Zotac ZBOX CI323 nano
-
So why are people still buying this for pfSense when the realtek nics clearly has problems? I mean stable nics are like the most important thing here.
-
I think you misread my post – The realtek NICs in Zotac may have problems but do work out of the box for ETH LAN and WAN connectivity.
The Dell DW1707 is a wireless card based on Atheros QCA9565 / AR9565, which works fine in pfSense 2.3. This card is not being recognized by 2.4 so far. Not sure if this is my problem or a bug.
-
I am thinking of getting this box to replace my aging watchguard. Since this board has an m.2 slot, I'm wondering if anyone has tried to hook up an m.2 ssd?
-
I am thinking of getting this box to replace my aging watchguard. Since this board has an m.2 slot, I'm wondering if anyone has tried to hook up an m.2 ssd?
Well i have been having nothing but troubles with the realtek nics, see my post in general help.. under load they crash at random times.. no WAN IP.. have to reboot.
-
I wanted to relay my experience and findings in this thread. I am running pfSense on the Zotac ZBOX without issues. The nics are realtek, and I am not seeing any issues or unreliability and push them both well above 400mbps for extended periods.
That being said, I did go the route of installing ESX 6 and injecting the realtek driver into the image, etc. but that did not work out well at all. It worked, but the network throughput was very poor and there was no logical explanation for it. The switch ports showed a 1GB full duplex connection, ESX showed it was 1000mbps full, and pfSense reported the same, but throughput just wasn't there. I ran like this a while because the problem was not very impacting because I was on a 60mbps internet plan. I did notice issues on my internal net, like my HD video cameras were getting 2 to 5 frames per second – they are all hardwired, not wireless. .
But when I upgraded the internet plan to 200mbps, the issue was obvious and impacting. On average I got 75mbps, but it peaked to 130 and dropped to under 30 at times.
After de-virtualizing the pfSense by removing ESX, installing pfSense from the latest install image, and restored by configuration that I saved. Following that, I get 200mbps consistently and all my networked cameras are at 8-10 fps.
I did a lot of diagnostics and tinkering, trying to get the ESX 6 & pfSense combination to work, but came to the conclusion that there is a reason the N3150 and/or the realtek drivers are not certified by vmWare, and this is probably why.
-
I wanted to relay my experience and findings in this thread. I am running pfSense on the Zotac ZBOX without issues. The nics are realtek, and I am not seeing any issues or unreliability and push them both well above 400mbps for extended periods.
So did you disable hardware offloading? Am thinking of getting the CI323 as a router on a 500/500 fiber connection.
-
After a few weeks of trying to fix it i think i finally have my zotac box stable, no "watchdog timeout" and loss of WAN IP under heavy load in about 4 days. Longest run ever.
Need to test for a longer period of time for stability , but what i did was compile the latest realtek freeBSD drive (1.92) and load it on start up using kldload. Seems ok for now.
Before all this NOTHING was working stable. Always crashed on the WAN ip (watchdog timeout) no matter what interface it was assigned to (re0 - re1)
-
After a few weeks of trying to fix it i think i finally have my zotac box stable, no "watchdog timeout" and loss of WAN IP under heavy load in about 4 days. Longest run ever.
Hi Doboy,
Could you describe this issue more to me? I'm not sure i understand, how would one know if connection is dropping out? I haven't experienced anything like this. However i do experience a weird issue sometimes where network traffic would come to a halt for couple of seconds, the WAN doesn't seem to be dropping. I think this issue started appearing after i installed pfblocker and added some lists, i'm also running av scan on traffic through squid on 850 evo SSD. Without these packages i haven't had these issues.
Can you tell me how to check for this watchdog timeout dropout issue and how you compiled a new driver etc. Thanks.
-
Have you guys updated the BIOS yet?
https://www.zotac.com/us/files/download/by_product?p_nid=501278&driver_type=238&os=All
I don't understand the latest changes.
Can anyone try to to explain?
Version 2K161012
- Changed memory slot power (when AC Power attached)
- Fixed ME / TXE disabled (when Deep Sleep S5 enabled)
-
You would see the "watchdog timeout" error on your console for the pfsense, for me i got those repeated errors as well as a dropped WAN Interface ( no ip) only thing to bring it back was a hardware reboot.
Hard setting my WAN to 100Mbps(my WAN was 120Mbps) causes less errors but still happened almost daily if I pushed too much traffic through the WAN interface.
if you search " watchdog timeout" + zotac CI323 on google you will see plenty of threads on it.
So far I'm past 5 days with no errors since i compiled latest driver
Have you guys updated the BIOS yet?
https://www.zotac.com/us/files/download/by_product?p_nid=501278&driver_type=238&os=All
I don't understand the latest changes.
Can anyone try to to explain?
Version 2K161012
- Changed memory slot power (when AC Power attached)
- Fixed ME / TXE disabled (when Deep Sleep S5 enabled)
-
Yes I updated the BIOS no changes for me as far as performance or stability
Have you guys updated the BIOS yet?
https://www.zotac.com/us/files/download/by_product?p_nid=501278&driver_type=238&os=All
I don't understand the latest changes.
Can anyone try to to explain?
Version 2K161012
- Changed memory slot power (when AC Power attached)
- Fixed ME / TXE disabled (when Deep Sleep S5 enabled)
-
Thanks Doboy for making that clear.
I'm not having any problems like that. My WAN is only 10mbit not enough to push it hard. However i might be switching over to Docsis 3.0 cable which would put me just above 100mbit maybe then i will start experiencing same problems. Can you tell me how you compiled the new driver for it? Is there a guide for it? Thanks.
-
I compiled the driver using a VM with freeBSD 10.3 on it, then copied over the .ko file to the pfsense box and load it at startup in the the boot.loader
-
Is there any way you could post the compiled .ko file and explain the procedure for adding it to the boot? I have the same problem only on LAN (RE0) if I run our IP security cameras it overloads it, I have to disconnect them to keep the LAN running more then a few minutes.
Any assistance would be greatly appreciated!
-
Yeah sure soon as I get back home and have the PC up and running.
-
Yeah sure soon as I get back home and have the PC up and running.
Thank you, that would be awesome! So I assume you got it working as well?
-
Just ordered one of these with 4GB Crucial RAM and a Sandisk 120GB SSD. Should get it all Sunday
-
For anyone interested I stumbled across some of DoBoY's experience figuring some of this out while Googling: https://forums.freebsd.org/threads/55861/
-
Hey sorry, just got my main desktop up and running. I had some trouble after draining my watercooling loop, had to go out and buy a new block. then my pumps reservour cracked. etc.. lol
1. Install Kernel FreeBSD 10.3 with kernel sources.
1. Get kernel driver 1.91 from realtek site. You don't need the patch for driver, only if you're using FreeBSD 11+
2. Modify /usr/src/sys/amd64/conf/GENERIC and delete line "device re" - so if_re no longer be included in kernel itself - module will be build anyway.
3. Edit /boot/loader.conf adding line if_re_load="YES", so external module will be loaded.
4. Go to /usr/src and run "make buildkernel KERNCONF=GENERIC && make installkernel KERNCONF=GENERIC"
5. Reboot with new kernel. System should boot with open-source driver as module. kldstat will show if_re in list of modules.
6. Put Realtek's if_re.c and if_rereg.h into /usr/src/sys/dev/re
7. Build driver (cd /usr/src/sys/modules/re && make clean && make)
8. Backup /boot/kernel/if_re.ko, then cp /usr/src/sys/modules/re/if_re.ko /boot/kernel/if_re.ko && chmod 0555 /boot/kernel/if_re.ko && chown root:wheel /boot/kernel/if_re.ko
9. RebootNow i wasn't sure how to upload files to internet using lynx or fetch so i installed xorg server and kde on vm FreeBSD. This took a while and i had some issues with timeouts etc.
Basicly i uploaded new compiled if_re.ko to some small file hosting sites, used a tinyurl to shorten it with direct linkSSH into pfSense and used fetch to download it into /boot/kernel/
chmod 0555 /boot/kernel/if_re.ko && chown root:wheel /boot/kernel/if_re.koedit /boot/loader.conf in pfSense. Can do through web browser or through ssh client with vi
add line if_re_load="YES"That should be it. Reboot and your 1.92 should be loaded. If you want to unload it just put # infront of if_re_load="YES" in /boot/loader.conf
If you're having issues compiling or uploading to web/usb stick i will be happy to upload it for you or send you somehow a already compiled one -
Just got mine all up and running. I must say, I am truly impressed with pfSense. This was my first build with pfSense and it's by far the best firewall I've used. I'm not using snort/squid or anything (yet), but I'm connected to VPN and getting ~90-100Mb. I usually get ~180Mb not on VPN, so I'm very happy with that given the cost of this box with a SSD/RAM is around ~$250. It took me a little bit to learn the GUI (which is very intuitive I must say) and figure out my firewall rules to force all traffic (except one device my wife uses for Hulu because Hulu doesn't allow connections on VPN) through the VPN, but it's all configured and working properly now.