Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Marvell Yukon NIC with Broken port forward NAT

    Scheduled Pinned Locked Moved Hardware
    1 Posts 1 Posters 734 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      ctminime
      last edited by

      Last week I decided to swap out my hardware that I was running my pfSense Firewall on.

      OLD: Ancient Checkpoint UTM-1 with Intel Celeron 1.5Ghz CPU, 1GB RAM, 4 Intel Gigabit NICs running pfSense 2.2.5 32-bit.
      NEWER: Lenovo M57e with Intel Core 2 Duo 2.53Ghz CPU, 2GB RAM, onboard Marvell Yukon NIC, and Intel PCI-E Dual NIC running pfSense 2.2.6 64-bit.

      I built the newer one from scratch. I didn't use a back from the old device. Instead I had the two Web UI's side by side and duplicated the configuration.

      I originally had the Yukon NIC (msk0) as the WAN interface and one of the Intel ports as the LAN interface. Outbound internet appeared to work just fine but my inbound port forward NAT's did not work. After double checking my config, I couldn't find any problem. Search the pfSense forums, I saw a suggestion to try changing the NAT reflection setting. But that had no affect.

      After practically pulling my hair out, I decided to move the WAN interface to the other Intel port (igb1). This instantly got the port forward NAT's working. I had also set the NAT reflection back to disable. To verify the results, I put the WAN back to msk0 and again outbound internet would work but not the inbound port forward NATs. So, because moving the WAN to igb1 worked, that is how I am currently running.

      Anyone have any clue what was going on? Partially bad NIC maybe?

      Here is the NIC info:
      igb0: <intel(r) 1000="" pro="" network="" connection="" version="" -="" 2.4.0="">port 0xdc00-0xdc1f mem 0xfe9e0000-0xfe9fffff,0xfe400000-0xfe7fffff,0xfe9dc000-0xfe9dffff irq 16 at device 0.0 on pci1
      igb0: Using MSIX interrupts with 3 vectors
      igb0: Ethernet address: <removed>igb0: Bound queue 0 to cpu 0
      igb0: Bound queue 1 to cpu 1
      igb1: <intel(r) 1000="" pro="" network="" connection="" version="" -="" 2.4.0="">port 0xd880-0xd89f mem 0xfe9a0000-0xfe9bffff,0xfdc00000-0xfdffffff,0xfe9d8000-0xfe9dbfff irq 17 at device 0.1 on pci1
      igb1: Using MSIX interrupts with 3 vectors
      igb1: Ethernet address: <removed>igb1: Bound queue 0 to cpu 0
      igb1: Bound queue 1 to cpu 1

      mskc0: <marvell yukon="" 88e8056="" gigabit="" ethernet="">port 0xe800-0xe8ff mem 0xfeafc000-0xfeafffff irq 17 at device 0.0 on pci3
      msk0: <marvell technology="" group="" ltd.="" yukon="" ec="" ultra="" id="" 0xb4="" rev="" 0x03="">on mskc0
      msk0: Ethernet address: <removed>miibus0: <mii bus="">on msk0
      e1000phy0: <marvell 88e1149="" gigabit="" phy="">PHY 0 on miibus0
      e1000phy0:  none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, auto, auto-flow</marvell></mii></removed></marvell></marvell></removed></intel(r)></removed></intel(r)>

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.