Messages

It looks like C5000 series is too new for FreeBSD13/14. SATA & USB drivers are not there yet.

I've managed to boot it with FreeBSD 15 CURRENT. All hardware present and accounted for.

Just letting you know, maybe other people will have a similar issue.

You may want to open a bug with FreeBSD

https://forum.netgate.com/topic/185777/installing-booting-on-sys-e200-12a-8c

Yes, it seems it's a FreeBSD 14 issue. I managed to replicate same behavior with pfSense, OPNSense and FreeBSD14 :(

Hi,

I am trying to install OPNSense 2.37 img or iso on a supermicro SYS-E200-12A-8C, after booting i am receiving the following error and hangs (not keyboard no mouse, needs hard reset):
https://ibb.co/1YCFTXw
Tried with USB2 and 3 sticks, as well as very old ones, about 6 or 7. The server only has USB3 ports. Secureboot is disabled.

Any pointers?

Sorry but that is not an option. The modules is installed in a server:
https://www.supermicro.com/en/products/system/1u/5019/SYS-5019D-FN8TP.cfm
I cannot occupy any other space in that communication rack, so it has to be an M.2 B-Key 4G/LTE module that IS supported.

The funny thing is that ME906s-158 could be supported if you add vendor_id & hardware_id to two different files related to u3g. Afterwards it just works.

Hello OPNSense community,

As mentioned here: https://forum.opnsense.org/index.php?topic=18309.0
I've managed to get ME906s-158 recognized and functional by adding the vendor&device ids to the proper files in
FreeBSD 12.1-p7. Info here: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231909

As I've installed OPNSense 20.7 I've saw that u3g is compiled within kernel (not available as a loadable module).
Give this development can anyone let me know what will happed if I replace the kernel (as I will need to recompile a new kernel on a HardenedBSD 12.1-p7 install) to get this working?

Is there any way to get the module installed as a plugin/patch?

Is there any other smarter way to get this working that I did not mentioned?

Thanks and regards!

I hope this is in the right thread; apologies if not.

I have a friend that has a mesh router and he's connected all of his devices to it (IoT and computers/iPads/etc.).  He wants to separate IoT devices from his home devices; however, his Mesh router will not allow for multiple VLANs or SSID's.  I'm thinking we could put his Mesh Network into AP mode, put his IoT devices on the 2.4GHz network and all of his home devices onto the 5GHz network. 

There's still the problem of separating the devices.  Is it possible in OPNsense to separate the devices into DCHP pools or different VLANs by MAC address?  E.g. if the MAC addresses are X, Y and Z, put on this DHCP pool (or VLAN); all else defaults to the other DHCP pool (or VLAN)?  Then, have firewall rules so that one set of devices cannot talk to the other?  (Bonus question: can we set it up that the IoT devices can only talk to the internet and not each other?)

I'm only thinking DHCP pools or VLANs because I'm most familiar with those.  If there are other alternative methods, I'm definitely open to them - all I ask is be patient with me as I ask more noobish questions.   :)

Thanks.

—EDIT— I think I just figured it out: static IP mappings by MAC address. Would that work?

The proper way to do this is to assign SSIDs to specific VLANs this way separating traffic and networks, run separate DHCP servers from OPNSense on those VLANs each with their own MAC/IP reservations which will be available for you to make through GUI. Afterwards if you want to have some kind of communication between those networks you will need mDNS/Avahi. Good luck!

Hi,

Does "tested on FreeBSD 12.1" mean the patches were tested or that 12.1 fixed the problem?


Cheers,
Franco

Hey Franco,

Can be done? Maybe via a patch applied as a plugin/module or something?

Thanks!

After changes...

FreeBSD

Code Select Expand


root@gw:~ # freebsd-version
12.1-RELEASE-p7


dmesg

Code Select Expand


u3g0 numa-domain 0 on uhub2
u3g0: <HP lt4132 LTE/HSPA+ 4G Module> on usbus0
u3g0: Found 5 ports.


root@gw:~ # cu -l /dev/cuaU0.0

Code Select Expand


ATI
Manufacturer: HP Inc.
Model: ME906s-158
Revision: 12.617.23.00.00
IMEI: 356758101748492
+GCAP: +CGSM,+DS,+ES
OK

AT+COPS?
+COPS: 0,0,"Vodafone RO",7

OK


Hi,

I've fetched the src tree, modified the files, recompiled and big surprise usb virtual ports appeared in /dev and are working.

The problem is not yet fixed in 12.1 release. I've tested with 12.1-R-P7.

Cheers!

Hello Opnsense Community,

As we are progressing into future with new slot formats for 4G cards, there are a lot of Huawei compatible devices that will work if proper vendor/device id could be added to u3g.

So could anyone add the info from here to next version of opnsense?
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231909
https://bugs.freebsd.org/bugzilla/attachment.cgi?bugid=231909&action=viewall

Tested and working on FreeBSD 12.1.

Cheers!

Here are some results from my 10G lab.
I also tested with untuned OPN and 40G cards from Chelsio which gave me around 22Gbit without NAT.

If you don't need netmap support you can enable hardware offloading which should bring you to wirespeed (if CPU permits)

You wanted to give a link to something?

I cant repeat myself often enough. Never ever use iperf in the Firewall itself. A real lab consits of two Firewalls and two clients behind. I did extensive testing .. also with 40g cards and also all kinds of VPNs.
Somewhere on my page I posted the results.

I did not had the time, but I have 2 nodes with 8600K cpus and 10G Supermicro/Intel NICs and I will use them as packet generator and packet sink to test routing/nat performance and I will post back.

I can confirm right now that disabling hyperthreading and modifying interrupt harvest mask to 351 improves performance a bit. This kind of basic tuning should be provided OOTB in a router product ... just my 2 cents here ...

Same thing with FreeBSD 12.1-RELEASE installed:

Code Select Expand

iperf-3.1.3-win64>iperf3 -c 192.168.1.138
Connecting to host 192.168.1.138, port 5201
[  4] local 192.168.1.99 port 62735 connected to 192.168.1.138 port 5201
[ ID] Interval           Transfer     Bandwidth
[  4]   0.00-1.00   sec   446 MBytes  3.74 Gbits/sec
[  4]   1.00-2.00   sec   454 MBytes  3.81 Gbits/sec
[  4]   2.00-3.00   sec   456 MBytes  3.82 Gbits/sec
[  4]   3.00-4.00   sec   459 MBytes  3.85 Gbits/sec
[  4]   4.00-5.00   sec   468 MBytes  3.93 Gbits/sec
[  4]   5.00-6.00   sec   464 MBytes  3.89 Gbits/sec
[  4]   6.00-7.00   sec   461 MBytes  3.87 Gbits/sec
[  4]   7.00-8.00   sec   460 MBytes  3.86 Gbits/sec
[  4]   8.00-9.00   sec   465 MBytes  3.90 Gbits/sec
[  4]   9.00-10.00  sec   464 MBytes  3.89 Gbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth
[  4]   0.00-10.00  sec  4.49 GBytes  3.86 Gbits/sec                  sender
[  4]   0.00-10.00  sec  4.49 GBytes  3.86 Gbits/sec                  receiver

iperf Done.

iperf3 -c 192.168.1.138 -R
Connecting to host 192.168.1.138, port 5201
Reverse mode, remote host 192.168.1.138 is sending
[  4] local 192.168.1.99 port 62747 connected to 192.168.1.138 port 5201
[ ID] Interval           Transfer     Bandwidth
[  4]   0.00-1.00   sec   795 MBytes  6.67 Gbits/sec
[  4]   1.00-2.00   sec   844 MBytes  7.08 Gbits/sec
[  4]   2.00-3.00   sec   849 MBytes  7.13 Gbits/sec
[  4]   3.00-4.00   sec   851 MBytes  7.14 Gbits/sec
[  4]   4.00-5.00   sec   854 MBytes  7.16 Gbits/sec
[  4]   5.00-6.00   sec   854 MBytes  7.17 Gbits/sec
[  4]   6.00-7.00   sec   851 MBytes  7.14 Gbits/sec
[  4]   7.00-8.00   sec   851 MBytes  7.14 Gbits/sec
[  4]   8.00-9.00   sec   857 MBytes  7.19 Gbits/sec
[  4]   9.00-10.00  sec   850 MBytes  7.13 Gbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth       Retr
[  4]   0.00-10.00  sec  8.26 GBytes  7.09 Gbits/sec    0             sender
[  4]   0.00-10.00  sec  8.26 GBytes  7.09 Gbits/sec                  receiver

iperf Done.

Same hardware & switching config with pfSense 2.4.5-RELEASE-P1:

Code Select Expand

iperf-3.1.3-win64>iperf3 -c 192.168.1.138
Connecting to host 192.168.1.138, port 5201
[  4] local 192.168.1.99 port 59913 connected to 192.168.1.138 port 5201
[ ID] Interval           Transfer     Bandwidth
[  4]   0.00-1.00   sec   355 MBytes  2.97 Gbits/sec
[  4]   1.00-2.00   sec   368 MBytes  3.09 Gbits/sec
[  4]   2.00-3.00   sec   376 MBytes  3.16 Gbits/sec
[  4]   3.00-4.00   sec   379 MBytes  3.18 Gbits/sec
[  4]   4.00-5.00   sec   374 MBytes  3.14 Gbits/sec
[  4]   5.00-6.00   sec   376 MBytes  3.15 Gbits/sec
[  4]   6.00-7.00   sec   373 MBytes  3.13 Gbits/sec
[  4]   7.00-8.00   sec   376 MBytes  3.16 Gbits/sec
[  4]   8.00-9.00   sec   371 MBytes  3.11 Gbits/sec
[  4]   9.00-10.00  sec   372 MBytes  3.12 Gbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth
[  4]   0.00-10.00  sec  3.63 GBytes  3.12 Gbits/sec                  sender
[  4]   0.00-10.00  sec  3.63 GBytes  3.12 Gbits/sec                  receiver

iperf Done.

iperf-3.1.3-win64>iperf3 -c 192.168.1.138 -R
Connecting to host 192.168.1.138, port 5201
Reverse mode, remote host 192.168.1.138 is sending
[  4] local 192.168.1.99 port 59954 connected to 192.168.1.138 port 5201
[ ID] Interval           Transfer     Bandwidth
[  4]   0.00-1.00   sec   559 MBytes  4.69 Gbits/sec
[  4]   1.00-2.00   sec   580 MBytes  4.87 Gbits/sec
[  4]   2.00-3.00   sec   583 MBytes  4.90 Gbits/sec
[  4]   3.00-4.00   sec   583 MBytes  4.89 Gbits/sec
[  4]   4.00-5.00   sec   582 MBytes  4.88 Gbits/sec
[  4]   5.00-6.00   sec   581 MBytes  4.88 Gbits/sec
[  4]   6.00-7.00   sec   583 MBytes  4.89 Gbits/sec
[  4]   7.00-8.00   sec   581 MBytes  4.88 Gbits/sec
[  4]   8.00-9.00   sec   580 MBytes  4.87 Gbits/sec
[  4]   9.00-10.00  sec   581 MBytes  4.87 Gbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth       Retr
[  4]   0.00-10.00  sec  5.66 GBytes  4.86 Gbits/sec    0             sender
[  4]   0.00-10.00  sec  5.66 GBytes  4.86 Gbits/sec                  receiver

iperf Done.

You are partially right. I wasnt expecting wire speed performance from a singe threaded application which runs on a cpu @ 2.0-2.3Ghz. But still the variance if way to big between different ports on same physical quad port 10G interface, not to raise some eyebrows.

Also I cannot explain the variance between reboots. This is screaming unreliable... at least for me. I will do some further testing involving also other OSes including vanilla FreeBSD 11 & 12.

I have to admit that I was expecting a nicer OOTB experience without hassles. With hassles and lot of work I know I can deploy and tune FBSD for almost wire speed 10G.

And no, the UBNT switch has nothing to do with it. I've used the same test to a freenas box with way better results....

Code Select Expand

iperf3 -c 192.168.1.254
Connecting to host 192.168.1.254, port 5201
[  4] local 192.168.1.99 port 59782 connected to 192.168.1.254 port 5201
[ ID] Interval           Transfer     Bandwidth
[  4]   0.00-1.00   sec   454 MBytes  3.81 Gbits/sec
[  4]   1.00-2.00   sec   478 MBytes  4.01 Gbits/sec
[  4]   2.00-3.00   sec   493 MBytes  4.13 Gbits/sec
[  4]   3.00-4.00   sec   497 MBytes  4.17 Gbits/sec
[  4]   4.00-5.00   sec   499 MBytes  4.18 Gbits/sec
[  4]   5.00-6.00   sec   495 MBytes  4.15 Gbits/sec
[  4]   6.00-7.00   sec   499 MBytes  4.19 Gbits/sec
[  4]   7.00-8.00   sec   497 MBytes  4.17 Gbits/sec
[  4]   8.00-9.00   sec   500 MBytes  4.19 Gbits/sec
[  4]   9.00-10.00  sec   498 MBytes  4.18 Gbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth
[  4]   0.00-10.00  sec  4.79 GBytes  4.12 Gbits/sec                  sender
[  4]   0.00-10.00  sec  4.79 GBytes  4.12 Gbits/sec                  receiver

iperf Done.

iperf-3.1.3-win64>iperf3 -c 192.168.1.254 -R
Connecting to host 192.168.1.254, port 5201
Reverse mode, remote host 192.168.1.254 is sending
[  4] local 192.168.1.99 port 59794 connected to 192.168.1.254 port 5201
[ ID] Interval           Transfer     Bandwidth
[  4]   0.00-1.00   sec   813 MBytes  6.82 Gbits/sec
[  4]   1.00-2.00   sec   858 MBytes  7.20 Gbits/sec
[  4]   2.00-3.00   sec   859 MBytes  7.21 Gbits/sec
[  4]   3.00-4.00   sec   859 MBytes  7.21 Gbits/sec
[  4]   4.00-5.00   sec   864 MBytes  7.25 Gbits/sec
[  4]   5.00-6.00   sec   862 MBytes  7.23 Gbits/sec
[  4]   6.00-7.00   sec   860 MBytes  7.21 Gbits/sec
[  4]   7.00-8.00   sec   860 MBytes  7.22 Gbits/sec
[  4]   8.00-9.00   sec   864 MBytes  7.25 Gbits/sec
[  4]   9.00-10.00  sec   865 MBytes  7.25 Gbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth       Retr
[  4]   0.00-10.00  sec  8.36 GBytes  7.18 Gbits/sec    0             sender
[  4]   0.00-10.00  sec  8.36 GBytes  7.18 Gbits/sec                  receiver

iperf Done.