Hello forum,
I currently have two Sophos XGS 3300 here which I would like to supply with OPNsense.
The installation with a USB stick and a console cable has already worked.
But now I have to realize that all network adapters except the dedicated MGMT port are not recognized.
What drivers do I need to install to make this work?
I am having trouble finding out which manufacturer is used for the network adapter chips.
The MGMT port has an Intel chip.
Here is some more data:
/
-
______ _____ _____
/ __ |/ ___ |/ __ |
| | | | |__/ | | | |___ ___ _ __ ___ ___
| | | | ___/| | | / __|/ _ \ '_ \/ __|/ _ \
| |__| | | | | | \__ \ __/ | | \__ \ __/
|_____/|_| |_| /__|___/\___|_| |_|___/\___|
+-----------------------------------------+ @@@@@@@@@@@@@@@@@@@@@@@@@@@@
| | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
| 1. Boot Multi user [Enter] | @@@@@ @@@@@
| 2. Boot Single user | @@@@@ @@@@@
| 3. Escape to loader prompt | @@@@@@@@@@@ @@@@@@@@@@@
| 4. Reboot | \\\\\ /////
| 5. Cons: Serial | )))))))))))) (((((((((((
| | ///// \\\\\
| Options: | @@@@@@@@@@@ @@@@@@@@@@@
| 6. Kernel: default/kernel (1 of 2) | @@@@@ @@@@@
| 7. Boot Options | @@@@@ @@@@@
| | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
| | @@@@@@@@@@@@@@@@@@@@@@@@@@@@
+-----------------------------------------+
Autoboot in 0 seconds. [Space] to pause 24.7 ``Thriving Tiger'' -
Loading kernel...
/boot/kernel/kernel text=0x180c00 text=0xdfd718 text=0x455014 data=0x180+0xe80 data=0x196980+0x469680 0x8+0x19f5f0+0x8+0x1c4187
Loading configured modules...
/boot/firmware/amd-ucode.bin size=0x12986
/boot/kernel/zfs.ko size 0x5cd5e0 at 0x2177000
/boot/kernel/if_gre.ko size 0xaa30 at 0x2745000
/boot/kernel/opensolaris.ko size 0x1e2c8 at 0x2750000
/boot/kernel/pfsync.ko size 0x11a18 at 0x276f000
loading required module 'pf'
/boot/kernel/pf.ko size 0x8c548 at 0x2781000
/boot/kernel/pflog.ko size 0x3c10 at 0x280e000
/boot/kernel/if_lagg.ko size 0x165f0 at 0x2812000
loading required module 'if_infiniband'
/boot/kernel/if_infiniband.ko size 0x3540 at 0x2829000
/boot/modules/if_re.ko size 0x11d718 at 0x282d000
/boot/kernel/if_bridge.ko size 0xea58 at 0x294b000
loading required module 'bridgestp'
/boot/kernel/bridgestp.ko size 0x8930 at 0x295a000
/boot/kernel/if_enc.ko size 0x4be0 at 0x2963000
/boot/kernel/carp.ko size 0xfba8 at 0x2968000
/boot/entropy size=0x1000
/etc/hostid size=0x25
staging 0xd2000000 (not copying) tramp 0xda0af000 PT4 0xda08e000
Start @ 0xffffffff80381000 ...
KDB: debugger backends: ddb
KDB: current backend: ddb
---<<BOOT>>---
Copyright (c) 1992-2023 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 14.1-RELEASE-p6 stable/24.7-n267981-8375762712f SMP amd64
FreeBSD clang version 18.1.5 (https://github.com/llvm/llvm-project.git llvmorg-18.1.5-0-g617a15a9eac9)
VT(vga): resolution 640x480
CPU microcode: no matching update found
CPU: AMD Ryzen Embedded V1780B (3343.98-MHz K8-class CPU)
Origin="AuthenticAMD" Id=0x810f10 Family=0x17 Model=0x11 Stepping=0
Features=0x178bfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2,HTT>
Features2=0x7ed8320b<SSE3,PCLMULQDQ,MON,SSSE3,FMA,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AESNI,XSAVE,OSXSAVE,AVX,F16C,RDRAND>
AMD Features=0x2e500800<SYSCALL,NX,MMX+,FFXSR,Page1GB,RDTSCP,LM>
AMD Features2=0x35c233ff<LAHF,CMP,SVM,ExtAPIC,CR8,ABM,SSE4A,MAS,Prefetch,OSVW,SKINIT,WDT,TCE,Topology,PCXC,PNXC,DBE,PL2I,MWAITX>
Structured Extended Features=0x209c01a9<FSGSBASE,BMI1,AVX2,SMEP,BMI2,RDSEED,ADX,SMAP,CLFLUSHOPT,SHA>
XSAVE Features=0xf<XSAVEOPT,XSAVEC,XINUSE,XSAVES>
AMD Extended Feature Extensions ID EBX=0x1007<CLZERO,IRPerf,XSaveErPtr,IBPB>
SVM: NP,NRIP,VClean,AFlush,DAssist,NAsids=32768
TSC: P-state invariant, performance statistics
real memory = 17179869184 (16384 MB)
avail memory = 16572207104 (15804 MB)
Event timer "LAPIC" quality 600
ACPI APIC Table: <ALASKA A M I >
FreeBSD/SMP: Multiprocessor System Detected: 8 CPUs
FreeBSD/SMP: 1 package(s) x 4 core(s) x 2 hardware threads
random: registering fast source Intel Secure Key RNG
random: fast provider: "Intel Secure Key RNG"
random: unblocking device.
ioapic0 <Version 2.1> irqs 0-23
ioapic1 <Version 2.1> irqs 24-55
Launching APs: 4 1 7 3 5 2 6
random: entropy device external interface
wlan: mac acl policy registered
kbd0 at kbdmux0
WARNING: Device "spkr" is Giant locked and may be deleted before FreeBSD 15.0.
efirtc0: <EFI Realtime Clock>
efirtc0: registered as a time-of-day clock, resolution 1.000000s
vtvga0: <VT VGA driver>
smbios0: <System Management BIOS> at iomem 0xde040000-0xde04001e
smbios0: Version: 3.2, BCD Revision: 2.8
aesni0: <AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTS,SHA1,SHA256>
acpi0: <ALASKA A M I >
acpi0: Power Button (fixed)
cpu0: <ACPI CPU> on acpi0
attimer0: <AT timer> port 0x40-0x43 irq 0 on acpi0
Timecounter "i8254" frequency 1193182 Hz quality 0
Event timer "i8254" frequency 1193182 Hz quality 100
atrtc0: <AT realtime clock> port 0x70-0x71 on acpi0
atrtc0: registered as a time-of-day clock, resolution 1.000000s
Event timer "RTC" frequency 32768 Hz quality 0
hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff irq 0,8 on acpi0
Timecounter "HPET" frequency 14318180 Hz quality 950
Event timer "HPET" frequency 14318180 Hz quality 350
Event timer "HPET1" frequency 14318180 Hz quality 350
Event timer "HPET2" frequency 14318180 Hz quality 350
Timecounter "ACPI-fast" frequency 3579545 Hz quality 900
acpi_timer0: <32-bit timer at 3.579545MHz> port 0x808-0x80b on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus> on pcib0
pci0: <base peripheral, IOMMU> at device 0.2 (no driver attached)
pcib1: <ACPI PCI-PCI bridge> at device 1.1 on pci0
pci1: <ACPI PCI bus> on pcib1
pci1: <processor> at device 0.0 (no driver attached)
pcib2: <ACPI PCI-PCI bridge> at device 1.2 on pci0
pci2: <ACPI PCI bus> on pcib2
igb0: <Intel(R) I211 (Copper)> port 0xf000-0xf01f mem 0xfce00000-0xfce1ffff,0xfce20000-0xfce23fff at device 0.0 on pci2
igb0: NVM V0.6 imgtype1
igb0: Using 1024 TX descriptors and 1024 RX descriptors
igb0: Using 2 RX queues 2 TX queues
igb0: Using MSI-X interrupts with 3 vectors
igb0: Ethernet address: 7c:5a:1c:cb:51:3d
igb0: netmap queues/slots: TX 2/1024, RX 2/1024
pcib3: <ACPI PCI-PCI bridge> at device 8.1 on pci0
pci3: <ACPI PCI bus> on pcib3
pci3: <encrypt/decrypt> at device 0.2 (no driver attached)
xhci0: <XHCI (generic) USB 3.0 controller> mem 0xfca00000-0xfcafffff at device 0.3 on pci3
xhci0: 64 bytes context size, 64-bit DMA
usbus0 on xhci0
usbus0: 5.0Gbps Super Speed USB v3.0
xhci1: <XHCI (generic) USB 3.0 controller> mem 0xfc900000-0xfc9fffff at device 0.4 on pci3
xhci1: 64 bytes context size, 64-bit DMA
usbus1 on xhci1
usbus1: 5.0Gbps Super Speed USB v3.0
pci3: <multimedia> at device 0.5 (no driver attached)
hdac0: <AMD Raven HDA Controller> mem 0xfcc40000-0xfcc47fff at device 0.6 on pci3
pci3: <old, non-VGA display device> at device 0.7 (no driver attached)
pcib4: <ACPI PCI-PCI bridge> at device 8.2 on pci0
pci4: <ACPI PCI bus> on pcib4
ahci0: <AMD KERNCZ AHCI SATA controller> mem 0xfcd00000-0xfcd007ff at device 0.0 on pci4
ahci0: AHCI v1.31 with 1 6Gbps ports, Port Multiplier supported with FBS
ahcich0: <AHCI channel> at channel 0 on ahci0
isab0: <PCI-ISA bridge> at device 20.3 on pci0
isa0: <ISA bus> on isab0
acpi_button0: <Power Button> on acpi0
uart1: <8250 or 16450 or compatible> port 0x2f8-0x2ff irq 4 on acpi0
uart2: <8250 or 16450 or compatible> port 0x3e8-0x3ef irq 5 on acpi0
ns8250: UART FCR is broken
ns8250: UART FCR is broken
uart0: <16x50 with 256 byte FIFO> port 0x3f8-0x3ff irq 3 flags 0x10 on acpi0
ns8250: UART FCR is broken
uart0: console (115200,n,8,1)
hwpstate0: <Cool`n'Quiet 2.0> on cpu0
Timecounter "TSC-low" frequency 1671859857 Hz quality 1000
Timecounters tick every 1.000 msec
ugen0.1: <AMD XHCI root HUB> at usbus0
ugen1.1: <AMD XHCI root HUB> at usbus1
uhub0 on usbus0
uhub0: <AMD XHCI root HUB, class 9/0, rev 3.00/1.00, addr 1> on usbus0
uhub1 on usbus1
uhub1: <AMD XHCI root HUB, class 9/0, rev 3.00/1.00, addr 1> on usbus1
ZFS filesystem version: 5
ZFS storage pool version: features support (5000)
Trying to mount root from zfs:zroot/ROOT/default []...
uhub1: 3 ports with 3 removable, self powered
ada0 at ahcich0 bus 0 scbus0 target 0 lun 0
ada0: <ADATA IM2S3168-256GD S180718b> ACS-2 ATA SATA 3.x device
ada0: Serial Number 2L192L14ADF1
ada0: 600.000MB/s transfers (SATA 3.x, UDMA6, PIO 8192bytes)
ada0: Command Queueing enabled
ada0: 244198MB (500118192 512 byte sectors)
uhub0: 8 ports with 8 removable, self powered
ugen1.2: <Microchip Technology Inc. MCP2210 USB to SPI Master> at usbus1
ugen0.2: <Realtek USB 10/100/1000 LAN> at usbus0
Mounting filesystems...
no pools available to import
Setting hostuuid: aa152af4-616b-4da4-a301-e1581dae4fab.
Setting hostid: 0x1068ec0f.
Configuring vt: keymap.
Configuring crash dump device: /dev/ada0p3
swapon: adding /dev/ada0p3 as swap device
.ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg /usr/local/lib/compat/pkg /usr/local/lib/ipsec /usr/local/lib/perl5/5.36/mach/CORE
32-bit compatibility ldconfig path:
done.
>>> Invoking early script 'upgrade'
>>> Invoking early script 'configd'
Starting configd.
>>> Invoking early script 'templates'
Generating configuration: OK
>>> Invoking early script 'backup'
>>> Invoking backup script 'captiveportal'
>>> Invoking backup script 'dhcpleases'
>>> Invoking backup script 'duid'
>>> Invoking backup script 'netflow'
>>> Invoking backup script 'rrd'
>>> Invoking early script 'cpu-microcode'
Updating CPU Microcode...
CPU: AMD Ryzen Embedded V1780B (3343.72-MHz K8-class CPU)
Origin="AuthenticAMD" Id=0x810f10 Family=0x17 Model=0x11 Stepping=0
Features=0x178bfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2,HTT>
Features2=0x7ed8320b<SSE3,PCLMULQDQ,MON,SSSE3,FMA,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AESNI,XSAVE,OSXSAVE,AVX,F16C,RDRAND>
AMD Features=0x2e500800<SYSCALL,NX,MMX+,FFXSR,Page1GB,RDTSCP,LM>
AMD Features2=0x35c233ff<LAHF,CMP,SVM,ExtAPIC,CR8,ABM,SSE4A,MAS,Prefetch,OSVW,SKINIT,WDT,TCE,Topology,PCXC,PNXC,DBE,PL2I,MWAITX>
Structured Extended Features=0x209c01a9<FSGSBASE,BMI1,AVX2,SMEP,BMI2,RDSEED,ADX,SMAP,CLFLUSHOPT,SHA>
XSAVE Features=0xf<XSAVEOPT,XSAVEC,XINUSE,XSAVES>
AMD Extended Feature Extensions ID EBX=0x1007<CLZERO,IRPerf,XSaveErPtr,IBPB>
SVM: NP,NRIP,VClean,AFlush,DAssist,NAsids=32768
TSC: P-state invariant, performance statistics
Done.
>>> Invoking early script 'carp'
CARP event system: OK
Launching the init system...done.
Initializing..........done.
Starting device manager...intsmb0: <AMD FCH SMBus Controller> at device 20.0 on pci0
smbus0: <System Management Bus> on intsmb0
driver bug: Unable to set devclass (class: ppc devname: (unknown))
ig4iic0: <Designware I2C Controller> iomem 0xfedc5000-0xfedc5fff irq 6 on acpi0
iicbus0: <Philips I2C bus (ACPI-hinted)> on ig4iic0
uhid0 on uhub1
uhid0: <Microchip Technology Inc. MCP2210 USB to SPI Master, class 0/0, rev 2.00/0.02, addr 1> on usbus1
ure0 on uhub0
ure0: <Realtek USB 10/100/1000 LAN, class 0/0, rev 3.00/30.00, addr 1> on usbus0
miibus0: <MII bus> on ure0
rgephy0: <RTL8251/8153 1000BASE-T media interface> PHY 0 on miibus0
rgephy0: none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT-FDX, 1000baseT-FDX-master, auto
ue0: <USB Ethernet> on ure0
ue0: Ethernet address: 00:e0:4c:68:d5:db
ue0: link state changed to DOWN
done.
Configuring login behaviour...done.
Configuring loopback interface..lo0: link state changed to UP
.done.
Configuring kernel modules...done.
Setting up extended sysctls...done.
Setting timezone: Europe/Berlin
Writing firmware settings: FreeBSD OPNsense
Writing trust files...done.
Scanning /usr/share/certs/untrusted for certificates...
Scanning /usr/share/certs/trusted for certificates...
Scanning /usr/local/share/certs for certificates...
certctl: No changes to trust store were made.
Writing trust bundles...done.
Setting hostname: FW1.sophosxgs3300.lan
Generating /etc/resolv.conf...done.
Generating /etc/hosts...done.
Configuring system logging...done.
Configuring firewall.......done.
Configuring hardware interfaces...done.
Configuring loopback interface...done.
Configuring LAGG interfaces...done.
Configuring VLAN interfaces...done.
Configuring LAN interface...done.
Configuring WAN interface...done.
Generating /etc/resolv.conf...done.
Generating /etc/hosts...done.
Configuring firewall.......done.
Starting web GUI...done.
Setting up routes...done.
Starting DHCPv4 service...done.
Starting DHCPv6 service...done.
Starting router advertisement service...done.
Starting Unbound DNS...done.
Configuring firewall.......done.
Setting up gateway monitor...done.
Syncing OpenVPN settings...done.
Starting NTP service...done.
Starting Unbound DNS...done.
>>> Invoking start script 'newwanip'
Reconfiguring IPv4 on igb0
>>> Invoking start script 'freebsd'
>>> Invoking start script 'syslog'
>>> Invoking start script 'carp'
>>> Invoking start script 'cron'
Starting Cron: OK
>>> Invoking start script 'openvpn'
>>> Invoking start script 'sysctl'
Service `sysctl' has been restarted.
>>> Invoking start script 'beep'
Root file system: zroot/ROOT/default
Fri Jan 10 16:49:39 CET 2025
*** FW1.sophosxgs3300.lan: OPNsense 24.7.11_2 (amd64) ***
LAN (ue0) -> v4: 192.168.1.1/24
WAN (igb0) -> v4/DHCP4: 192.168.40.75/24
HTTPS: sha256 F2 ED 24 45 17 3A C0 02 87 08 3A C2 1E F8 82 69
1B B9 96 15 87 68 A1 95 D1 B0 64 DB F2 41 BF 58
FreeBSD/amd64 (FW1.sophosxgs3300.lan) (ttyu0)
igb0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
description: WAN (wan)
options=4802028<VLAN_MTU,JUMBO_MTU,WOL_MAGIC,HWSTATS,MEXTPG>
ether 7c:5a:1c:cb:51:3d
inet 192.168.40.75 netmask 0xffffff00 broadcast 192.168.40.255
inet6 fe80::7e5a:1cff:fecb:513d%igb0 prefixlen 64 scopeid 0x1
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
lo0: flags=1008049<UP,LOOPBACK,RUNNING,MULTICAST,LOWER_UP> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
enc0: flags=0 metric 0 mtu 1536
options=0
groups: enc
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
pfsync0: flags=0 metric 0 mtu 1500
options=0
maxupd: 128 defer: off version: 1400
syncok: 1
groups: pfsync
pflog0: flags=20100<PROMISC,PPROMISC> metric 0 mtu 33152
options=0
groups: pflog
ue0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN (lan)
options=80088<VLAN_MTU,VLAN_HWCSUM,LINKSTATE>
ether 00:e0:4c:68:d5:db
inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::2e0:4cff:fe68:d5db%ue0 prefixlen 64 scopeid 0x6
media: Ethernet autoselect (none)
status: no carrier
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
I connected a USB LAN adapter to one of the USB ports.
This was recognized directly.
I was thus able to set up a port for WAN access (MGMT port) and a port for my access with the computer (USB).
I also tried the following:
- pfsense -> Does not boot
- OpenWrt -> boots, but only recognizes the MGMT port, as no driver for the USB adapter is automatically pre-installed
- Debian -> boots in "blind mode", which is not possible via console cable. So cannot use it.
Does anyone have any ideas? :)
Quote from: Hoerli on January 10, 2025, 05:06:05 PMHello forum,
I currently have two Sophos XGS 3300s here which I would like to supply with OPNsense.
The installation with a USB stick and a console cable has already worked.
But now I have to realize that all network adapters except the dedicated MGMT port are not recognized.
What drivers do I need to install to make this work?
I am having trouble finding out which manufacturer is used for the network adapter chips.
The MGMT port has an Intel chip.
[...]
Yep, the i211.
It's amazing the thing booted. Kinda neat. "pciconf -lv" or "dmidecode" may give you enough info. Looks like the device has an Ethernet switch (cheapest way to get 8 ports - probably Marvell or Broadcom, but could be anything) and a crypto accelerator (Cavium? Hifn?) - nice, but neither are well-supported in workstation OSs. Good luck.
That doesn't sound like fun. :(
I had hoped that the firewall would have chips similar to those in the XG 330.
OPNsense works there straight away without any problems.
Here is the output of the two commands:
root@FW1:~ # pciconf -lv
hostb0@pci0:0:0:0: class=0x060000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15d0 subvendor=0x1022 subdevice=0x15d0
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 Root Complex'
class = bridge
subclass = HOST-PCI
none0@pci0:0:0:2: class=0x080600 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15d1 subvendor=0x1022 subdevice=0x15d1
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 IOMMU'
class = base peripheral
subclass = IOMMU
hostb1@pci0:0:1:0: class=0x060000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x1452 subvendor=0x0000 subdevice=0x0000
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Family 17h (Models 00h-1fh) PCIe Dummy Host Bridge'
class = bridge
subclass = HOST-PCI
pcib1@pci0:0:1:1: class=0x060400 rev=0x00 hdr=0x01 vendor=0x1022 device=0x15d3 subvendor=0x1022 subdevice=0x1453
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 PCIe GPP Bridge [6:0]'
class = bridge
subclass = PCI-PCI
pcib2@pci0:0:1:2: class=0x060400 rev=0x00 hdr=0x01 vendor=0x1022 device=0x15d3 subvendor=0x1022 subdevice=0x1453
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 PCIe GPP Bridge [6:0]'
class = bridge
subclass = PCI-PCI
hostb2@pci0:0:8:0: class=0x060000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x1452 subvendor=0x0000 subdevice=0x0000
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Family 17h (Models 00h-1fh) PCIe Dummy Host Bridge'
class = bridge
subclass = HOST-PCI
pcib3@pci0:0:8:1: class=0x060400 rev=0x00 hdr=0x01 vendor=0x1022 device=0x15db subvendor=0x1022 subdevice=0x0000
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 Internal PCIe GPP Bridge 0 to Bus A'
class = bridge
subclass = PCI-PCI
pcib4@pci0:0:8:2: class=0x060400 rev=0x00 hdr=0x01 vendor=0x1022 device=0x15dc subvendor=0x1022 subdevice=0x0000
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 Internal PCIe GPP Bridge 0 to Bus B'
class = bridge
subclass = PCI-PCI
intsmb0@pci0:0:20:0: class=0x0c0500 rev=0x61 hdr=0x00 vendor=0x1022 device=0x790b subvendor=0x1022 subdevice=0x790b
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'FCH SMBus Controller'
class = serial bus
subclass = SMBus
isab0@pci0:0:20:3: class=0x060100 rev=0x51 hdr=0x00 vendor=0x1022 device=0x790e subvendor=0x1022 subdevice=0x790e
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'FCH LPC Bridge'
class = bridge
subclass = PCI-ISA
hostb3@pci0:0:24:0: class=0x060000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15e8 subvendor=0x0000 subdevice=0x0000
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 Device 24: Function 0'
class = bridge
subclass = HOST-PCI
hostb4@pci0:0:24:1: class=0x060000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15e9 subvendor=0x0000 subdevice=0x0000
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 Device 24: Function 1'
class = bridge
subclass = HOST-PCI
hostb5@pci0:0:24:2: class=0x060000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15ea subvendor=0x0000 subdevice=0x0000
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 Device 24: Function 2'
class = bridge
subclass = HOST-PCI
hostb6@pci0:0:24:3: class=0x060000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15eb subvendor=0x0000 subdevice=0x0000
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 Device 24: Function 3'
class = bridge
subclass = HOST-PCI
hostb7@pci0:0:24:4: class=0x060000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15ec subvendor=0x0000 subdevice=0x0000
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 Device 24: Function 4'
class = bridge
subclass = HOST-PCI
hostb8@pci0:0:24:5: class=0x060000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15ed subvendor=0x0000 subdevice=0x0000
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 Device 24: Function 5'
class = bridge
subclass = HOST-PCI
hostb9@pci0:0:24:6: class=0x060000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15ee subvendor=0x0000 subdevice=0x0000
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 Device 24: Function 6'
class = bridge
subclass = HOST-PCI
hostb10@pci0:0:24:7: class=0x060000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15ef subvendor=0x0000 subdevice=0x0000
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2 Device 24: Function 7'
class = bridge
subclass = HOST-PCI
none1@pci0:1:0:0: class=0x0b8000 rev=0x01 hdr=0x00 vendor=0x177d device=0xa300 subvendor=0x177d subdevice=0xa300
vendor = 'Cavium, Inc.'
device = 'OCTEON TX CN83XX'
class = processor
igb0@pci0:2:0:0: class=0x020000 rev=0x03 hdr=0x00 vendor=0x8086 device=0x1539 subvendor=0x8086 subdevice=0x0000
vendor = 'Intel Corporation'
device = 'I211 Gigabit Network Connection'
class = network
subclass = ethernet
none2@pci0:3:0:0: class=0x130000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x145a subvendor=0x1002 subdevice=0x0000
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Zeppelin/Raven/Raven2 PCIe Dummy Function'
class = non-essential instrumentation
none3@pci0:3:0:2: class=0x108000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15df subvendor=0x1022 subdevice=0x15df
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Family 17h (Models 10h-1fh) Platform Security Processor'
class = encrypt/decrypt
xhci0@pci0:3:0:3: class=0x0c0330 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15e0 subvendor=0x1022 subdevice=0x7914
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven USB 3.1'
class = serial bus
subclass = USB
xhci1@pci0:3:0:4: class=0x0c0330 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15e1 subvendor=0x1022 subdevice=0x7914
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven USB 3.1'
class = serial bus
subclass = USB
none4@pci0:3:0:5: class=0x048000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15e2 subvendor=0x1022 subdevice=0x15e2
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'ACP/ACP3X/ACP6x Audio Coprocessor'
class = multimedia
hdac0@pci0:3:0:6: class=0x040300 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15e3 subvendor=0x1022 subdevice=0xd001
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Family 17h/19h HD Audio Controller'
class = multimedia
subclass = HDA
none5@pci0:3:0:7: class=0x000000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x15e6 subvendor=0x1022 subdevice=0x15e4
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'Raven/Raven2/Renoir Non-Sensor Fusion Hub KMDF driver'
class = old
subclass = non-VGA display device
ahci0@pci0:4:0:0: class=0x010601 rev=0x61 hdr=0x00 vendor=0x1022 device=0x7901 subvendor=0x1022 subdevice=0x7901
vendor = 'Advanced Micro Devices, Inc. [AMD]'
device = 'FCH SATA Controller [AHCI mode]'
class = mass storage
subclass = SATA
root@FW1:~ # dmidecode
# dmidecode 3.6
# SMBIOS entry point at 0xde040000
Found SMBIOS entry point in EFI, reading table from /dev/mem.
SMBIOS 3.2 present.
42 structures occupying 1700 bytes.
Table at 0xDE03D000.
Handle 0x0000, DMI type 0, 26 bytes
BIOS Information
Vendor: American Megatrends Inc.
Version: V110
Release Date: 02/22/2021
Address: 0xF0000
Runtime Size: 64 kB
ROM Size: 8 MB
Characteristics:
PCI is supported
BIOS is upgradeable
BIOS shadowing is allowed
Boot from CD is supported
Selectable boot is supported
BIOS ROM is socketed
EDD is supported
5.25"/1.2 MB floppy services are supported (int 13h)
3.5"/720 kB floppy services are supported (int 13h)
3.5"/2.88 MB floppy services are supported (int 13h)
Print screen service is supported (int 5h)
Serial services are supported (int 14h)
Printer services are supported (int 17h)
ACPI is supported
USB legacy is supported
BIOS boot specification is supported
Targeted content distribution is supported
UEFI is supported
BIOS Revision: 5.14
Handle 0x0001, DMI type 1, 27 bytes
System Information
Manufacturer: Sophos
Product Name: XGS
Version: 3300r1
Serial Number: X33006K4MC8M25F
UUID: 03000200-0400-0500-0006-000700080009
Wake-up Type: Power Switch
SKU Number: Default string
Family: Default string
Handle 0x0002, DMI type 2, 15 bytes
Base Board Information
Manufacturer: Sophos
Product Name: XGS
Version: 08
Serial Number: LAAAMDA0202-000421230030
Asset Tag: Default string
Features:
Board is a hosting board
Board is replaceable
Location In Chassis: Default string
Chassis Handle: 0x0003
Type: Motherboard
Contained Object Handles: 0
Handle 0x0003, DMI type 3, 22 bytes
Chassis Information
Manufacturer: Default string
Type: Desktop
Lock: Not Present
Version: Default string
Serial Number: Default string
Asset Tag: Default string
Boot-up State: Safe
Power Supply State: Safe
Thermal State: Safe
Security Status: None
OEM Information: 0x00000000
Height: Unspecified
Number Of Power Cords: 1
Contained Elements: 0
SKU Number: Default string
Handle 0x0004, DMI type 10, 6 bytes
On Board Device Information
Type: Video
Status: Enabled
Description: To Be Filled By O.E.M.
Handle 0x0005, DMI type 11, 5 bytes
OEM Strings
String 1: Default string
Handle 0x0006, DMI type 12, 5 bytes
System Configuration Options
Option 1: Default string
Handle 0x0007, DMI type 32, 20 bytes
System Boot Information
Status: No errors detected
Handle 0x0008, DMI type 43, 31 bytes
TPM Device
Vendor ID:
Specification Version: 2.0
Firmware Revision: 5.63
Description: INFINEON
Characteristics:
Family configurable via platform software support
OEM-specific Information: 0x00000000
Handle 0x0009, DMI type 18, 23 bytes
32-bit Memory Error Information
Type: OK
Granularity: Unknown
Operation: Unknown
Vendor Syndrome: Unknown
Memory Array Address: Unknown
Device Address: Unknown
Resolution: Unknown
Handle 0x000A, DMI type 16, 23 bytes
Physical Memory Array
Location: System Board Or Motherboard
Use: System Memory
Error Correction Type: None
Maximum Capacity: 32 GB
Error Information Handle: 0x0009
Number Of Devices: 2
Handle 0x000B, DMI type 19, 31 bytes
Memory Array Mapped Address
Starting Address: 0x00000000000
Ending Address: 0x003FFFFFFFF
Range Size: 16 GB
Physical Array Handle: 0x000A
Partition Width: 2
Handle 0x000C, DMI type 7, 27 bytes
Cache Information
Socket Designation: L1 - Cache
Configuration: Enabled, Not Socketed, Level 1
Operational Mode: Write Back
Location: Internal
Installed Size: 384 kB
Maximum Size: 384 kB
Supported SRAM Types:
Pipeline Burst
Installed SRAM Type: Pipeline Burst
Speed: 1 ns
Error Correction Type: Multi-bit ECC
System Type: Unified
Associativity: 8-way Set-associative
Handle 0x000D, DMI type 7, 27 bytes
Cache Information
Socket Designation: L2 - Cache
Configuration: Enabled, Not Socketed, Level 2
Operational Mode: Write Back
Location: Internal
Installed Size: 2 MB
Maximum Size: 2 MB
Supported SRAM Types:
Pipeline Burst
Installed SRAM Type: Pipeline Burst
Speed: 1 ns
Error Correction Type: Multi-bit ECC
System Type: Unified
Associativity: 8-way Set-associative
Handle 0x000E, DMI type 7, 27 bytes
Cache Information
Socket Designation: L3 - Cache
Configuration: Enabled, Not Socketed, Level 3
Operational Mode: Write Back
Location: Internal
Installed Size: 4 MB
Maximum Size: 4 MB
Supported SRAM Types:
Pipeline Burst
Installed SRAM Type: Pipeline Burst
Speed: 1 ns
Error Correction Type: Multi-bit ECC
System Type: Unified
Associativity: 16-way Set-associative
Handle 0x000F, DMI type 4, 48 bytes
Processor Information
Socket Designation: FP5
Type: Central Processor
Family: Zen
Manufacturer: Advanced Micro Devices, Inc.
ID: 10 0F 81 00 FF FB 8B 17
Signature: Family 23, Model 17, Stepping 0
Flags:
FPU (Floating-point unit on-chip)
VME (Virtual mode extension)
DE (Debugging extension)
PSE (Page size extension)
TSC (Time stamp counter)
MSR (Model specific registers)
PAE (Physical address extension)
MCE (Machine check exception)
CX8 (CMPXCHG8 instruction supported)
APIC (On-chip APIC hardware supported)
SEP (Fast system call)
MTRR (Memory type range registers)
PGE (Page global enable)
MCA (Machine check architecture)
CMOV (Conditional move instruction supported)
PAT (Page attribute table)
PSE-36 (36-bit page size extension)
CLFSH (CLFLUSH instruction supported)
MMX (MMX technology supported)
FXSR (FXSAVE and FXSTOR instructions supported)
SSE (Streaming SIMD extensions)
SSE2 (Streaming SIMD extensions 2)
HTT (Multi-threading)
Version: AMD Ryzen Embedded V1780B
Voltage: 1.3 V
External Clock: 100 MHz
Max Speed: 3600 MHz
Current Speed: 3350 MHz
Status: Populated, Enabled
Upgrade: None
L1 Cache Handle: 0x000C
L2 Cache Handle: 0x000D
L3 Cache Handle: 0x000E
Serial Number: Unknown
Asset Tag: Unknown
Part Number: Unknown
Core Count: 4
Core Enabled: 4
Thread Count: 8
Characteristics:
64-bit capable
Multi-Core
Hardware Thread
Execute Protection
Enhanced Virtualization
Power/Performance Control
Handle 0x0010, DMI type 18, 23 bytes
32-bit Memory Error Information
Type: OK
Granularity: Unknown
Operation: Unknown
Vendor Syndrome: Unknown
Memory Array Address: Unknown
Device Address: Unknown
Resolution: Unknown
Handle 0x0011, DMI type 17, 40 bytes
Memory Device
Array Handle: 0x000A
Error Information Handle: 0x0010
Total Width: 64 bits
Data Width: 64 bits
Size: 8 GB
Form Factor: DIMM
Set: None
Locator: DIMM 0
Bank Locator: P0 CHANNEL A
Type: DDR4
Type Detail: Synchronous Unbuffered (Unregistered)
Speed: 2667 MT/s
Manufacturer: A-DATA Technology
Serial Number: 84D30100
Asset Tag: Not Specified
Part Number:
Rank: 1
Configured Memory Speed: 2667 MT/s
Minimum Voltage: 1.2 V
Maximum Voltage: 1.2 V
Configured Voltage: 1.2 V
Handle 0x0012, DMI type 20, 35 bytes
Memory Device Mapped Address
Starting Address: 0x00000000000
Ending Address: 0x003FFFFFFFF
Range Size: 16 GB
Physical Device Handle: 0x0011
Memory Array Mapped Address Handle: 0x000B
Partition Row Position: Unknown
Interleave Position: Unknown
Interleaved Data Depth: Unknown
Handle 0x0013, DMI type 18, 23 bytes
32-bit Memory Error Information
Type: OK
Granularity: Unknown
Operation: Unknown
Vendor Syndrome: Unknown
Memory Array Address: Unknown
Device Address: Unknown
Resolution: Unknown
Handle 0x0014, DMI type 17, 40 bytes
Memory Device
Array Handle: 0x000A
Error Information Handle: 0x0013
Total Width: 64 bits
Data Width: 64 bits
Size: 8 GB
Form Factor: DIMM
Set: None
Locator: DIMM 0
Bank Locator: P0 CHANNEL B
Type: DDR4
Type Detail: Synchronous Unbuffered (Unregistered)
Speed: 2667 MT/s
Manufacturer: A-DATA Technology
Serial Number: 71D30100
Asset Tag: Not Specified
Part Number:
Rank: 1
Configured Memory Speed: 2667 MT/s
Minimum Voltage: 1.2 V
Maximum Voltage: 1.2 V
Configured Voltage: 1.2 V
Handle 0x0015, DMI type 20, 35 bytes
Memory Device Mapped Address
Starting Address: 0x00000000000
Ending Address: 0x003FFFFFFFF
Range Size: 16 GB
Physical Device Handle: 0x0014
Memory Array Mapped Address Handle: 0x000B
Partition Row Position: Unknown
Interleave Position: Unknown
Interleaved Data Depth: Unknown
Handle 0x0016, DMI type 13, 22 bytes
BIOS Language Information
Language Description Format: Long
Installable Languages: 1
en|US|iso8859-1
Currently Installed Language: en|US|iso8859-1
Handle 0x0017, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J2304/J2300
Internal Connector Type: None
External Reference Designator: Keyboard
External Connector Type: PS/2
Port Type: Keyboard Port
Handle 0x0018, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J3811
Internal Connector Type: None
External Reference Designator: Touch pad
External Connector Type: PS/2
Port Type: Mouse Port
Handle 0x0019, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J1504
Internal Connector Type: None
External Reference Designator: USB 3.0
External Connector Type: Access Bus (USB)
Port Type: USB
Handle 0x001A, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J1500
Internal Connector Type: None
External Reference Designator: USB 3.1
External Connector Type: Access Bus (USB)
Port Type: USB
Handle 0x001B, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J1502
Internal Connector Type: None
External Reference Designator: USB 3.1
External Connector Type: Access Bus (USB)
Port Type: USB
Handle 0x001C, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J1501
Internal Connector Type: None
External Reference Designator: USB 3.1 Type-C
External Connector Type: Access Bus (USB)
Port Type: USB
Handle 0x001D, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J1503
Internal Connector Type: None
External Reference Designator: USB 3.1 Type-C
External Connector Type: Access Bus (USB)
Port Type: USB
Handle 0x001E, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J1300
Internal Connector Type: None
External Reference Designator: Network
External Connector Type: RJ-45
Port Type: Network Port
Handle 0x001F, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J1701
Internal Connector Type: SAS/SATA Plug Receptacle
External Reference Designator: Sata HDD
External Connector Type: None
Port Type: SATA
Handle 0x0020, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J1703
Internal Connector Type: SAS/SATA Plug Receptacle
External Reference Designator: Sata ODD
External Connector Type: None
Port Type: SATA
Handle 0x0021, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J1101
Internal Connector Type: None
External Reference Designator: DP0
External Connector Type: None
Port Type: Video Port
Handle 0x0022, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J1100
Internal Connector Type: None
External Reference Designator: DP1
External Connector Type: None
Port Type: Video Port
Handle 0x0023, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J2103
Internal Connector Type: None
External Reference Designator: Microphone
External Connector Type: Mini Jack (headphones)
Port Type: Audio Port
Handle 0x0024, DMI type 8, 9 bytes
Port Connector Information
Internal Reference Designator: J2105
Internal Connector Type: None
External Reference Designator: Headphone
External Connector Type: Mini Jack (headphones)
Port Type: Audio Port
Handle 0x0025, DMI type 9, 17 bytes
System Slot Information
Designation: J3604
Type: PCI Express x8
Data Bus Width: 8x or x8
Current Usage: In Use
Length: Short
ID: 1
Characteristics:
3.3 V is provided
PME signal is supported
Hot-plug devices are supported
Bus Address: 0000:00:01.1
Handle 0x0026, DMI type 9, 17 bytes
System Slot Information
Designation: J3711
Type: M.2 Socket 1-SD
Data Bus Width: 1x or x1
Current Usage: In Use
Length: Short
Characteristics:
3.3 V is provided
PME signal is supported
Hot-plug devices are supported
Bus Address: 0000:00:01.2
Handle 0x0027, DMI type 41, 11 bytes
Onboard Device
Reference Designation: Onboard LAN Brodcom
Type: Ethernet
Status: Disabled
Type Instance: 1
Bus Address: 0000:00:00.3
Handle 0x0028, DMI type 41, 11 bytes
Onboard Device
Reference Designation: HD Audio Controller
Type: Sound
Status: Enabled
Type Instance: 1
Bus Address: 0000:03:00.6
Handle 0x0029
OPNsense does not support integrated switches. You might have better luck with OpenWRT.
Yup, the switch and crypto devices are one - a Cavium (now Marvell) Octeon TX (CN83XX). Brief (https://www.marvell.com/content/dam/marvell/en/public-collateral/embedded-processors/marvell-infrastructure-processors-octeon-tx-cn82xx-cn83xx-com-product-brief_2019.pdf). (Not a switch; more of a network processor.)
Looks like there is some Linux and DPDK support - Patrick's OpenWRT suggestion is good, but considering your boot test did not see the Octeon, you'd probably need a custom image. Marvell apparently has released Linux and DPDK drivers, but I can't find a pre-built package/distro. You may have better luck. If you're a braver man than I, there's VPP (i.e. a custom build), but it makes a lousy firewall (or did the last time I looked at it).
It's a real shame.
I have also opened a thread in the OpenWrt forum and tried a bit more with it, but so far without success.
At least I was able to find out what the 4GB RAM stick is for with the data sheet of the network chip.
It belongs to the Marvell chip.
I have not found any drivers either.
I don't really want to play with cusome builds that could possibly degrade the firewall quality.
The device should be connected to a normal Internet connection. If the firewall then doesn't work properly, that wouldn't be "optimal" ;)
Here we can only hope that someone finds the thread by chance and happens to have the solution/driver "somewhere".