PfSense on a Riverbed Steelhead
-
@theorangefloof Ok a couple things...
First, just out of an abundance of caution, I would not use a pair of ports capable of bypass (Ex: LAN_0 and WAN_0) as pfsense LAN/WAN ports. There's just too much potential for them to be set to bypass, where they behave as a physical crossover coupler. Use Pri and Aux instead.
Second, many Steelheads have IPMI/BMC available on the Pri port, so it's best to use it as a pfsense LAN port. Use Aux as the WAN port and Pri as the LAN port because they have no bypass capability between them, and the Aux port does not have IPMI/BMC.
On CX-570/770 the IPMI/BMC board is removable if 100% disabling of this capability is desired. Removing the board would allow safe use of Pri as a WAN port without potentially exposing IPMI/BMC to the world.
Oops, just did a little searching and...
In your case with a CX-255, which has no Aux port and no mention IPMI/BMC so, I'd use the Pri as WAN, and the bypass ports for your two LANs.
If you're still seeing bypass behavior between LAN ports, try some of the other BIOS options for the bypass NICs. I don't have a CX-255 or I'd check for you.
FWIW, the bypass feature (two ports acting like a cross-over coupler) should only engage when the Steelead is powered down. When power is applied, and the NICs are up, they should behave like two normal NICs.
-
@okijames Okay i tried the Lan bypass setting in the bios as any of the 3 values, still getting the bypass behavior, and the lights on igb0-1 are always showing orange no matter the setting picked in the Bios, also emailed to the seller who i brought this off he linked me to post 56 in this exact thread. so haven't gotten anywhere further yet
-
@theorangefloof FYI the post you were referred to is probably not correct for your model. That was for the older CX-250/550 32bit machines with no BIOS control of the bypass function.
If your BIOS looks like the screen shots below, all you needed to do was set the bypass NICs to "No Bypass".
Behavior of the bypass NICs should be...
-Orange/Amber NIC lights immediately after power up using the toggle switch on the back of the unit.
-After a couple seconds, you should hear a distinct click sound, then no NIC lights. The Power and HDD LEDs should also turn on after the click.You might also try dropping to shell after boot, and issue ifup commands for both bypass NICs.
If you followed post 56 and issued the smbmsg commands, I have no idea what state your machine is in. The bypass NICs might be unusable. Sorry if that's the case. I'll edit the old post with a warning.
-
This is what my bios looks like, didn't run the commands other than kldload and smbmsg -p, the addresses i have were completely different to that post anyway.
ran ifconfig igb0 up and ifconfig igb1 up, nothing no relay clicks that i could hear.
also haven't heard anything other than the startup/shutdown beeps and the fans.
Also the nic lights don't go off after i run those commands, i also looked at the status from ifconfig it says no Carrier on igb0 and 1. -
@theorangefloof Hate to say it, but you might just have some bad hardware.
-
@okijames You are right. I found a cx-770.
Apparently, it should be able to hear the relay when turning the machine on, but was not heard on my previous cx-570. After I replaced the relays, those Nic worked fine.
This has nothing to do with proxmox or pfsense.
-
Nice troubleshooting!
-
@lemon-k What kind of relay did you replace?. My CXA-255 has "No Bypass" set up but the NIC still won't work. Thanks.
-
@pantigon
Hello, just wanted to know if you had any luck of finding a fix for bringing lan and wan interface up once the pfsense is up.
keep in mind I didn't see this behavior on 755 model just 255 model so far -
@TheOrangeFloof did you have any luck with this issue?
-
@KOTRz after some back and forwards with the seller he sent me a new board were he just removed the relays and just hard soldered the connections so the ports would work as NICs. He also tested it before sending it and I tested it again when I received the new board and pfsense worked fine then. I would of replied to the thread back them but it completely slipped my mine until I saw the email about the reply
-
@TheOrangeFloof said in PfSense on a Riverbed Steelhead:
he just removed the relays and just hard soldered the connections
That seems like cheating.
-
@stephenw10 I mean yeah it can be but hey it worked
-
@TheOrangeFloof Thx for the info
can we know more info about those relays and how to modify them so we get over this issue? -
@pantigon did you have any luck with cx255?
