Messages

!

All three of these cards are in the Intel Pro/1000 Dual Port product group. As expected the IBM (Pro/1000 GT Dual Port) is a major upgrade and worth the money for sure.

The original is the Pro/1000 PT Dual Port. It looks so much like the HP version it's amazing. Though the HP is labeled HP NC360T it is listed as an Intel PT. However, there is a huge difference in performance and processor loading between the Intel Pro/1000 PT Dual Port and the HP NC360T. Did I mention, huge difference.

CPU usage with the generic PT Dual Port never went below 25%, ever. And would stay pinned at 100% under heavy loads. The NC360T at quiescence rumbles about hitting 3% once in a while. Beating the ever living daylights out it (running drivers from HP) it barely hits 40%!

Yes I am impressed.

They sure can cause trouble. Particularly when idiots like me load the wrong version. The Intel folks I spoke to said they try to keep the OS developers up to date with drivers, but firmware updates in hardware is another issue. Those updates need to come from hardware manufacturers.

My HP and IBM cards arrived. I will post my findings later. The IBM currently has an old 10/100 NIC, so I'm sure that one will show major throughput improvements. My HP is getting a card that looks like the one I will remove, except for the silk screening and labels. I'll post a photo later.

It did. However, I discovered the problem by following a lead on a BSD forum. As it turns out Intel produces a rather large number of cards within the product line "Pro/1000." There is a significant difference between those classified and label as "Server" verses "Desktop/Workstation." Both have have single, dual and quad configurations and look close to identical.

In the case of the dual -- as far as I can tell -- the only visible difference is in the silk screened labeling. But the boot agents and drivers are not the same. And I had downloaded a driver set that didn't say which flavor it was for and updated with them. Once getting the correct software all was back to normal.

Also note that Intel OEM's the Pro/1000 for many computer manufacturers, HP, Dell and many others. In speaking with Intel they claimed that if you are using a Brand Named "Workstation" you will enjoy improved performance and stability by using the OEM labeled Pro/1000 over the plain Pro/1000 by getting the drivers off your brand's support site. Some OEM version are available on Amazon.com.

PS: I ordered a HP version Pro/1000 for my HP system and an IBM version Pro/1000 for my very old RS-6000 RISC system; from Amazon.com. Will let you know if the difference is worth considering.

So as soon Suricata is enabled and the load gets heavy it crashes. On reboot I get "PXE: PCI Vendor and device ID do not match" Intel say to update the boot agent. I updated the boot agent and still the same issue is present. Only after the load gets heavy enough to begin dragging down my bandwidth though. With Suricata disabled this error does not occur.

Did the last Suricata update (4.0.4) get delivered with 18.7.a_264?

Both, in bridge mode. Log files on my edge router show ferocious levels of port scans and Ident requests. Will do some tweaking for sure and add drops on port scans.

FreeBSD posts say it's either an ISP mode or NIC overrun. Said to be a known issue with Realtek e1000 based cards.

Thank you!

Since updating to dev 18.7.a_264 (amd64/LibreSSL) I am experiencing sudden crashes and core dumps are empty (very strange) .

All instances begin with "nm_txsync_prologue em1 TX0 kring error:"

Any ides what does this?

Edit: em1 = WAN

Is there a way to select multiple rules and change them all, as a group, from Alert to Drop without having to change them one at a time? Such as, there are 302 netbios rules I want to change to drop. That will take an hour or more to do manually. Likewise with our groupings; malware, OSX, etc.

Roger that.

Yes, I did. Then updated from b_199 to b_273 and rebooted again. My process monitoring show a nice tight core in b_273. I'm sure it can take a beating and keep on ticking. Well done.

In 18.1.b_273 there is no longer a "Dynamic View" that can block or pass an address on the fly. Plus all the rules, except for the anti-lockout say, "let out anything from firewall host itself"

Saw attempted DDOS attack. The system held, no HBSD SEGVGUARD error. Although filterdns dumped to the console screen.

Updating to b_273 and will wait for next attack.

Switched to opnsense-devel. Much improved filter stability.

Now running LibreSSL, showed marked improvement in system wide performance when using high level cryptography. No loss of GUI accessibility.