Pfsense inaccessible after OPT2 interface enabled.



  • Hello,

    Just installed V 2.0.1 and encountered a bit of a problem.

    Hardware:
    –--------

    I have a dell 1950 with 2 built-in Broadcom gigabit ethernet

    I installed 2 more single PCI-E Gigabit Ethernet cards (also broadcom), which bring the total number of ports to 4.

    Scenario:

    bce0 = Built-in port (WAN)
    bce1 = Added NIC (DMZ)
    bce2 = Added NIC (SYNC)
    bce3 = Built-in port (LAN)

    Problems:

    I assigned LAN to bce3 and WAN to bce0. They works fine. I can access via browser.

    I can assign OPT1 interface to either of the added NIC cards. It will work fine.

    The problem begin when I assign OPT2. As soon as I enable the interface, I could no longer access the LAN port via the browser.

    I assigned LAN port to either of the added NIC cards and it works fine. This mean physically the cards have no problem.

    I am sensing some type of conflict going on. Could somebody help?

    Other attempts:

    I reloaded and downgraded to v1.9. Same problem.

    I also notice at first time boot up it gave message "Network interface mismatch, running interface assignment option."

    I ran the Dell Diagnostic and all hardware passed, including the built-in and added-in NICs. It's obvious this may not be hardware related.



  • Not enough info to tell for sure, most frequently that symptom would be a result of configuring IP settings on OPT2 that break LAN in some fashion (conflicting subnet or IP could do so).



  • Try to enable the OPT2 without the LAN and check which subnet it runs on. It sounds like the OPT2 and the LAN interface er running on the same subnet, obviously causing conflicts.



  • @cmb:

    Not enough info to tell for sure, most frequently that symptom would be a result of configuring IP settings on OPT2 that break LAN in some fashion (conflicting subnet or IP could do so).

    Thank you. Could you please let me know what other info necessary to diagnose further?

    I have it set on a different subnet. I also disconnected the cables for both OPT1 and OPT2 but still seeing the same problem. It seems the problem takes place as soon as I assigned the OPT2. Regardless of which physical NIC I assigned it to, the LAN will become inaccessible.

    I did a big of google regarding "Network interface mismatch, running interface assignment option". It looks like this is a known problem.

    http://forum.pfsense.org/index.php?topic=41201.0

    Please correct me if I am wrong, but somehow Pfsense or FreeBSD assign the same IRQ to the added in NICs. Since both of those NICs are the exact same type, it does seem to conflict with the built-in NICs. I see some people did the work around by using 2 different NICs:

    http://www.mail-archive.com/support@pfsense.com/msg16484.html
    http://comments.gmane.org/gmane.comp.security.firewalls.pfsense.support/17210

    Is there a way to manually change the assigned IRQ?



  • @kxx:

    Try to enable the OPT2 without the LAN and check which subnet it runs on. It sounds like the OPT2 and the LAN interface er running on the same subnet, obviously causing conflicts.

    Thanks. I did tried different scenarios to isolate the problem. I think the problem boiled down to using the 2 NICs of same exact model. This will conflict with the built-in NICs as  Pfsense or FreeBSD seems to assign the same IRQ to both NICs. I hope there's a way to manually change the assigned IRQ.


  • Netgate Administrator

    If you're using multiple Broadcom NICs especially on Dell hardware you should try the tuning options described here:
    http://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards

    Steve



  • @stephenw10:

    If you're using multiple Broadcom NICs especially on Dell hardware you should try the tuning options described here:
    http://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards

    Steve

    Thank you Steve!



  • @impire:

    I think the problem boiled down to using the 2 NICs of same exact model. This will conflict with the built-in NICs as  Pfsense or FreeBSD seems to assign the same IRQ to both NICs.

    Its very unlikely that interrupt sharing is a problem for modern NIC drivers.

    When I saw multiple bce NICs, problem on enabling fourth, I immediately thought of the page Steve linked to. It seems the bce driver preallocates a lot of mbufs (network buffers) on enabling a NIC and this causes causes exhaustion or near exhaustion of the default mbuf allocation when there are "enough" NICs.


Log in to reply