1209 0200 Network Cntrlr 10 4 11 0 8086 1209 0200 Network Cntrlr 12 4 12 0 8086 1209 0200 Network Cntrlr 11 4 13 0 8086 1209 0200 Network Cntrlr 5 4 14 0 8086 1209 0200 Network Cntrlr 10 4 15 0 8086 1209 0200 Network Cntrlr 12 Updating ESCD ... Success Building DMI Pool ............................ SuccessThis was from putty at 115200 8n1 with no flow control.
Because you can't send the delete key over the serial console you have to press tab.
However it's incredibly flaky! ::) In fact it almost seemed like I had to press everything three times. It's almost impossible to navigate the bios, the keys seem virtually random.
I'm going to try it again at a lower baud rate to see if that's the problem.
Some interesting results from the POST, though nothing we didn't already know.Update: tried 9600, no different. I've only once managed to have display the complete POST. >:(
-
Hmm. The way you describe that serial output sounds like a flow control issue. Have you tried xon/xoff or hardware(if your cable supports it).?
-
I've tried a large number of different settings, mostly in puTTY but also in Hyperterminal for good measure. However I should probably work through them in order to make sure I didn't miss anything out.
The null modem cable I'm using was supplied with an SMC switch and seems to work perfectly in pfSense and from freedos.
It's as if every key is interpreted as escape. Which seems to make sense if putty is sending escape sequences.
Award calls their console redirect Award Preboot Agent. It seems that it was possible to get an companion program, Award Preboot Manager, that would talk to it and enable all sorts of interesting functions. Mapping a floppy drive from a remote machine so you can upload a new bios for example. Good luck finding anything about it though. ::)
I'll have to try and borrow another cable or get my multimeter out and test this one.The device in the post: Vendor ID 16AE; Device 000A would seem to be a Safenet SafeXcel 1841. It seems that it should be supported under FreeBSD but isn't recognised. It's the larger of the two chips with silver heatsinks (the other one's gig ether) and runs quite hot.
Update: It isn't supported in the safe(4) driver from FreeBSD 7.3 or 8. However..
Prices for the SafeXcel-184x series start at $85 per chip in quantities of 10,000
Sweet! I'm prising it off and selling it! ;D
-
Hi All,
Still playing here. ;DI just swapped the processor for a Pentium 4-M (SL6FH). It's rated at 1.8GHz but because the board doesn't support speed step it defaults to it's lower speed of 1.2GHz. The board booted and ran fine using slightly less power, ~46W at idle.
It does seem that there may be some potential for a pin mod to make it run faster.
However looking at the output of mbmon the core voltage being supplied by the board is 1.57V when it should be 1.3V. ::) Not good! The chip does have a far higher rated junction temperature though so could be run hotter. Still 1.57 is actually higher than the voltage provided for the original P4 so I think we can assume that the bios knows nothing about the P4-M. A Shame. :(Bios access is still defeating me. I can now semi-reliably get the first part of the POST which helps when swapping CPUs.
I am left thinking that the bios module that supports console access is basically knackered and was never meant to be used. I've tried every combination serial settings and several cables. I even installed a serial sniffer to watch what was actually being sent and received. It seems that the bios is just not receiving/interpreting what I'm sending correctly. Looking at instructions for other motherboards of the same era with the same bios modules and chipset it seems that it should just work with no problem.Update: I got braver and went for the pin mod I linked to above. Removing pin AE1, or bending it as I have, reduces the core voltage by 0.4V. So far it seems stable and cooler. ~42W at idle.
[1.2.3-RELEASE] [root@pfSense.local]/usr/local/bin(17): ./mbmon ioctl(smb0:open): No such file or directory Temp.= 35.0, 7.5, 37.5; Rot.= 21093, 21093, 19852 Vcore = 1.15, 2.16; Volt. = 3.38, 5.05, 12.10, -12.04, -0.62Should be able to fit quieter fans now for sure.
-
Still only getting 1.2 Ghz from that processor after the pin mod? How much is that chip going for on ebay?
-
Yep still running at 1.2GHz. I only tried the voltage mod though. By removing another pin you can set the bus speed to 133MHz (up from 100) giving 1.6GHz. I haven't tried that yet though. I paid £2 for it. ;D
However like it says in the article I linked to you'd be better off with the equivalent mobile celeron because they didn't have speedstep.
The way I look at it if I ever run out of processor headroom I can always swap back something more powerful. This is unlikely though as the box I'm replacing is an old Cyrix 333MHz running IPCop. A lot more interfaces on the Firebox though. :-\Steve
-
My new fans arrived today so I fitted them straight in. The cables need shortening really I ended up having to stuff it all into the fan enclosure which can't be good for air flow. :P
I went for three Akasa AK-161BL-S which are a 40x40x20mm fan, narrower than the originals. They're are specced at 6.27CFM so quite a lot less than the originals.
The results are - great! ;D
They are so much quieter. I would say about the same level as the Shuttle XPC I'm typing this on, I would happily use a desktop PC this loud. They also seem to keep thigs plenty cool enough. I've had the firebox runing for the last few hours and:[1.2.3-RELEASE] [root@pfSense.local]/root(15): /usr/local/bin/mbmon -I Temp.= 38.0, 13.5, 37.5; Rot.= 5578, 5357, 5232 Vcore = 1.15, 2.19; Volt. = 3.38, 5.05, 12.10, -11.96, -0.62I also have a thermocouple on the CPU heatsink which is stable at 30°C. This is in a 21° ambient with the case closed.
I have a feeling that both the temperatures measured by mbmon are chipset rather than cpu. Anyway to find out?
Here's a quick pic. I'm a sucker for a blue LED! ::)
-
looking nice, I would most likely use red LED instead to match the case and my other computer fans (I like to have some kind of color coordination and contrast lol) nice job!
-
Thanks Jamie. 8)
Oooo red, now there's an idea! It's a tough call though. Plenty of red led fans, plenty of 40mm fans, plenty of quiet fans but all three in one fan? I've not found one. To be honest you won't see it anyway once it's installed. :D
-
i know, but the glow in the dark room…thats worth it :)
-
I agree with the red LED, who ever heard of a blue firewall? that's preposterous! J/K
My preference? I want the fires of hades illuminating the wall behind my security devices.
-
how much did the fans and the firewall set you back?
-
The Firebox was £40 from Ebay. It was sold as faulty though because the root partition on the Watchguard CF card was corrupt. Bit of a risk but it paid off.
The P4-M processor I'm currently running was £2.
The fans were £3.50 each.
I'm not sure how much I paid for the wireless mini-pci card a while back but it was around £5.2 weeks fun and tinkering, priceless! ;D
Steve
-
so really I should look for ones that have "software issues" then? for the best bang for my buck?
-
Yes, that would be best. Although since they are all now end of life they shouldn't be sold as anything more than hardware only.
Like I said it was a bit risky. People on Ebay often say things like; "this laptop is mint condition, it just has a small software issue. I'm sure anyone familiar with it could fix it in seconds. A bargin". And then when you get it you find it needs a new motherboard! >:( I thought it was worth a £40 gamble. -
hmmmm…but for people like us who are building and rebuilding our own firewalls thats not that huge of an issue...well to me it would be more annoyance I think...
