Messages

Hi Brandywine

I did download a Linux version of the Intel utility as the BSD one wouldn't run (duh). Appreciate your help on working through this but I expect this discussion should move to email as the MS-01 is not my OPNSense box and I shouldn't clutter up this forum with the non-relevant discussion.

Hi Brandywine

I'm away from the computer at the moment but I can do some poking around later in the day.

Only one of the NIC in the MS-01 is an i226-v and the box is running Linux.

I wasn't trying to touch the other NIC (i226-lm), just wanted to see if the 226-v might be an older firmware as per this message thread.

The Intel utility sees both of the 1226 adapters but reports that the memory is inaccessible for both. It provides full details on the two 10gb adapters which made me suspect that a BIOS setting has locked the 2.5gb ports.

Hi Meyergru

And you are correct.  No information anywhere. I poked around the Minisforum BIOS looking for any settings which might unlock access to the NIC.  I tried enabling the network stack setting which seemed to be the only thing NIC related in the BIOS (it has very limited and basic settings) and tried the Intel utility again and got the same results.

As the MS-01 has been working for a year without problems at this point I'm not going to worry about it.  Just thought as I had learned how to look at and update firmware I might as well take a look at what version was installed.

After successfully flashing my Lenovo box I remembered that one of the 2.5gb ports on my Minisforum MS-01 is an i226v. I ran the Intel flash utility in 'inventory' mode just to get a look at the firmware version and I got this in the log:

Warning: Cannot initialize port: [00:087:00:00] Intel(R) Ethernet Controller I226-V

Error:   The selected adapter (location:[87:00:00]) cannot be updated due to inaccessible device memory.
Update the device driver and reboot the system before running this utility again.
Consult the utility documentation for more information.

I'm going to poke around in the Minisforum BIOS to see if there's a setting there that's preventing access to the NIC.

Thanks to the information in this message thread I was able to update from the 2.17 firmware to the latest version.

Special thanks to Brandywine for the detective work in tracking down all of the files and information and to Yeraycito for posting all of his config files which helped me figure out what changes to make to mine when my first couple of attempts didn't work.

Once I had the config file corrected,  the flash was successful and after a reboot everything came up and is working fine.

Well this message is timely.

2 days ago I swapped my usual Protectli box with a Lenovo M700 tiny to which I had added an m.2 i226 based ethernet port.  Just checked firmware as per your message and mine has v2.17 firmware as well (see below).

[1] igc0: <Intel(R) Ethernet Controller I226-V> mem 0xdf100000-0xdf1fffff,0xdf200000-0xdf203fff irq 18 at device 0.0 on pci1
[1] igc0: EEPROM V2.17-0 eTrack 0x80000303

As it's working fine, I'm kinda reluctant to roll the dice on flashing new firmware.

I have a 2015 Sony TV running Android and shortly after installing Adguard Home I noticed that the Netflix and Vudu apps were connecting to domains (presumably sending telemetry) and my TV was contacting a Sony.net domain address also.  I blocked those with custom filtering rules in Adguard Home. Looking at my Adguard stats over the last 24 hours the TV has made over 5,000 connection attempts to reach Netflix and  I don't even have an active Netflix account.

Note: if you go this route you will probably need some firewall rules to force DNS queries through Adguard (or Pihole) as many embedded devices will use 8.8.8.8 effectively bypassing your Pihole or Adguard blockers unless you reroute DNS queries.  I also have 3 Roku devices and they do the same thing.

I use custom as my provider isn't on the drop-down list. Since yours is an available selection I'd stick with what you've got.  For server I think its just going to be dnsmadeeasy.com.  The username and password entries should go in the designated blanks. As I don't use your provider I'm not positive whether the record id is your domain name (but I suspect that it probably is) which means I'd put that value in the hostname field.

Did you create and save an entry on the Dynamic DNS settings page like screenshots below?

Did you enable it?
What do you see in the log?

Yes.  Add new lines to ddclient.conf with the dns made easy parameters outlined in the earlier message and (obviously) replace the placeholder labels with your real username password and whatever that record id parameter is.

Looking at the ddclient github site their master config file shows that it supports dns made easy (see required syntax below). 

## DNS Made Easy (https://dnsmadeeasy.com) ##
protocol=dnsmadeeasy,
login=your-account-email-address
password=your-generated-password
your-numeric-record-id-1,your-numeric-record-id-2,...


You may have to manually edit the ddclient.conf file located in the /usr/local/etc directory on your OPNsense box
to populate it with all of the required parameters.

Can't you just stop and restart the service from the Services: Dynamic DNS: Settings submenu?

I am running a similar setup using Adguard Home on a VM as my internal DNS server/adblocker. I used the info in the discussion at the link below to set everything up.

https://forum.opnsense.org/index.php?topic=22162

Maybe Clonezilla?