Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Marvell Yukon NIC with Broken port forward NAT

    Hardware
    1
    1
    641
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      ctminime last edited by

      Last week I decided to swap out my hardware that I was running my pfSense Firewall on.

      OLD: Ancient Checkpoint UTM-1 with Intel Celeron 1.5Ghz CPU, 1GB RAM, 4 Intel Gigabit NICs running pfSense 2.2.5 32-bit.
      NEWER: Lenovo M57e with Intel Core 2 Duo 2.53Ghz CPU, 2GB RAM, onboard Marvell Yukon NIC, and Intel PCI-E Dual NIC running pfSense 2.2.6 64-bit.

      I built the newer one from scratch. I didn't use a back from the old device. Instead I had the two Web UI's side by side and duplicated the configuration.

      I originally had the Yukon NIC (msk0) as the WAN interface and one of the Intel ports as the LAN interface. Outbound internet appeared to work just fine but my inbound port forward NAT's did not work. After double checking my config, I couldn't find any problem. Search the pfSense forums, I saw a suggestion to try changing the NAT reflection setting. But that had no affect.

      After practically pulling my hair out, I decided to move the WAN interface to the other Intel port (igb1). This instantly got the port forward NAT's working. I had also set the NAT reflection back to disable. To verify the results, I put the WAN back to msk0 and again outbound internet would work but not the inbound port forward NATs. So, because moving the WAN to igb1 worked, that is how I am currently running.

      Anyone have any clue what was going on? Partially bad NIC maybe?

      Here is the NIC info:
      igb0: <intel(r) 1000="" pro="" network="" connection="" version="" -="" 2.4.0="">port 0xdc00-0xdc1f mem 0xfe9e0000-0xfe9fffff,0xfe400000-0xfe7fffff,0xfe9dc000-0xfe9dffff irq 16 at device 0.0 on pci1
      igb0: Using MSIX interrupts with 3 vectors
      igb0: Ethernet address: <removed>igb0: Bound queue 0 to cpu 0
      igb0: Bound queue 1 to cpu 1
      igb1: <intel(r) 1000="" pro="" network="" connection="" version="" -="" 2.4.0="">port 0xd880-0xd89f mem 0xfe9a0000-0xfe9bffff,0xfdc00000-0xfdffffff,0xfe9d8000-0xfe9dbfff irq 17 at device 0.1 on pci1
      igb1: Using MSIX interrupts with 3 vectors
      igb1: Ethernet address: <removed>igb1: Bound queue 0 to cpu 0
      igb1: Bound queue 1 to cpu 1

      mskc0: <marvell yukon="" 88e8056="" gigabit="" ethernet="">port 0xe800-0xe8ff mem 0xfeafc000-0xfeafffff irq 17 at device 0.0 on pci3
      msk0: <marvell technology="" group="" ltd.="" yukon="" ec="" ultra="" id="" 0xb4="" rev="" 0x03="">on mskc0
      msk0: Ethernet address: <removed>miibus0: <mii bus="">on msk0
      e1000phy0: <marvell 88e1149="" gigabit="" phy="">PHY 0 on miibus0
      e1000phy0:  none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, auto, auto-flow</marvell></mii></removed></marvell></marvell></removed></intel(r)></removed></intel(r)>

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense Plus
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy