4. TippingPoint X506 Hardware

TippingPoint X506 Hardware

  • S

    Posting some pictures of the inside of a TippingPoint.  I removed the heatsinks and applied new thermal paste.  The old paste was dried up.  Now to see if it will boot.

    0
  • Netgate Administrator

    A number of interesting looking chips there.  :)
    No idividual NICs by the looks of it so possibly a switch chip or an ASIC (more of a problem).

    Edit: The claimed performance looks to be in line with just using the Celeron raw though.

    What are the Broadcom and Nat. Semi. chips opposite the miniPCI slot?

    Steve

    0
  • S

    @stephenw10:

    What the Broadcom and Nat. Semi. chips opposite the miniPCI slot?

    Steve

    Ill snap closeups for you.  Check back in a few.

    0
  • S

    0
  • Netgate Administrator

    Ah, OK.
    The National Semiconductor chip apperas to be a NIC. The DP83816 should be supported by the FreeBSD sis(4) driver.

    The Broadcom bcm5812kfb is a crypto accelerator chip. Possibly supported by the ubsec(4) driver? (it's not specifically mentioned). It's not necessary to run but would be nice.

    Be interesting to know what's under the other heatsink but you can read it from the logs easily enough.

    The other intersting thing is the BIOS rom, possibly the chip next to the smsc superio chip labelled 'General' something. Not a standard bios which is probably not a good sign.
    Edit: Looks like it's a 'General Software' embedded bios which were quite popular and there is a lot of info available so maybe all is not lost.  :)

    Does it boot a CF card with a Nano image on it? It wouldn't surprise me to find it only boots signed images.  :-\

    Steve

    0
  • Netgate Administrator

    Looks like the Watchguard V60 box had a General Software BIOS, though probably an earlier version. On that box you could access the bios using Ctl-C via the serial console.

    https://forum.pfsense.org/index.php?topic=67300.0

    Steve

    0
  • S
     

    Booting [/boot/kernel/kernel]...
Copyright (c) 1992-2012 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 8.3-RELEASE-p11 #0: Wed Sep 11 18:43:07 EDT 2013
    root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_wrap.8.i386 i386
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Celeron(R) M processor         1.50GHz (1497.45-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0x6d8  Family = 6  Model = d  Stepping = 8
  Features=0xafe9f9ff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,tm,pbe>AMD Features=0x100000 <nx>real memory  = 1065353216 (1016 MB)
avail memory = 1019756544 (972 MB)
ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_bss_fw, 0xc07330f0, 0) error 1
ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc0733190, 0) error 1
ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc0733230, 0) error 1
wlan: mac acl policy registered
ACPI Error: A valid RSDP was not found (20101013/tbxfroot-309)
ACPI: Table initialisation failed: AE_NOT_FOUND
ACPI: Try disabling either ACPI or apic support.
cryptosoft0: <software crypto="">on motherboard
padlock0: No ACE support.
pcib0: <host to="" pci="" bridge="">pcibus 0 on motherboard
pci0: <pci bus="">on pcib0
pci0: <base peripheral=""> at device 0.1 (no driver attached)
pci0: <base peripheral=""> at device 0.3 (no driver attached)
vgapci0: <vga-compatible display="">port 0xf800-0xf807 mem 0x80000000-0x87ffffff,0xc0000000-0xc007ffff irq 11 at device 2.0 on pci0
uhci0: <intel 82801db="" (ich4)="" usb="" controller="" usb-a="">port 0xf400-0xf41f irq 11 at device 29.0 on pci0
uhci0: [ITHREAD]
usbus0: <intel 82801db="" (ich4)="" usb="" controller="" usb-a="">on uhci0
uhci1: <intel 82801db="" (ich4)="" usb="" controller="" usb-b="">port 0xf000-0xf01f irq 10 at device 29.1 on pci0
uhci1: [ITHREAD]
usbus1: <intel 82801db="" (ich4)="" usb="" controller="" usb-b="">on uhci1
uhci2: <intel 82801db="" (ich4)="" usb="" controller="" usb-c="">port 0xec00-0xec1f irq 9 at device 29.2 on pci0
uhci2: [ITHREAD]
usbus2: <intel 82801db="" (ich4)="" usb="" controller="" usb-c="">on uhci2
ehci0: <intel 82801db="" l="" m="" (ich4)="" usb="" 2.0="" controller="">mem 0xc0080000-0xc00803ff irq 7 at device 29.7 on pci0
ehci0: [ITHREAD]
usbus3: EHCI version 1.0
usbus3: <intel 82801db="" l="" m="" (ich4)="" usb="" 2.0="" controller="">on ehci0
pcib1: <pci-pci bridge="">at device 30.0 on pci0
pci1: <pci bus="">on pcib1
sis0: <natsemi 10="" dp8381[56]="" 100basetx="">port 0xcc00-0xccff mem 0xc0100000-0xc0100fff irq 11 at device 1.0 on pci1
sis0: Silicon Revision: DP83816A
miibus0: <mii bus="">on sis0
nsphyter0: <dp83815 10="" 100="" media="" interface="">PHY 0 on miibus0
nsphyter0:  none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
sis0: [ITHREAD]
ubsec0 mem 0xc0110000-0xc011ffff irq 10 at device 2.0 on pci1
ubsec0: [ITHREAD]
ubsec0: Broadcom 5823
isab0: <pci-isa bridge="">at device 31.0 on pci0
isa0: <isa bus="">on isab0
atapci0: <intel ich4="" udma100="" controller="">port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xd800-0xd80f mem 0xc0080400-0xc00807ff irq 9 at device 31.1 on pci0
ata0: <ata channel="">at channel 0 on atapci0
ata0: [ITHREAD]
ata1: <ata channel="">at channel 1 on atapci0
ata1: [ITHREAD]
pci0: <serial bus,="" smbus="">at device 31.3 (no driver attached)
cpu0 on motherboard
atrtc0: <at real="" time="" clock="">at port 0x70 irq 8 on isa0
ppc0: <parallel port="">at port 0x378-0x37f irq 7 on isa0
ppc0: Generic chipset (EPP/NIBBLE) in COMPATIBLE mode
ppc0: [ITHREAD]
ppbus0: <parallel port="" bus="">on ppc0
ppi0: <parallel i="" o="">on ppbus0
uart0: <16550 or compatible> at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
uart0: [FILTER]
uart0: console (9600,n,8,1)
uart1: <16550 or compatible> at port 0x2f8-0x2ff irq 3 on isa0
uart1: [FILTER]
Timecounter "TSC" frequency 1497449541 Hz quality 800
Timecounters tick every 10.000 msec
IPsec: Initialized Security Association Processing.
usbus0: 12Mbps Full Speed USB v1.0
usbus1: 12Mbps Full Speed USB v1.0
ugen0.1: <intel>at usbus0
uhub0: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus0
ugen1.1: <intel>at usbus1
uhub1: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus1
usbus2: 12Mbps Full Speed USB v1.0
usbus3: 480Mbps High Speed USB v2.0
ugen2.1: <intel>at usbus2
uhub2: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus2
ugen3.1: <intel>at usbus3
uhub3: <intel 1="" 9="" ehci="" root="" hub,="" class="" 0,="" rev="" 2.00="" 1.00,="" addr="">on usbus3
uhub0: 2 ports with 2 removable, self powered
uhub1: 2 ports with 2 removable, self powered
uhub2: 2 ports with 2 removable, self powered
ad0: 3906MB <hms360404d5cf00 dn4eca2a="">at ata0-master UDMA33
uhub3: 6 ports with 6 removable, self powered
Trying to mount root from ufs:/dev/ad2s1a
ROOT MOUNT ERROR:
If you have invalid mount options, reboot, and first try the following from
the loader prompt:

     set vfs.root.mountfrom.options=rw

and then remove invalid mount options from /etc/fstab.

Loader variables:
vfs.root.mountfrom=ufs:/dev/ad2s1a
vfs.root.mountfrom.options=rw

Manual root filesystem specification:
  <fstype>:<device>Mount <device>using filesystem <fstype>eg. ufs:/dev/da0s1a
                       eg. cd9660:/dev/acd0
                       This is equivalent to: mount -t cd9660 /dev/acd0 /

  ?                  List valid disk boot devices
  <empty line="">Abort manual input

mountroot>
ø\
panic: Root mount failed, startup aborted.
cpuid = 0
Uptime: 45s
Cannot dump. Device not defined or unavailable.
Automatic reboot in 15 seconds - press a key on the console to abort
Rebooting...</empty></fstype></device></device></fstype></hms360404d5cf00></intel></intel></intel></intel></intel></intel></intel></intel></parallel></parallel></parallel></at></serial></ata></ata></intel></isa></pci-isa></dp83815></mii></natsemi></pci></pci-pci></intel></intel></intel></intel></intel></intel></intel></intel></vga-compatible></pci></host></software></nx></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,tm,pbe>
    0
  • S

    @stephenw10:

    On that bios you could access the bios using Ctl-C via the serial console.

    Steve

    
                 +---------------------------------------------+
                 |              Enter password:                |
                 +---------------------------------------------+
    0
  • Netgate Administrator

    Awesome! Shame the bios is locked but never mind if it boot's OK. Could always try extracting the bios and looking for likely passwords later.

    Is that booting the standard NanoBSD image? Strange that it's looking for root on ad2.  :-
    Edit: Or is it a standard install with embedded kernel?

    Anyway it's actually ad0, the primary master, so at the mount root prompt enter:

    ufs:/dev/ad0s1a

    It should then boot.

    I only see one NIC detected, sis0. I wonder how it's connected to the others ports? VLANs via a switch chip perhaps, SOHO router style.

    ubsec is loaded, nice.

    Steve

    0
  • S

    I pulled a 4gig microdrive from another system that has a full install on it.

    mountroot> ufs:/dev/ad0s1a
Trying to mount root from ufs:/dev/ad0s1a
WARNING: / was not properly dismounted
Configuring crash dumps...
No suitable dump device was found.
Mounting filesystems...
ZFS NOTICE: Prefetch is disabled by default on i386 -- to enable,
            add "vfs.zfs.prefetch_disable=0" to /boot/loader.conf.
ZFS WARNING: Recommended minimum kmem_size is 512MB; expect unstable behavior.
             Consider tuning vm.kmem_size and vm.kmem_size_max
             in /boot/loader.conf.
ZFS filesystem version 5
ZFS storage pool version 28
mount: /dev/ad0s1a R/W mount of / denied. Filesystem is not clean - run fsck.: Operation not permitted
** /dev/ad0s1a
** Last Mounted on /
** Root file system
** Phase 1 - Check Blocks and Sizes
INCORRECT BLOCK COUNT I=188460 (4 should be 0)
CORRECT? yes

** Phase 2 - Check Pathnames
** Phase 3 - Check Connectivity
** Phase 4 - Check Reference Counts
UNREF FILE I=188422  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188423  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188424  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188425  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188426  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188442  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188443  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188444  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188445  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188446  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188447  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188448  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188449  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188450  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE I=188451  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 13 23:48 2014
CLEAR? yes

UNREF FILE  I=188544  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 19 19:05 2014
RECONNECT? yes

NO lost+found DIRECTORY
CREATE? yes

UNREF FILE  I=188545  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 19 19:05 2014
RECONNECT? yes

UNREF FILE  I=188546  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 19 19:05 2014
RECONNECT? yes

UNREF FILE  I=188547  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 19 19:05 2014
RECONNECT? yes

UNREF FILE  I=188548  OWNER=root MODE=100644
SIZE=0 MTIME=Feb 19 19:05 2014
RECONNECT? yes

LINK COUNT FILE I=235668  OWNER=dhcpd MODE=100644
SIZE=673 MTIME=Feb 15 22:33 2014  COUNT 2 SHOULD BE 1
ADJUST? yes

** Phase 5 - Check Cyl groups
FREE BLK COUNT(S) WRONG IN SUPERBLK
SALVAGE? yes

SUMMARY INFORMATION BAD
SALVAGE? yes

BLK(S) MISSING IN BIT MAPS
SALVAGE? yes

6209 files, 95092 used, 1333071 free (159 frags, 166614 blocks, 0.0% fragmentation)

***** FILE SYSTEM MARKED CLEAN *****

***** FILE SYSTEM WAS MODIFIED *****
Disabling APM on /dev/ad0

     ___
 ___/ f \
/ p \___/ Sense
\___/   \
    \___/

Welcome to pfSense 2.1-RELEASE  ...

Dump device does not exist.  Savecore not run.
Creating symlinks......done.
External config loader 1.0 is now starting... ad0s1b
Launching the init system... done.
Initializing............................. done.
Starting device manager (devd)...done.
Loading configuration......done.
Warning: Configuration references interfaces that do not exist: rl0 rl3

Network interface mismatch -- Running interface assignment option.
sis0: link state changed to DOWN

Valid interfaces are:

sis0  ff:ff:ff:ff:ff:ff   (up) NatSemi DP8381[56] 10/100BaseTX

Do you want to set up VLANs first?

If you are not going to use VLANs, or only for optional interfaces, you should
say no here and use the webConfigurator to configure VLANs later, if required.

Do you want to set up VLANs now [y|n]?
    0
  • S

    The box isnt showing me any love when I put the pfSense-2.1-RELEASE-512mb-i386-nanobsd.img.gz image on a Transcend 4gig ultra cf card.

    Like literally no output on the serial, both 9600 and 115200.

    0
  • S

    After writing the pfSense-memstick-serial-2.1-RELEASE-i386.img.gz image to a usb stick and trying to boot from it, I got the following:

    TippingPoint OS, MFG version
BSP: [t10 1.2] Bootloader: [15]
Creation date: Jun  2 2006, 10:24:47

Press any key to stop auto-boot...
 0
auto-booting...

boot device          : ata=0,0
unit number          : 0
processor number     : 0
host name            : NDS
file name            : auto
flags (f)            : 0x0

Could not initialize ATA.

Error loading file: errno = 0x0.
Can't load boot file!!
    0
  • Netgate Administrator

    Hmm, OK.
    What baud rate do you see the locked BIOS at?

    Maybe it just can't boot that card for some reason.
    No booting from USB either. That's not surprising it would be big security risk if you could just plug in your own compromised OS and reboot the box without even opening it.

    Can you try setting up the NICs with the microdrive?
    First you need to find out if you can actually get any networkaccess at all. I aimagine it might be VLANs to whatever the chip under the heatsink is but they may require setting up via some out of band service like i2c which would be bad.

    Steve

    0
  • S

    @stephenw10:

    Hmm, OK.
    What baud rate do you see the locked BIOS at?

    Steve

    I can see the TippingPoint OS prompt and bios password prompt at 115200.  When the microdrive is in, I have to close putty and reopen it at 9600 in order to see the full boot.

    0
  • Netgate Administrator

    Sometimes if you're running at 115200 the bootloader sees that as some random input when it gets to the F1 prompt and then waits for you to press return which you can't because your not actually connected.
    Try booting the CF card with putty at 9600 the whole time.
    Also if you've just changed the boot media you sometimes have to boot twice as the first boot halts with a message about hardware change. Only the case with some BIOSes and I wouldn't expect it on something designed for embedded but still…

    Steve

    0
  • S

    Interesting, it doesnt like my Transcend Compact Flash ULTRA 4GB Industrial.

    As soon as I imaged my microdrive with the pfSense-2.1-RELEASE-512mb-i386-nanobsd.img.gz image and popped it in, it booted right away.

    Here is a snippet from assigning vlan interfaces.

         ___
 ___/ f \
/ p \___/ Sense
\___/   \
    \___/

Welcome to pfSense 2.1-RELEASE  ...

Creating symlinks......done.
External config loader 1.0 is now starting... ad0s3
Launching the init system... done.
Initializing............................. done.
Starting device manager (devd)...done.
Loading configuration......done.

Default interfaces not found -- Running interface assignment option.
sis0: link state changed to DOWN

Valid interfaces are:

sis0  ff:ff:ff:ff:ff:ff   (up) NatSemi DP8381[56] 10/100BaseTX

Do you want to set up VLANs first?

If you are not going to use VLANs, or only for optional interfaces, you should
say no here and use the webConfigurator to configure VLANs later, if required.

Do you want to set up VLANs now [y|n]? y

VLAN Capable interfaces:

sis0    ff:ff:ff:ff:ff:ff   (up)

Enter the parent interface name for the new VLAN (or nothing if finished): sis0
Enter the VLAN tag (1-4094): 100

VLAN Capable interfaces:

sis0    ff:ff:ff:ff:ff:ff   (up)

Enter the parent interface name for the new VLAN (or nothing if finished): sis0
Enter the VLAN tag (1-4094): 200

VLAN Capable interfaces:

sis0    ff:ff:ff:ff:ff:ff   (up)

Enter the parent interface name for the new VLAN (or nothing if finished): sis0
Enter the VLAN tag (1-4094): 300

VLAN Capable interfaces:

sis0    ff:ff:ff:ff:ff:ff   (up)

Enter the parent interface name for the new VLAN (or nothing if finished):

VLAN interfaces:

sis0_vlan100    VLAN tag 100, parent interface sis0
sis0_vlan200    VLAN tag 200, parent interface sis0
sis0_vlan300    VLAN tag 300, parent interface sis0

*NOTE*  pfSense requires *AT LEAST* 1 assigned interface(s) to function.
        If you do not have *AT LEAST* 1 interfaces you CANNOT continue.

        If you do not have at least 1 *REAL* network interface card(s)
        or one interface with multiple VLANs then pfSense
        *WILL NOT* function correctly.

If you do not know the names of your interfaces, you may choose to use
auto-detection. In that case, disconnect all interfaces now before
hitting 'a' to initiate auto detection.

Enter the WAN interface name or 'a' for auto-detection: sis0_vlan100

Enter the LAN interface name or 'a' for auto-detection
NOTE: this enables full Firewalling/NAT mode.
(or nothing if finished): sis0_vlan200

Enter the Optional 1 interface name or 'a' for auto-detection
(or nothing if finished): sis0_vlan300

Enter the Optional 2 interface name or 'a' for auto-detection
(or nothing if finished):

The interfaces will be assigned as follows:

WAN  -> sis0_vlan100
LAN  -> sis0_vlan200
OPT1 -> sis0_vlan300

Do you want to proceed [y|n]?y

Writing configuration...done.
Updating configuration...done.
Cleaning backup cache...done.
Setting up extended sysctls...done.
Setting timezone...done.
Configuring loopback interface...done.
vlan0: changing name to 'sis0_vlan100'

Starting Securevlan1: changing name to 'sis0_vlan200'
 Shell Services.vlan2: changing name to 'sis0_vlan300'
..done.
Setting up polling defaults...done.
Setting up interfaces microcode...done.
Configuring loopback interface...done.
Creating wireless clone interfaces...done.
Configuring LAGG interfaces...done.
Configuring VLAN interfaces...done.
Configuring QinQ interfaces...done.
Configuring WAN interface...Generating new MAC address.done.
Configuring LAN interface...done.
Syncing OpenVPN settings...done.
Configuring firewall......done.
Starting PFLOG...done.
Setting up gateway monitors...done.
Synchronizing user settings...done.
Starting webConfigurator...done.
Configuring CRON...done.
Starting DNS forwarder...done.
Starting NTP time client...done.
Starting DHCP service...done.
Starting DHCPv6 service...done.
Configuring firewall......done.
Generating RRD graphs...done.
Starting syslog...done.
Starting CRON... done.
Bootup complete

FreeBSD/i386 (pfSense.localdomain) (console)

*** Welcome to pfSense 2.1-RELEASE-nanobsd (i386) on pfSense ***

 WAN (wan)       -> sis0_vlan100 ->
 LAN (lan)       -> sis0_vlan200 -> v4: 192.168.1.1/24
 OPT1 (opt1)     -> sis0_vlan300 ->

 0) Logout (SSH only)                  8) Shell
 1) Assign Interfaces                  9) pfTop
 2) Set interface(s) IP address       10) Filter Logs
 3) Reset webConfigurator password    11) Restart webConfigurator
 4) Reset to factory defaults         12) pfSense Developer Shell
 5) Reboot system                     13) Upgrade from console
 6) Halt system                       14) Disable Secure Shell (sshd)
 7) Ping host                         15) Restore recent configuration

Enter an option:
    0
  • S

    @stephenw10:

    Can you try setting up the NICs with the microdrive?
    First you need to find out if you can actually get any networkaccess at all. I aimagine it might be VLANs to whatever the chip under the heatsink is but they may require setting up via some out of band service like i2c which would be bad.

    Steve

    So even after assigning vlan's 100, 200, and 300 to the sis0 interface, no interfaces come alive when I plug in a CAT5 cable to each of the 6 jacks.

    0
  • S

    And here is our mystery chip under the heatsink.

    0
  • Netgate Administrator

    Ok so as suspected a switch IC. These are normally configured via spi in soho routers but usually (often) that's only neccessary if you need to change the default config.
    You can't just assign VLANs at random. Assign the sis interface directly. Run a packet capture on it. Whilst it's running send some traffic into external switch ports. Now look at the capture to see what vlans traffic arrived on. Of course you'll have to get the capture file off the box to analyse it, or do it the hard way.  ;)

    Steve

    0
  • S

    @stephenw10:

    You can't just assign VLANs at random. Assign the sis interface directly.

    Steve

    I need 2 interfaces before pfsense will proceed, do I assign one generic vlan as WAN and then assign the sis0 directly to LAN?  How would you do it?

    0
  • Netgate Administrator

    PfSense only requires 1 interface. But yes you could use one real interface and one VLAN interface.
    The other possibility is that the default config of the switch is no vlans at all, just like an unmanaged switch.

    Steve

    0
  • _

    I'm keeping an eye on this thread :)

    0
  • _

    I wonder if this has similar hardware :P
    http://www.ebay.ca/itm/HP-Tippingpoint-Core-Controller-48-Port-Gigabit-Switch-/321258224413?pt=US_Network_Switches&hash=item4acc7b7b1d

    0
  • Netgate Administrator

    Unlikely. You need some serious power for a 48 port gig switch. You're suggesting it might have an x86 backend? Maybe if it has any firewall or routing features. I doubt it though.

    Steve

    0
  • _

    @stephenw10:

    You're suggesting it might have an x86 backend?
    Steve

    Its a posibility…

    And that's what I'm after :)

    0
  • S

    @stephenw10:

    PfSense only requires 1 interface. But yes you could use one real interface and one VLAN interface.
    The other possibility is that the default config of the switch is no vlans at all, just like an unmanaged switch.

    Steve

    Ive now assigned sis0 as LAN and since it asked for WAN first, I just filled in a random vlan name.  However, nomatter what cable or port I plug into, none of the ports light up.  They dont recognize that a cat5 cable is plugged in.

    If it doesnt see that a cat5 cable is plugged in, how is a packet capture going to work?  Dont we first have to work through getting sis0 "UP"?

    0
  • Netgate Administrator

    Ah, well that makes things a lot more complex. If the default config of the switch is no config at all, everything off, then it needs to be configured before anything will work. Yes you need to see sis0 as UP before anything else.
    Where are you reading this though, at the console I assume. What do you see from 'ifconfig -a'? If it is vlans only at sis0 then an interface set to use no tags or vlan1 might show as down. What does is show for media and status?

    Steve

    0
  • S

    Im doing everything from the console at this point.

    Enter an option: 1

Valid interfaces are:

sis0  02:63:c0:d6:7b:7e   (up) NatSemi DP8381[56] 10/100BaseTX

Do you want to set up VLANs first?

If you are not going to use VLANs, or only for optional interfaces, you should
say no here and use the webConfigurator to configure VLANs later, if required.

Do you want to set up VLANs now [y|n]? y

WARNING: all existing VLANs will be cleared if you proceed!

Do you want to proceed [y|n]?y

VLAN Capable interfaces:

sis0    02:63:c0:d6:7b:7e   (up)

Enter the parent interface name for the new VLAN (or nothing if finished): sis0
Enter the VLAN tag (1-4094): 1

VLAN Capable interfaces:

sis0    02:63:c0:d6:7b:7e   (up)

Enter the parent interface name for the new VLAN (or nothing if finished):

VLAN interfaces:

sis0_vlan1      VLAN tag 1, parent interface sis0

*NOTE*  pfSense requires *AT LEAST* 1 assigned interface(s) to function.
        If you do not have *AT LEAST* 1 interfaces you CANNOT continue.

        If you do not have at least 1 *REAL* network interface card(s)
        or one interface with multiple VLANs then pfSense
        *WILL NOT* function correctly.

If you do not know the names of your interfaces, you may choose to use
auto-detection. In that case, disconnect all interfaces now before
hitting 'a' to initiate auto detection.

Enter the WAN interface name or 'a' for auto-detection: sis0_vlan1

Enter the LAN interface name or 'a' for auto-detection
NOTE: this enables full Firewalling/NAT mode.
(or nothing if finished): sis0

Enter the Optional 1 interface name or 'a' for auto-detection
(or nothing if finished):

The interfaces will be assigned as follows:

WAN  -> sis0_vlan1
LAN  -> sis0

Do you want to proceed [y|n]?y

Writing configuration...done.
One moment while we reload the settings... done!
*** Welcome to pfSense 2.1-RELEASE-nanobsd (i386) on pfSense ***

 WAN (wan)       -> sis0_vlan1 ->
 LAN (lan)       -> sis0       -> v4: 10.0.0.169/24

 0) Logout (SSH only)                  8) Shell
 1) Assign Interfaces                  9) pfTop
 2) Set interface(s) IP address       10) Filter Logs
 3) Reset webConfigurator password    11) Restart webConfigurator
 4) Reset to factory defaults         12) pfSense Developer Shell
 5) Reboot system                     13) Upgrade from console
 6) Halt system                       14) Enable Secure Shell (sshd)
 7) Ping host                         15) Restore recent configuration

Enter an option:


    [2.1-RELEASE][root@pfSense.localdomain]/root(1): ifconfig -a
sis0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=83808 <vlan_mtu,wol_ucast,wol_mcast,wol_magic,linkstate>ether 02:63:c0:d6:7b:7e
        inet6 fe80::7422:d7c0:c46:842%sis0 prefixlen 64 scopeid 0x1
        inet 10.0.0.169 netmask 0xffffff00 broadcast 10.0.0.255
        nd6 options=1 <performnud>media: Ethernet autoselect (none)
        status: no carrier
enc0: flags=0<> metric 0 mtu 1536
pfsync0: flags=0<> metric 0 mtu 1460
        syncpeer: 224.0.0.240 maxupd: 128 syncok: 1
pflog0: flags=100 <promisc>metric 0 mtu 33192
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
        options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
        nd6 options=3 <performnud,accept_rtadv>sis0_vlan100: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 02:63:c0:d6:7b:7e
        inet6 fe80::7422:d7c0:c46:842%sis0_vlan100 prefixlen 64 scopeid 0x6
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (none)
        status: no carrier
        vlan: 100 vlanpcp: 0 parent interface: sis0
sis0_vlan200: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 02:63:c0:d6:7b:7e
        inet6 fe80::7422:d7c0:c46:842%sis0_vlan200 prefixlen 64 scopeid 0x7
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (none)
        status: no carrier
        vlan: 200 vlanpcp: 0 parent interface: sis0
sis0_vlan300: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 02:63:c0:d6:7b:7e
        inet6 fe80::7422:d7c0:c46:842%sis0_vlan300 prefixlen 64 scopeid 0x8
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (none)
        status: no carrier
        vlan: 300 vlanpcp: 0 parent interface: sis0
sis0_vlan1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 02:63:c0:d6:7b:7e
        inet6 fe80::7422:d7c0:c46:842%sis0_vlan1 prefixlen 64 scopeid 0x9
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (none)
        status: no carrier
        vlan: 1 vlanpcp: 0 parent interface: sis0
[2.1-RELEASE][root@pfSense.localdomain]/root(2):</performnud,accept_rtadv></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></promisc></performnud></vlan_mtu,wol_ucast,wol_mcast,wol_magic,linkstate></up,broadcast,running,simplex,multicast>
    0
  • Netgate Administrator

    @Sifter:

    
sis0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=83808 <vlan_mtu,wol_ucast,wol_mcast,wol_magic,linkstate>ether 02:63:c0:d6:7b:7e
        inet6 fe80::7422:d7c0:c46:842%sis0 prefixlen 64 scopeid 0x1
        inet 10.0.0.169 netmask 0xffffff00 broadcast 10.0.0.255
        nd6 options=1 <performnud>media: Ethernet autoselect (none)
        status: no carrier</performnud></vlan_mtu,wol_ucast,wol_mcast,wol_magic,linkstate></up,broadcast,running,simplex,multicast>

    Hmm, well that doesn't look good. I would expect that sis0 is always connected to the switch. The switch may have autonegotiation disabled on that port. You could try setting sis0 to 100Mbps FD and see if shows carrier. Though even if auto was disabled it should still fall back to 10Mb HD if a connection is detected.  :-\

    You might be able to port (if someone else hasn't done it already some roboswitch code from, for example, OpenWRT.

    Steve

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy