"Recent posts
#1
Hardware and Performance / Re: [solved] Intel i226 Firmwa...
Last post by BrandyWine - Today at 05:37:09 PMQuote from: nero355 on Today at 03:58:48 PMI am curious :
Did you contact Protectli first and tried to get the update from them directly ?
If so : What did they say ?
I am more curious as to why the vendors do not have readily available updates for download. There maybe a mix/match issue with driver vs nvm, but a newer nvm should be a-ok to run with "not the latest driver", which usually means kernel build.
#2
German - Deutsch / Re: gateway_alert packet loss ...
Last post by Sofasurfer - Today at 05:28:58 PMBe(r)ichte: eigene Selberschuld - gelöst!
Ursache: es liefen lokal zwei OPNsense Instanzen, die sich eben um die WANs stritten und es so zu den Monitorereignissen/Verbindungsverlusten kam.
Fazit: die Firmware 26.1.8_5 ist diesbezüglich sauber und fehlerfrei.
Die Admins mögen entscheiden, ob der gesamte Thread gelöscht wird (ich wäre nicht böse) oder als Erfahrung stehen gelassen und - als gelöst - gekennzeichnet wird.
Sorry für die Aufregung.
Ursache: es liefen lokal zwei OPNsense Instanzen, die sich eben um die WANs stritten und es so zu den Monitorereignissen/Verbindungsverlusten kam.
Fazit: die Firmware 26.1.8_5 ist diesbezüglich sauber und fehlerfrei.
Die Admins mögen entscheiden, ob der gesamte Thread gelöscht wird (ich wäre nicht böse) oder als Erfahrung stehen gelassen und - als gelöst - gekennzeichnet wird.
Sorry für die Aufregung.
#3
26.1, 26,4 Series / Re: How to pin a Host to a Gat...
Last post by zartoz - Today at 05:13:53 PMI do have GW Monitoring on and LTE is live. I can swap the Gateways in the failover with Tiering successfully but I cannot force a single host over one specific GW in the WAN Group.
#4
26.1, 26,4 Series / Re: Wireguard issue
Last post by Monju0525 - Today at 05:12:48 PMWindscribe AI chat provided the answer.
"Yeah, you nailed it — the name change is what's biting you here. The New York – Empire location used to use different endpoint hostnames that recently got updated during our infrastructure refresh. The newer naming convention (whiskergalaxy.com) replaced the older one, so your old config references a domain that's no longer resolving.
Here's how to fix it:
Go to the Config Generator.
Re‑generate a fresh WireGuard config for New York – Empire — don't reuse the old one."
"Yeah, you nailed it — the name change is what's biting you here. The New York – Empire location used to use different endpoint hostnames that recently got updated during our infrastructure refresh. The newer naming convention (whiskergalaxy.com) replaced the older one, so your old config references a domain that's no longer resolving.
Here's how to fix it:
Go to the Config Generator.
Re‑generate a fresh WireGuard config for New York – Empire — don't reuse the old one."
#5
26.1, 26,4 Series / Re: Intermittent upload collap...
Last post by meyergru - Today at 04:21:17 PMDid you try disabling the traffic shaping? Depending on how you configure that, it can have detrimental effects.
Also, sometimes, the I226 are known to freeze when powersaving is enabled, so you should probably disable ASPM.
Also, sometimes, the I226 are known to freeze when powersaving is enabled, so you should probably disable ASPM.
#6
General Discussion / Re: Kernel panic loading mlx4e...
Last post by nero355 - Today at 04:14:45 PMQuote from: meyergru on Today at 04:04:48 PMRealtek NICs aren't, either. And see how well they work.IMHO that's a totally different category of hardware :
RealTek = Consumer Level
Mellanox = Workstation/Server/Enterprise Level
QuoteBasically, anything apart from Intel hardware could be called "exotic".Hmm... OK... but Broadcom a.k.a. LSI a.k.a. Marvell hardware isn't exactly a small part of the market either ?!
I can live with RealTek and Aquantia not being supported as they should be from the manufacturer in FreeBSD but the above stuff needs to 'Just work!' at all times...
QuoteBut if it works fine under virtualisation according to your experience, then maybe you can help the OP?Unfortunately my short VT-D experiments never got to meet any i226 NICs (or any earlier models from the same series) and were mostly done with LSI HBAs and the older Dual/Quad Port 1 Gbps Intel NICs :)
#7
General Discussion / Re: Kernel panic loading mlx4e...
Last post by meyergru - Today at 04:04:48 PMRealtek NICs aren't, either. And see how well they work.
Basically, anything apart from Intel hardware could be called "exotic". But if it works fine under virtualisation according to your experience, then maybe you can help the OP?
Basically, anything apart from Intel hardware could be called "exotic". But if it works fine under virtualisation according to your experience, then maybe you can help the OP?
#8
26.1, 26,4 Series / Re: Outgoing Ping not working
Last post by xenon2008 - Today at 04:04:03 PMFound it =)
It was a Rule from IPS (SID: 2100408 ICMP Echo Reply) - Set it to Alarm only & now it works again
It was a Rule from IPS (SID: 2100408 ICMP Echo Reply) - Set it to Alarm only & now it works again
#9
Hardware and Performance / Re: [solved] Intel i226 Firmwa...
Last post by nero355 - Today at 03:58:48 PMQuote from: ajohn on Today at 03:30:45 PMCan report success on a Protectli v1410! I downloaded the 1MB firmware from the BillyCurtis github page and extracted the freebsd nvmeupdate64e executable from a recent firmware update from the intel website (used intel 830 series firmware update package).I am curious :
Did you contact Protectli first and tried to get the update from them directly ?
If so : What did they say ?
#10
General Discussion / Re: How to switch LAN (mgmt in...
Last post by nero355 - Today at 03:49:32 PMQuote from: alto on Today at 09:44:41 AMI currently have my management interface (igb0) connected with copper cat6 to my switch, this is also the parent interface of all my vlans.You should split that up to two seperate interfaces :
- Management Interface
- Empty Interface with all VLANs on it.
QuoteI want to change this to run over sfp+ though, i.e. to use interface ax0 instead.Think about what you need and what you are doing and you will probably come up with something like this : https://forum.opnsense.org/index.php?topic=51018.msg261070#msg261070
But what is the procedure to do this so that I don't completely lock myself out of the router if I change the management interface device from igb0 to ax0 and something doesn't work?
