PfSense crashes with new NIC
-
Hey guys I am having some issues…
I have two pfSense machines -- an Optiplex 390 and Optiplex 790. Both run pfSense just fine in their standard configs.
I then inserted a quad port NIC into both of them: the Intel Pro 1000 PT. I have these both configured into a bridge serving as the LAN interface. The 790 handles this just fine, but the 390 locks up and crashes after a few minutes.
This is strange considering the machine has no issues running without the NIC, and I have RMA'd the first NIC and the same issues happen on the second one.
Any information would be more than appreciated. Thanks guys!!!
-
Tried to post the crash report but it was too long for this… here's round 2.
-
More digging into this shows that the machine locks up as soon as I throw any congestion at it – a simple speedof.me bandwidth test will cause it to fail.
-
No, it shouldn't crash but WTF are you bridging the NICs for?
I would update any firmware you can find and try again.
-
I have the quad port NIC bridged together to become my single LAN interface. The onboard ethernet port is my WAN port.
-
Delete the bridge and see if it still blows up using em0.
What a complete waste of good router ports. An empty router interface is better than a bridge.
Get a switch.
I'm by no means an expert in crash dumps but it looks like it's bombing in re0 (what a surprise)
If it still crashes assign WAN and LAN to em0 and em1 and test again.
-
Alright then please tell me the proper way to utilize my quad port switch as a lan. I already have a switch and it is full. Also this config works just fine on my other box.
Deleted the bridge, deleted the lan group, set a single port as my LAN interface, deleted ALL other interfaces besides WAN and LAN, and ran a speed test. Couldn't even complete it. Still died.
-
Saw your note on what to do next and that seems to be working… so thank you. My new question is why does putting the WAN and LAN on the same NIC provide stability?
EDIT: still broken. nevermind. Back to square 1 except I was able to get through two speedtests and failed on the third instead of the first one.
-
Alright then please tell me the proper way to utilize my quad port switch as a lan. I already have a switch and it is full. Also this config works just fine on my other box.
It's not a switch.
Sounds like there's something wrong with that computer. Someone else will have to chime in regarding the crash dump.
-
You are correct, it is a NIC not a switch. My bad haha
-
alrighty continuing update: plugged the NIC into my desktop and it works no problems so can't fault the hardware at least. Tried to run this on the optiplex 790 alongside the other Pro 1000 PT but just had a bunch of issues.. next step will be to reinstall pfSense on the 390 and try again with the hardware installed during reflash.
and I realize that pfSense doesn't make a great switch, but on a small home network it has proven to be more than up to the task (small being 10-15 devices). This is why I am using the LAN card in bridge mode. For continuity's sake I have the NIC installed and bridged together for the lan, then plugged into the NIC I have my main desktop and an 8 port unmanaged switch, with an AP attached to that. This is what I would like to have on the 390 anyway (its a friend's machine.. can get into that story later).
I know it is more than up to the task because the 790 with the same nic and LAN setup has a PS4, a Macbook Air, my desktop, and an AC2400 running on it (with DHCP turned off) and it can manage the DCHP for all of the devices and still deliver great internet to all.
I just have no clue why the 390 is throwing a fit at the NIC.
Also, to comment on your earlier post: re0 was a secondary WAN in, which has its settings manually forced to be down. em0-em4 were the NIC, and ue0 was my default WAN in that was up. so I have no idea why you said that re0 being the problem was no surprise.
Also, I am obviously not a network admin or any sort of expert at all at this, so I do not mean any of this as scoffing at your advice, I just would like a little clarification on what you've said. Anything would be much appreciated.
-
I think you have broken hardware, meaning the computer itself. Something isn't right.
Bridging router interfaces is gay no matter what the size of the network. 5-port Gig-e switches are like $19 at frys. Get one.
-
1. Can you please tell me why bridging is bad if I am seeing no ill effects?
2. Can you please tell Fry's to build a location in N.W. Arkansas because I would love one. I've been to the Vegas Fry's and spent a few hours there.
3. Thank you for the actual bit of advice, I will see if I can confirm this
4. My friend already fully populates his 8 port Gig-e switch.
-
1. Can you please tell me why bridging is bad if I am seeing no ill effects?
2. Can you please tell Fry's to build a location in N.W. Arkansas because I would love one. I've been to the Vegas Fry's and spent a few hours there.
3. Thank you for the actual bit of advice, I will see if I can confirm this
4. My friend already fully populates his 8 port Gig-e switch.
Shall I hold your dick for you too? Fucking amazon dude.
http://www.amazon.com/TP-LINK-TL-SG105-Gigabit-Ethernet-Desktop/dp/B00A128S24/
$19 shipped with prime.
-
May I observe that this Trump guy is apparently not good for the discussion culture in the USA. Sorry for OT…
-
Trump is awesome.
You know what's really interesting about him?
Billionaire playboy since the 1980s.
Two divorces, Three wives.
And the democrats and republicans don't have any dirt on him.
Simply amazing.
-
…exactly what I apprehended...
You need no dirt to throw at this guy, he discharges the dirt by himself. But we are miles OT now ;-)
Old rule on forums: If you can't say something positive, simply say nothing...
-
Get used to the Donald. He'll be around a while longer.
I am so sick and tired of answering the same stupid questions and fixing the same cockamamie ideas around this place I am seriously considering stopping.
Bridge a four-port intel card because you don't want to buy a $20 switch that will perform the same task 1000 times better?
Insanity.
Then tell me I have to justify my position because "he's not having problems?"
As if I have time for that tripe.
And it's the same thing every day. Every fucking day.
We could try to write a FAQ but nobody would read it.
-
We survived Ronny R., but this time it will be even harder (I think Abel Archer would mean nothing to this blond dumb guy, hu? I lived for some years close to where his ancestors came from in Germany. Not the smartest part up there, although good wine! And lots of inbreed to keep the wineyards together within the family :-D )
The problem with the FAQ: People don't SEE WHERE the problem comes from, so they don't ask the right questions. So no way to find the right answer.
Take a break if you can't stand it any more, but come back later. I think Doc retired, too…
-
I noticed a couple days ago dok was gone. Been since about Christmas I think.
-
Alright look my responses haven't been great but I'm here to learn about this stuff. So I'm sorry if I stepped on your high and mighty toes. You ran with the one sarcastic comment on my last post and that didn't get us anywhere. A simple explanation of why bridging is such a bad idea would benefit me and everyone else reading this. Sorry for being such an inconvenience to you. Or if you don't have time to repeat yourself save us both some time, find a forum post that would cover this, post the link, and yell at me for not searching hard enough.
-
…or YOU learn how to use the search function of the forum ;-)
It really comes up every second day, don't use the internal NICs of your pfSense in bridged mode as a switch. It usually results in problems. Save the money and buy cheap switches. Or use the NICs to segregate your network (Wifi, noisy stuff, like Apple and M$, family, home office, whatever).
Although these Cisco, Linksys, Asus plastic boxes usually are configured that way, avoid it with your pfSense box.
-
thank you. Yes I will take that criticism at this point.
-
Although these Cisco, Linksys, Asus plastic boxes usually are configured that way, avoid it with your pfSense box.
They actually have built in hardware switches.
Your PC doesn't.
A quad card might LOOK like a switch but it ISN'T a switch. No ASICs, etc.
-
I correct me, we have the same discussion now at least daily
https://forum.pfsense.org/index.php?topic=107455.msg598534#msg598534
:-D
btw. I heard the Donald looked like an idiot last night, no clue what to do with health care or whatever. Maybe he REALLY is clueless when it comes to real politics?
-
Or maybe the federal government shouldn't be involved in such socialist schemes and what the federal government really needs is a CEO who knows how to be one.
-
No, a state doesn't need a CEO, cause it can't fire its citizens. It needs someone to lead a modern society, internally and externally. Donald is a clown for some freak show, but he can't rule a country with atomic weapons. I have more trust in Iran then in this guy… ;-) end of discussion
-
I do not need a CEO. The federal government employees do.
-
thank you. Yes I will take that criticism at this point.
In normal we all awaiting constructive criticism, and we are all not really pleased about, if we
are only hearing some monotheistic repeating refrains like "don´t do that and don´t use this"
for sure I will consider to that point. But on the other way I must also really consider to the
standpoint of all other peoples, that "bridging ports" is only a use case for very experienced
network admins that knows to 100% when and where bridging must be done or is needed.
So in shorter words for all others of us, routing should the right way to be gone.As a golden rules for networking, you cold remind of this:
Route if you can and bridge only if you must.btw. I heard the Donald looked like an idiot last night, no clue what to do with health care or whatever. Maybe he REALLY is clueless when it comes to real politics?
Our Donald was tumbling down in earlier years to the deepest bottom, and rising again from their to the
highest top now, it is a hard way and really steep journey! So I really think he is a good guy and means it
in the right direction for his country, but sometimes also that he is not able to transport it to the masses as
he is meaning it really.
