PfSense crashes with new NIC

thejtshow

Hey guys I am having some issues…

I have two pfSense machines -- an Optiplex 390 and Optiplex 790. Both run pfSense just fine in their standard configs.

I then inserted a quad port NIC into both of them: the Intel Pro 1000 PT. I have these both configured into a bridge serving as the LAN interface. The 790 handles this just fine, but the 390 locks up and crashes after a few minutes.

This is strange considering the machine has no issues running without the NIC, and I have RMA'd the first NIC and the same issues happen on the second one.

Any information would be more than appreciated. Thanks guys!!!

thejtshow

Tried to post the crash report but it was too long for this… here's round 2.

pfsensecrashreport.txt

thejtshow

More digging into this shows that the machine locks up as soon as I throw any congestion at it – a simple speedof.me bandwidth test will cause it to fail.

Derelict

No, it shouldn't crash but WTF are you bridging the NICs for?

I would update any firmware you can find and try again.

thejtshow

I have the quad port NIC bridged together to become my single LAN interface. The onboard ethernet port is my WAN port.

Derelict

Delete the bridge and see if it still blows up using em0.

What a complete waste of good router ports. An empty router interface is better than a bridge.

Get a switch.

I'm by no means an expert in crash dumps but it looks like it's bombing in re0 (what a surprise)

If it still crashes assign WAN and LAN to em0 and em1 and test again.

thejtshow

Alright then please tell me the proper way to utilize my quad port switch as a lan. I already have a switch and it is full. Also this config works just fine on my other box.

Deleted the bridge, deleted the lan group, set a single port as my LAN interface, deleted ALL other interfaces besides WAN and LAN, and ran a speed test. Couldn't even complete it. Still died.

thejtshow

Saw your note on what to do next and that seems to be working… so thank you. My new question is why does putting the WAN and LAN on the same NIC provide stability?

EDIT: still broken. nevermind. Back to square 1 except I was able to get through two speedtests and failed on the third instead of the first one.

Derelict

@thejtshow:

Alright then please tell me the proper way to utilize my quad port switch as a lan. I already have a switch and it is full. Also this config works just fine on my other box.

It's not a switch.

Sounds like there's something wrong with that computer. Someone else will have to chime in regarding the crash dump.

thejtshow

You are correct, it is a NIC not a switch. My bad haha

thejtshow

alrighty continuing update: plugged the NIC into my desktop and it works no problems so can't fault the hardware at least. Tried to run this on the optiplex 790 alongside the other Pro 1000 PT but just had a bunch of issues.. next step will be to reinstall pfSense on the 390 and try again with the hardware installed during reflash.

and I realize that pfSense doesn't make a great switch, but on a small home network it has proven to be more than up to the task (small being 10-15 devices). This is why I am using the LAN card in bridge mode. For continuity's sake I have the NIC installed and bridged together for the lan, then plugged into the NIC I have my main desktop and an 8 port unmanaged switch, with an AP attached to that. This is what I would like to have on the 390 anyway (its a friend's machine.. can get into that story later).

I know it is more than up to the task because the 790 with the same nic and LAN setup has a PS4, a Macbook Air, my desktop, and an AC2400 running on it (with DHCP turned off) and it can manage the DCHP for all of the devices and still deliver great internet to all.

I just have no clue why the 390 is throwing a fit at the NIC.

Also, to comment on your earlier post: re0 was a secondary WAN in, which has its settings manually forced to be down. em0-em4 were the NIC, and ue0 was my default WAN in that was up. so I have no idea why you said that re0 being the problem was no surprise.

Also, I am obviously not a network admin or any sort of expert at all at this, so I do not mean any of this as scoffing at your advice, I just would like a little clarification on what you've said. Anything would be much appreciated.

Derelict

I think you have broken hardware, meaning the computer itself. Something isn't right.

Bridging router interfaces is gay no matter what the size of the network. 5-port Gig-e switches are like $19 at frys. Get one.

thejtshow

1. Can you please tell me why bridging is bad if I am seeing no ill effects?

2. Can you please tell Fry's to build a location in N.W. Arkansas because I would love one. I've been to the Vegas Fry's and spent a few hours there.

3. Thank you for the actual bit of advice, I will see if I can confirm this

4. My friend already fully populates his 8 port Gig-e switch.

Derelict

@thejtshow:

1. Can you please tell me why bridging is bad if I am seeing no ill effects?

2. Can you please tell Fry's to build a location in N.W. Arkansas because I would love one. I've been to the Vegas Fry's and spent a few hours there.

3. Thank you for the actual bit of advice, I will see if I can confirm this

4. My friend already fully populates his 8 port Gig-e switch.

Shall I hold your dick for you too? Fucking amazon dude.

http://www.amazon.com/TP-LINK-TL-SG105-Gigabit-Ethernet-Desktop/dp/B00A128S24/

$19 shipped with prime.

2chemlud

May I observe that this Trump guy is apparently not good for the discussion culture in the USA. Sorry for OT…

Derelict

Trump is awesome.

You know what's really interesting about him?

Billionaire playboy since the 1980s.

Two divorces, Three wives.

And the democrats and republicans don't have any dirt on him.

Simply amazing.

2chemlud

…exactly what I apprehended...

You need no dirt to throw at this guy, he discharges the dirt by himself. But we are miles OT now ;-)

Old rule on forums: If you can't say something positive, simply say nothing...

Derelict

Get used to the Donald. He'll be around a while longer.

I am so sick and tired of answering the same stupid questions and fixing the same cockamamie ideas around this place I am seriously considering stopping.

Bridge a four-port intel card because you don't want to buy a $20 switch that will perform the same task 1000 times better?

Insanity.

Then tell me I have to justify my position because "he's not having problems?"

As if I have time for that tripe.

And it's the same thing every day. Every fucking day.

We could try to write a FAQ but nobody would read it.

2chemlud

We survived Ronny R., but this time it will be even harder (I think Abel Archer would mean nothing to this blond dumb guy, hu? I lived for some years close to where his ancestors came from in Germany. Not the smartest part up there, although good wine! And lots of inbreed to keep the wineyards together within the family :-D )

The problem with the FAQ: People don't SEE WHERE the problem comes from, so they don't ask the right questions. So no way to find the right answer.

Take a break if you can't stand it any more, but come back later. I think Doc retired, too…

Derelict

I noticed a couple days ago dok was gone. Been since about Christmas I think.