mellanox connectx-3 lan ips issues...

Started by beyondnoyeb, June 08, 2020, 05:35:29 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 08, 2020, 05:35:29 PM Last Edit: June 08, 2020, 05:37:03 PM by beyondnoyeb
Hey all,

Added in a mellanox connectx-3 into the mix and followed mimugmail's excellent guide for updating the firmware off the get go.  I'm running into a bit of a strange issue however; I've realized that if I have IPS turned on the LAN interface (promiscuous mode on) I lose ability to access anything across vlan's or out on the net.  I can access the LAN interface of opnsense, but that's it...

The method I went through to install / move vlans and Lan interface over:
Installed card
Added mlx4en_load="YES" to the /boot/loader.conf.local
Upgraded firmware
Went into interfaces / other types / vlans and changed the all of the vlan's over to interface mlxen0
Went to interfaces / assignments and changed LAN over to mlxen0
inserted cable, interface up.

Things I've tried for the hell of it; turned off promiscuous mode and that killed all connections; so I know that's not a fix ;). 

Does anyone use these cards with IPS turned on and have vlans?  I feel like i'm missing something simple here or that my method for moving the interfaces over wasn't right.   IPS was working fine when I was over on the copper gigabit Intel 350 NIC.

For the time being i've turned off IPS Mode but would like to have it back on for my LAN as I find it incredibly useful.

Thanks in advance for any guidance you can offer. 

EDIT: MODS: just realized I might should have put this in the IPS forum, please feel free to move it if so
June 09, 2020, 07:20:44 AM #1
Did you try promisc mode? And also the parent interface and not the vlans?
June 09, 2020, 03:40:48 PM #2
Yup, promisc mode is on and only selecting the main LAN interface. 

Does it work for you?  I can still hit the opnsense ip from the lan network, but no cross vlan work...

June 09, 2020, 04:55:12 PM #3
Currently I have no device with a MLNX card around to test this.
June 09, 2020, 10:54:34 PM #4
Do you have any 10g cards that you are currently using and can verify work with IPS?  I'm going to first try a fresh install just in case there is something wonky causing the issue; but if that doesn't fix it, I'll be in the market for another brand I guess :/
July 12, 2020, 11:46:45 AM #5
hi!
same issues!
vlan filter disabled and tso and co disabled then seems to work ...
Print
Go Up Pages1
User actions