Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - bnorris

Pages1
#1
23.7 Legacy Series / SFP "notices" in logs
December 10, 2023, 09:34:21 AM
Anyone got an idea what these messages are about?
Could it indicate a problem with the SFP module in ax0? ax1 is empty.
There's nothing relevant/related prior to these lines.

Device is DEC2750 running opnsense-business 23.4.2_4

Thanks!

Edit: I guess I should have posted this under "23.1 Legacy", sorry for that.

Code Select

2023-12-06T03:33:23 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure dns (execute task : unbound_configure_do())
2023-12-06T03:33:23 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure dns (execute task : dnsmasq_configure_do())
2023-12-06T03:33:23 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure dns ()
2023-12-06T03:33:23 Error opnsense-business /usr/local/etc/rc.linkup: The command '/bin/kill -'TERM' '81687'' returned exit code '1', the output was 'kill: 81687: No such process'
2023-12-06T03:33:23 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure dhcp (execute task : dhcpd_dhcp_configure())
2023-12-06T03:33:23 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure dhcp ()
2023-12-06T03:33:23 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure ipsec (execute task : ipsec_configure_do(,opt5))
2023-12-06T03:33:23 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure ipsec (,opt5)
2023-12-06T03:33:23 Notice opnsense-business /usr/local/etc/rc.linkup: ROUTING: entering configure using 'opt5'
2023-12-06T03:33:23 Notice opnsense-business /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for opt5(ax0)
2023-12-06T03:33:23 Notice kernel <6>ax0: link state changed to UP
2023-12-06T03:33:23 Notice kernel ax0: Link is UP - 1Gbps/Full - flow control off
2023-12-06T03:33:23 Notice kernel ax0:   serial number:  2232457000862
2023-12-06T03:33:23 Notice kernel ax0:   revision level: 1.0
2023-12-06T03:33:23 Notice kernel ax0:   part number:    TL-SM331T(UN)
2023-12-06T03:33:23 Notice kernel ax0:   vendor: TP-Link
2023-12-06T03:33:23 Notice kernel ax0: SFP detected:
2023-12-06T03:33:23 Notice kernel ax1: unable to obtain hardware mutexes
2023-12-06T03:33:23 Notice kernel ax0: unable to obtain hardware mutexes
2023-12-06T03:33:23 Notice kernel ax1: unable to obtain hardware mutexes
2023-12-06T03:33:23 Notice kernel ax0: unable to obtain hardware mutexes
2023-12-06T03:33:23 Notice kernel ax1: unable to obtain hardware mutexes
2023-12-06T03:33:23 Notice kernel ax0: unable to obtain hardware mutexes
2023-12-06T03:33:23 Notice kernel ax1: unable to obtain hardware mutexes
2023-12-06T03:33:23 Notice kernel ax0: unable to obtain hardware mutexes
2023-12-06T03:33:23 Notice kernel ax1: unable to obtain hardware mutexes
2023-12-06T03:33:23 Notice kernel ax0: unable to obtain hardware mutexes
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:23 Notice kernel ax1: I2C error setting SFP MUX
2023-12-06T03:33:23 Notice kernel ax1: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:02 Notice opnsense-business /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for opt5(ax0)
2023-12-06T03:33:02 Notice kernel <6>ax0: link state changed to DOWN
2023-12-06T03:33:02 Notice kernel ax0: Link is DOWN
2023-12-06T03:33:02 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:02 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:02 Notice kernel ax0: xgbe_phy_sfp_detect: eeprom read failed
2023-12-06T03:33:02 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:02 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
2023-12-06T03:33:02 Notice kernel ax0: I2C error setting SFP MUX
2023-12-06T03:33:02 Notice kernel ax0: xgbe_i2c_xfer: operation timed out
#2
23.7 Legacy Series / Re: OPNsense newbie, is this possible?
September 23, 2023, 11:17:08 PM
Good idea, thanks!
#3
23.7 Legacy Series / Re: OPNsense newbie, is this possible?
September 23, 2023, 11:00:50 PM
Quote from: Maurice on September 23, 2023, 10:28:50 PM
Yes, you can set outbound NAT to manual mode and then only create rules for the subnets / interfaces you actually want to NAT.

I see, but splitting the /27 into two subnets for WAN and LAN_public still works.

Gotcha, thanks for the clarification!
#4
23.7 Legacy Series / Re: OPNsense newbie, is this possible?
September 23, 2023, 11:00:09 PM
Thank you for the warning. I've been using Wireguard on Linux for about 2 years with zero issues (several endpoints and lots of peers). I did read online about the.. problematic background of its FreeBSD implementation, but I wasn't aware of the crashes. I see you mention it also causes HA/CARP issues, which makes it worse because the plan was to eventually have an OPNsense HA pair.
#5
23.7 Legacy Series / Re: OPNsense newbie, is this possible?
September 23, 2023, 10:17:01 PM
Thanks, I'll try it this way. NATing the iDRAC subnet is straightforward, yes. I wasn't sure it's possible to have NAT on igc2 without having it on igc1, too.

Note: I can't use 130 and 131, the ISP uses those for gateway VRRP.
#6
23.7 Legacy Series / OPNsense newbie, is this possible?
September 23, 2023, 08:50:06 PM
Hi all,

I'm building a server rack and thinking about using OPNsense as firewall in front of the servers (looking at a DEC2750)

I've attached a simplified diagram of the setup (there's more servers and a LAN but that's not important for what I'm asking).

What I want to achieve:
- firewall (filtering) functionality for all traffic
- public IP's on the servers for Internet access (no NAT)
- a private subnet for the servers' iDRAC/iLO interfaces and access them via a Wireguard endpoint on the OPNsense machine. NAT for access to firmware updates and stuff

I have a /27 from the ISP.

Can this be done? Thank you in advance for any replies.
Pages1