Console port on Netgate/Lanner device



  • I've been running a Dell server as my master firewall, and a Hamakua as slave.  I bought a Netgate FW-7541 to replace the server in my rack, and I screwed up the console port access while doing so.  What I did was take the default install, upload my current config to it, and watch the console port go all screwy.

    I've gotten into the web configurator and told the system to use 115200 as the serial port speed (recommended for this hardware), and now I see this when watching it boot:

    • I can see the thing boot, and can access the BIOS

    • I can watch the machine boot from the initial load screen where you choose your slice

    • Next comes the "Welcome to pfSense!" screen where it will do the default boot after x number of seconds

    • I can watch the system load to a point, then it stops.

    The last things I see on the boot sequence are:

    Root mount waiting for: usbus3 usbus2 usbus1 usbus0
    uhub0: 2 ports with 2 removable, self powered
    uhub1: 2 ports with 2 removable, self powered
    uhub2: 2 ports with 2 removable, self powered
    Root mount waiting for: usbus3
    Root mount waiting for: usbus3
    uhub3: 6 ports with 6 removable, self powered
    Trying to mount root from ufs:/dev/ufs/pfsense1
    ```And that's it.  The system continues to boot and becomes responsive, but I no longer see anything from the console.
    
    I'm assuming there are more places where serial console speed is assigned, but I don't know where they are.  Can someone point me in the right direction?  This is usable now, but if it hoses itself later I'd like to be able to work on it from the console…

  • Netgate Administrator

    Your previous install was a 'full install' to a HD?
    You are booting the FW-7541 from CF?

    Steve



  • Steve,

    Both of those statements are correct.


  • Netgate Administrator

    Hmm, that's an odd place for the boot sequence to stop when it is actually booting correctly. It often stops there if it can't find root, not the case here. It often stops at the bootloader if the console setup is incorrect.
    How did you tell it to use 115200bps for the console, via the gui or manually editing a file?
    Anything on the console at 9600bps?
    Did you use the serial console on your previous install?

    Steve



  • I did not use the console on the previous install.

    I changed the speed from 9600 to 115200 using the webgui - no files directly edited yet.

    If I open the terminal @ 9600, I see some garbledygook, then a few lines from the boot sequence, the last of which is /boot/defaults/loader.conf (if I copied it correctly), then more garbledygook, then nothing.

    Once the system is running I find that hitting the enter button a few times returns nothing, whether I configure the terminal @ 9600, 38400, or 115200.



  • You can change the BIOS-Setting Advanced->Remote Access Configuration->Redirection After BIOS POST to [Boot Loader], otherwise the Lanner-device redirects the VGA-stream to the serial console.

    HTH



  • @hfs:

    You can change the BIOS-Setting Advanced->Remote Access Configuration->Redirection After BIOS POST to [Boot Loader], otherwise the Lanner-device redirects the VGA-stream to the serial console.

    HTH

    Thanks.  It was set to Always, and I trued Disabled and Boot Loader, and in each case I'm seeing the same behavior: the serial console goes nonresponsive at the same point in the boot sequence.



  • Strange…

    Just to verify:

    1. BIOS is set to "[Boot Loader]" 115200,n,8,n
    2. pfSense is set (via GUI) to "Enables the first serial port with 9600/8/N/1 by default, or another speed selectable below" and "115200"

    You can verify the pfSense-settings in /boot/loader.conf, it should contain:

    
    boot_multicons="YES"
    boot_serial="YES"
    comconsole_speed="115200"
    console="comconsole,vidconsole"
    
    

    /boot.config should contain this line:

    
    -D
    
    


    1. Correct.
    2. Correct, though the labeling is different (advanced config page)

    You can verify the pfSense-settings in /boot/loader.conf, it should contain:

    
    boot_multicons="YES"
    boot_serial="YES"
    comconsole_speed="115200"
    console="comconsole,vidconsole"
    
    

    Mine only contains```
    boot_multicons="YES"
    hw.usb.no_pf="1"

    
    > /boot.config should contain this line:
    > ```
    > 
    > -D
    > 
    > ```
    
    We're good there.


  • @Derek:

    Mine only contains

    boot_multicons="YES"
    hw.usb.no_pf="1"
    

    I'm assuming making changes to what you listed will help?

    You might give it a shot.

    You don't have flow-control enabled on your terminal?



  • That fixed it.  :)

    Thanks!


  • Netgate Administrator

    If you're doing manual file editing then use /boot/loader.conf.local instead. You will have to create that file but anything you add there won't be overwritten.
    NanoBSD is hardcoded to use com1 for it's console. On my nano box if I set the console to 115200 the only line I see in the loader.conf is:
    comconsole_speed="115200"

    I am not sure but Netgate (who are VERY close to the project  ;)) may have their own images for that box configured slightly differently. I'm sure if you dropped them a line they'd sort this for you quickly. Point them at this thread.

    Steve

    Edit: What was the fix?



  • Edit: What was the fix?

    I made the changes suggested by HFS.

    They may go away on upgrade though, you're right about that.  :-[



  • You're right, there's a difference between full-install and embedded.

    On full-installs (several lanner devices e.g. 7535, 7568, etc. ) it looks like that:

    /boot/loader.conf:

    
    boot_multicons="YES"
    boot_serial="YES"
    comconsole_speed="115200"
    console="comconsole,vidconsole"
    
    

    /boot.config:

    
    -D
    
    

    On embedded installs (Alix with 9600,n,8,1) it looks like that:

    /boot/loader.conf:

    
    comconsole_speed="9600"
    
    

    /boot.config:

    
    -h
    
    

    The embedded install is based on the serial-console embedded .img file.

    Both embedded and full install survived several upgrades (from 2.0 to 2.0.x… to 2.1-RELEASE) without any further modifications regarding serial console.


  • Netgate Administrator

    Ah interesting.
    This is explained here: https://www.freebsd.org/doc/handbook/serialconsole-setup.html
    Specifically:

    The boot loader will determine whether the internal video or the serial port should become the console by examining the state of -h. This means that if -D is specified but -h is not specified in /boot.config, the serial port can be used as the console only during the boot block as the boot loader will use the internal video display as the console.

    It seems as though the Netgate box is setup for dual console (special image) and that somehow in restoring your old config file you ended up removing some part of that setup. Not sure how though.  :-\

    Steve