I'm new to OpnSense so please, have some patience with me.
I've got a system with 2 Intel i225-V on board. So far I was trying OpnSense out in a VirtualBox, because the 17-versions didn't support the NIC's. Now in the 22.1 version, the support should be ok, becuse of FreeBSD13, right?
Just fresh installed 22.1 but .... "No interfaces found"...
Am I wrong? Does 22.1 not have support for these NIC's?
Edit: This guy had these NIC's working on the rc1.
https://forum.opnsense.org/index.php?topic=26381.msg128932#msg128932
Did the support for these NIC's got removed?
> Did the support for these NIC's got removed?
Er, no, why should it? Doesn't make any sense.
Cheers,
Franco
??? Weird ... I downloaded the new img for 22.1 and clean installed it .... "No interfaces found"
# kldload if_igc
kldload: can't load if_igc: module already loaded or in kernel
Well either your specific cards aren't supported by the driver or something else is wrong. I'm not sure.
Cheers,
Franco
Looks like i225 will be supported with 13.1 upstream.
https://forums.freebsd.org/threads/intel-ethernet-controller-i225-v-not-supported-yet.80991/page-2#post-528023
Maybe someone experienced would backport the driver to the OPNsense 22.1?
https://forums.freebsd.org/threads/adding-igc-driver-to-13-0-release-for-intel-i225-v-network-adapter.83070/
We use 13-STABLE so it's already in 22.1....
Cheers,
Franco
I have NUC11TNHv5 with 2x i225-LM and they are both recognized in 22.1.
But I have another problem that DHCP is not working. Everything is set correctly but clients dont receive an IP.
I tried:
- Fresh install
- Wizard on GUI
- Wizard in Terminal
- Reset to default + manual setup
- Import configuration while installing (from working 22.1 from different PC)
- Import configuration on GUI
- Cloning SSD from working 22.1 PC
Only time it works for a second is if I switch the interfaces LAN <-> WAN, then for some reason it works until I reboot.
So when DHCP is not working I can still get to internet by manually setting IP, mask, gateway and DNS to client PC.
Static IPs seem to work but need to set DNS to get online.
Any ideas ?
About DHCP, I don't know. Im using a win2022 server with DHCP.
Maybe the i225-LM works, but my i225-V's are not recognized at install.
For the time being I ordered 2 USB nics and hope to find a solution soon.
I want give up ;)
I really hope this will be solved in the upcoming update. The USB-nic's are (as expected) not very stable :-\
Now I can only use the box for "educational purposes" ??? But I must say, OpnSense certainly looks like its going to stay (if I can use these i225-V's) and ... I prefer it over PfSense. The look-and-feel is much better and the community is great!
I do not quite understand your problem - if you run OpnSense as a VM under VirtualBox, the guest VM sees only a virtual pseudo network interface and not the real hardware.
As such, it should not matter if the guest VM support the specific hardware - I would assume that it gets presented some well-known hardware that will be broadly recognized. You could look at that with 'pciconf -ll' and see if the pci ids for the I225-V are even there. If so, you could look up if they are different from those supported in the igc driver.
What matters more is if the host supports the hardware. So do the interfaces work on the host machine?
This is somewhat different with USB devices as you can exclusively tunnel them to the guest VM so that it controls everything above the transport level.
If I run OpnSense as a VM under Virtualbox, I loose a lot of performance. Speedtest in Win10: 920mbit/s and in a VM I only get 150-200mbit/s... That's why I would really like to run OpnSense "bare" ;)
Im sorry for the screenprint, didnt know any other way to show the error message... Im not a Linux expert and new to OpnSense.
I see, so you tried on bare-metal now and that failed, I got that wrong.
Your error message:
igc0: <Intel(R) Ethernet Controller I225-V> mem ....
igc0: Setup of shared code failed, error -2
igc0: IFDI_ATTACH_PRE failed 6
seems to imply that the hardware was detected, but could not be initialized.
This could be related to some kind of firmware issue. I found a pfsense thread where one poster wrote that he had the exact same message and could solve his problem by booting via UEFI instead of BIOS boot:
https://forum.pfsense.com/post/1001113
So I dig in deeper, with your message in mind:
I first checked my firmware version of the NIC... It should be 1.45 (latest if im right)
But the check shows firmware version 1.79 !?!? so I cant update/downgrade...
Next thing, the firmware version belongs to the i225-it (if im right) but its a i225-v ???
Would that make the difference???
The i225 is a Rev.3 by the way.
The box starts via UEFI anyway as far as I can see.
I think Intel had hardware problems with older revisions and that is the reason for B3. I comes with newer firmware, I think the 145 version was for B2 or even B1 in order to reduce the impact of the hardware problem.
https://www.borncity.com/blog/2020/05/03/bug-in-intel-ethernet-controller-i225-v-v1-gefixt/
I225-LM and I225-V should be only slight variants (the former with commercial features like 5 year support).
I am still eagerly waiting for delivery of my system which supposedly has 4x I225-V and will report back.
I just received my device and the I225-V worked right out of the box with 22.1.2. It is indeed also a revision 3 chip:
#pciconf pciconf -lbcevV
igc0@pci0:1:0:0: class=0x020000 rev=0x03 hdr=0x00 vendor=0x8086 device=0x15f3 subvendor=0x8086 subdevice=0x0000
vendor = 'Intel Corporation'
device = 'Ethernet Controller I225-V'
class = network
subclass = ethernet
bar [10] = type Memory, range 32, base 0xa1b00000, size 1048576, enabled
bar [1c] = type Memory, range 32, base 0xa1c00000, size 16384, enabled
cap 01[40] = powerspec 3 supports D0 D3 current D0
cap 05[50] = MSI supports 1 message, 64 bit, vector masks
cap 11[70] = MSI-X supports 5 messages, enabled
Table in map 0x1c[0x0], PBA in map 0x1c[0x2000]
cap 10[a0] = PCI-Express 2 endpoint max data 256(512) FLR RO NS
max read 512
link x1(x1) speed 5.0(5.0) ASPM disabled(L1)
ecap 0001[100] = AER 2 0 fatal 0 non-fatal 0 corrected
ecap 0003[140] = Serial 1 00e269ffff52857e
ecap 0018[1c0] = LTR 1
ecap 001f[1f0] = Precision Time Measurement 1
ecap 001e[1e0] = L1 PM Substates 1
They show up as being configurable for all speeds up to 2500 MBit/s. I tried only with 1 GBit/s and throughput was fine even without any tuning.
The box starts in eufi ... checked it also eufi usb-live cd ... It simply gives the same error all the time.
Im really not happy like this. Why does it not start the nic's? The box is very fast, and if the nic's would work, it is an amazing firewall.
Ill check if I can install freeBSD 13 and get OpnSense to work as a plugin or something like that. But without VirtualBox or any virtualisation ;)
In the pfsense thread, there were two more tips:
1. Disable any other NIC in the system.
2. Boot up with no cable plugged in.
Would be interesting to see if the system works with vanilla FreeBSD oder Linux.
These are the only 2 NIC's in the system. The bios is very primitive and disabling of any NIC is not an option
I beleave, sorry.
No cable attached is what I did, because I (wanted) to use autodetect when setting up the system.
I do appreciate your input tho :)
Im scanning the internet also for solutions and if anybody else has encountered this and most of all ... what did they do to solve this.
Going for a FreeBSD option is a bit of a problem for me. Im almost 55 and grew up with MS-DOS/Windows. I know a lot about MS products but absolutely 0 of Linux and similar OS's. But if I have to (and if it looks like that would solve my problem) then I will. Im not lazy only very new at this.
I also looked aroud for another HW-solution. But many boxes have the same 2.5gbit NIC('s) and Im not sure they will work.
I have a HUNSN RS34g and that works fine as I wrote - it is also dirt cheap:
https://www.amazon.com/gp/product/B09PHHXN9V
It is available as RS34f with I210 as well. The RS34g has only one SODIMM slot if you want to buy it as a barebone, the RS34f has two. Internal storage is M.2/SATA or plain 2.5" SATA.
The machine is about 80% performance of the DEC7x0 at ~10 Watts. It has USB and HDMI/VGA output, so you can access the BIOS - essentially, this is a PC with 4 NICs.
I would not try to fuse FreeBSD and OpnSense together, but just test if Linux or FreeBSD work plain vanilla - so you could see if there is a problem with OpnSense kernel specifically.
P.S.: There is now a review out from ServeTheHome: https://www.youtube.com/watch?v=wUcDg_ms0is
I've just got my Topton fanless appliance with 4x ports i225-V from AliExpress, installed OPNsense and it works with no problems 8)
Nice. That one is available even with an N6005, which has more performance than the J4125, especially single-threaded. Slightly higher cost and power draw, but not too much.
Yes, i oredered the Topton with the Pentium N6005.
-1 because it supports M2-nvme drives (I already have one from the not working box) and has 2 so-dimm ddr4 slots and I already have 2x8GB in my drawer ;)
-2 it has a bit more performance and I want to use incoming and outgoing VPN and all of that requires some power as well.
It should arrive april 8th ... cant wait \o/
Have you guys been able to run these boxes without issues?
I also got the Topton Box but im running into problems with it. I wanted the extra Ports for 1 PC and 1 Server but its kind of unstable with OPNSense. Slow Speed Iperf (like only 60MB/s to sometimes 170 MB/s) and the NICs disconnects with load.
Tested with Realtek and Intel on the other side.
It runs fine here with a few caveats w/r to power draw and heat dissipation (https://www.congenio.de/infos/opnsense-hardware.html).
I did not use 2.5 GBit/s, but with 1 GBit/s, I get the expected results:
#iperf3 -c 192.168.1.9
Connecting to host 192.168.1.9, port 5201
[ 5] local 192.168.10.3 port 36008 connected to 192.168.1.9 port 5201
[ ID] Interval Transfer Bitrate Retr Cwnd
[ 5] 0.00-1.00 sec 114 MBytes 956 Mbits/sec 837 266 KBytes
[ 5] 1.00-2.00 sec 112 MBytes 944 Mbits/sec 763 269 KBytes
[ 5] 2.00-3.00 sec 112 MBytes 938 Mbits/sec 674 272 KBytes
[ 5] 3.00-4.00 sec 112 MBytes 938 Mbits/sec 660 249 KBytes
[ 5] 4.00-5.00 sec 112 MBytes 942 Mbits/sec 717 208 KBytes
[ 5] 5.00-6.00 sec 113 MBytes 949 Mbits/sec 1107 252 KBytes
[ 5] 6.00-7.00 sec 111 MBytes 931 Mbits/sec 803 257 KBytes
[ 5] 7.00-8.00 sec 112 MBytes 939 Mbits/sec 1126 257 KBytes
[ 5] 8.00-9.00 sec 112 MBytes 941 Mbits/sec 1047 260 KBytes
[ 5] 9.00-10.00 sec 112 MBytes 939 Mbits/sec 1091 255 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-10.00 sec 1.10 GBytes 942 Mbits/sec 8825 sender
[ 5] 0.00-10.00 sec 1.09 GBytes 940 Mbits/sec receiver
iperf Done.
But you said you wanted two ports for clients - I assume you are using a bridged configuration? There seem to be some issues around that with 22.1.