Installation on a watchguard x750e with 80Gb HDD
-
Hi all,
I've read about 200 topics on how to install the full version on a x750e with HDD and i've combined everything and succeeded with trail and error.
Now I would like to share my 2 cents, for those who are looking for info to do the same thing, installing the full 2.1.5 version on a HDD in a x750e watchguard.
Now i first experimented wih the nano version, but is was obvious that the nano version is good if you only use the firewall functions.
But i wanted more, like HAVP, squid, snort, etc…So i looked into the full HDD installs.
After many failed attempts through VMware installs, usb installs, live cd installs, ova flash,... I tried the following.I found an adapter to connect the HDD to the watchguard in an old HP NX9005 laptop (for those who have some old stuff laying around ;) )
I used a WD800BEVE, with the jumper on slave setting, and it works perfectly.then i flashed a 4gb CF with the full usb serial install.
Switched the bios options in the WG for the CF like you normally would
- Manual
- CHS
- 2
And left the bios settings for the 80Gb HDD on auto ( it detected perfectly)
Then i booted in to the installer with the option 7 (command line) and used these 2 lines.
- set hw.ata.ata_dma="0"
- set kern.cam.boot_delay="10000"
and then - boot
So for the record, the CF was in the slot of the watchguard and i booted the installer completely in the watchguard.
Then when the installer was ready i used the 'i' command to begin the install.
This was pretty much self explanatory, I used the manual install and selected the HD.After the install I changed the bios settings for the CF back to auto and selected the HD as first boot device.
When pfSense was booting i selected again the option 7 and gave the command:- set hw.ata.ata_dma="0"
It booted perfectly, I didn't need to alter the mount points or anything, because the HD was mounted as ad1
All you need to do now is put this line in the loader.conf.local file
- hw.ata.ata_dma="0"
and you're set !!
I'm pretty confident this can be done with any HDD.
Thanks to everybody who has done the same, i've learned a lot !!! :D :D
P.S. I also put the default CF in, because it doesn't matter what you put into the CF slot as long as its populated, the WG will boot.
The picture shows my Uber-mounting of the HDD ;D
-
If you use the version 8.1 modified bios you'll find it can boot a lot more things directly. You may not need to keep the CF card in which case you can enable DMA on the HD which should speed things up a lot. See:
https://forum.pfsense.org/index.php?topic=20095.msg410276#msg410276Steve
-
stephenw10 Thx !
I was looking for a newer bios, because the one i have is B7.
Didn't know the XEBios_xx file was usable for the x750e.Are there any settings i should avoid or definitely use ?
I don't want to brick the whole thing, it finally works now :D
P.S. can a mod move this to the Hardware section please ? -
I'll start by saying that flashing the bios is inherently risky etc….. ;) So you may choose to just stick with what you're running.
As well as booting far more things the B8 BIOS has a working (to some extent) ACPI table so you get the CPU temperature on the dashboard.The B8 BIOS is not shown in the docs because it was an experiment at first. Many people have installed it now though with no issues reported.
If you're running 2.1.5 you can flash the bios using flashrom from within pfSense. This got more complex in 2.2 because the ngpkg system is far less co-operative! You can use the FreeDOS image on a CF card and flash it from there exactly as you did the B7 bios. If you use flashrom you may have to reset the CMOS afterwards using the jumper as I don't think it can be done from the command line like you can with awdflash.Steve
-
Yes I know, bios flashing is always risky…
About the ACPI table, i'm also getting the temperature read out with the B7 bios.
Or are these not the right values ?
 -
That looks about right for the original Celeron CPU. Odd I've never managed to enable ACPI in the earlier BIOS versions without bad things happening. Thinking about it though I may never have tried it with the original CPU.
Do you have 'None/ACPI' selected for the thermal sensor in System: Advanced: Miscellaneous:?Steve
-
Do you have 'None/ACPI' selected for the thermal sensor in System: Advanced: Miscellaneous:?
Steve
Yes i have none/acpi in pfSense
-
I was searching if there is a script or program, that makes it possible to reboot the firewall with the front buttons.
Probably making use of LCDproc.Or restart the webgui and some other cool stuff :)
If someone has experience with the LCDproc package and can point me in the right direction, would be great ! 8)
-
Ceama posted a script that does things like a while ago in the x550e thread. It uses the lcdexec command.
https://forum.pfsense.org/index.php?topic=20095.msg291392#msg291392
I've never tried it myself. It might require some modifying.
Steve
-
nice, thx !!
-
After upgrading to 2.2 I get this message when booting…
cpu0 on motherboard
est0: <enhanced speedstep="" frequency="" control="">on cpu0
est: CPU supports Enhanced Speedstep, but is not recognized.
est: cpu_vendor GenuineIntel, msr 6120f2906000f29
device_attach: est0 attach returned 6
p4tcc0: <cpu frequency="" thermal="" control="">on cpu0
pmtimer0 on isa0Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0x0
fault code = supervisor read, page not present
instruction pointer = 0x20:0xc0da8cf0
stack pointer = 0x28:0xc2420c28
frame pointer = 0x28:0xc2420c34
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 0 (swapper)
[ thread pid 0 tid 100000 ]
Stopped at strncmp+0x20: movzbl 0(%esi),%ebxAnybody got a clue where to start ?</cpu></enhanced>
-
nervermind… got it.
set vfs.root.mountfrom=ufs:/dev/ad0s1a
(because I changed my HD from slave to master)set hw.ata.ata_dma="1"
(because I flashed the V8 bios)@ Stephen
I also put in a SL7SM, this thing flies like crazy now :) -
Hmm, interesting that that worked. That loader varible has been deprecated as far as I'm aware. The 2.2 Nano images are set to use DMA by default and you have to disable it if that's what you need. See:
https://doc.pfsense.org/index.php/UpgradeGuide#Disk_Driver_ChangesThose old Pentium-M CPUs are so cheap now, great upgrade. :)
Steve
-
yes i read that and also tried it, but no dice…
I kept getting the error.thx for the link on LCDproc problem.
Got it working again :)snort also needed some softlinks in order to get it up and running again.
I searched through my heap of laptops i got lying around, and found the SL7SM :)
-
Free is the best sort of upgrade. ;D
-
yep ;D
-
Hi TieT,
Add the following to your /boot/loader.conf.local file.
hint.ata.0.dev0.mode=PIO4Remove the line that reads:
hw.ata.ata_dma="0"You will then find your disks configured thus (see dmesg) which shows PIO on the CF (ada0) and DMA on the HDD (ada1).
ada0 at ata0 bus 0 scbus0 target 0 lun 0 ada0: <sandisk sdcfh-004g="" hdx="" 6.02="">CFA-0 device ada0: Serial Number ABZ042211193008 ada0: 16.700MB/s transfers (PIO4, PIO 512bytes) ada0: 3815MB (7813120 512 byte sectors: 16H 63S/T 7751C) ada0: Previously was known as ad0 ada1 at ata0 bus 0 scbus0 target 1 lun 0 ada1: <st9402115a 3.01="">ATA-6 device ada1: Serial Number 5PV09ZED ada1: 100.000MB/s transfers (UDMA5, PIO 8192bytes) ada1: 38154MB (78140160 512 byte sectors: 16H 63S/T 16383C) ada1: Previously was known as ad1</st9402115a></sandisk>I'm now getting the performance I need for my disk used for logs and caching under 2.2.
$ diskinfo -tv /dev/ad1 /dev/ad1 512 # sectorsize 40007761920 # mediasize in bytes (37G) 78140160 # mediasize in sectors 0 # stripesize 0 # stripeoffset 77520 # Cylinders according to firmware. 16 # Heads according to firmware. 63 # Sectors according to firmware. 5PV09ZED # Disk ident. Seek times: Full stroke: 250 iter in 7.926598 sec = 31.706 msec Half stroke: 250 iter in 6.203416 sec = 24.814 msec Quarter stroke: 500 iter in 9.877891 sec = 19.756 msec Short forward: 400 iter in 3.476113 sec = 8.690 msec Short backward: 400 iter in 2.381591 sec = 5.954 msec Seq outer: 2048 iter in 0.197696 sec = 0.097 msec Seq inner: 2048 iter in 0.179296 sec = 0.088 msec Transfer rates: outside: 102400 kbytes in 3.135350 sec = 32660 kbytes/sec middle: 102400 kbytes in 3.745807 sec = 27337 kbytes/sec inside: 102400 kbytes in 5.382397 sec = 19025 kbytes/secSteve
-
Tie isn't booting from the CF card so it may not be necessary to disable DMA at all.
-
I see he's updated his BIOS. Missed that.
Steve
-
Yeah, seems slightly odd that he needed to do anything. :-\
-
I get these numbers:
[2.2-RELEASE][admin@fw1.home]/root: diskinfo -tv ad0 ad0 512 # sectorsize 80026361856 # mediasize in bytes (75G) 156301488 # mediasize in sectors 0 # stripesize 0 # stripeoffset 155061 # Cylinders according to firmware. 16 # Heads according to firmware. 63 # Sectors according to firmware. WD-WXEX08TJ6328 # Disk ident. Seek times: Full stroke: 250 iter in 11.428668 sec = 45.715 msec Half stroke: 250 iter in 7.231832 sec = 28.927 msec Quarter stroke: 500 iter in 15.496462 sec = 30.993 msec Short forward: 400 iter in 5.091478 sec = 12.729 msec Short backward: 400 iter in 4.274550 sec = 10.686 msec Seq outer: 2048 iter in 0.328848 sec = 0.161 msec Seq inner: 2048 iter in 0.309770 sec = 0.151 msec Transfer rates: outside: 102400 kbytes in 3.423876 sec = 29908 kbytes/sec middle: 102400 kbytes in 4.502569 sec = 22743 kbytes/sec inside: 102400 kbytes in 4.267557 sec = 23995 kbytes/secBut I will test it again today and post back the results, maybe i overlooked something.
-
You guys where right, the line doesn't do anything and my system booted perfect when i removed it.
hw.ata.ata_dma="1"I think it was a layer 8 problem… trying to do too much at the same time :)
these are my results now
ata0: DMA limited to UDMA33, controller found non-ATA66 cable ada0 at ata0 bus 0 scbus0 target 0 lun 0 ada0: <wdc wd800beve-00uyt0="" 01.04a01="">ATA-7 device ada0: Serial Number WD-WXEX08TJ6328 ada0: 33.300MB/s transfers (UDMA2, PIO 8192bytes) ada0: 76319MB (156301488 512 byte sectors: 16H 63S/T 16383C) ada0: Previously was known as ad0</wdc>[2.2-RELEASE][admin@fw1.home]/root: diskinfo -tv ad0 ad0 512 # sectorsize 80026361856 # mediasize in bytes (75G) 156301488 # mediasize in sectors 0 # stripesize 0 # stripeoffset 155061 # Cylinders according to firmware. 16 # Heads according to firmware. 63 # Sectors according to firmware. WD-WXEX08TJ6328 # Disk ident. Seek times: Full stroke: 250 iter in 10.765901 sec = 43.064 msec Half stroke: 250 iter in 8.400064 sec = 33.600 msec Quarter stroke: 500 iter in 15.856698 sec = 31.713 msec Short forward: 400 iter in 5.024369 sec = 12.561 msec Short backward: 400 iter in 5.086160 sec = 12.715 msec Seq outer: 2048 iter in 0.319964 sec = 0.156 msec Seq inner: 2048 iter in 0.329491 sec = 0.161 msec Transfer rates: outside: 102400 kbytes in 3.433698 sec = 29822 kbytes/sec middle: 102400 kbytes in 3.800647 sec = 26943 kbytes/sec inside: 102400 kbytes in 4.714269 sec = 21721 kbytes/secConclusion: need a faster disk ;D
-
Thanks for testing that. I was pretty sure but it's nice to know for certain. :)
Steve
