Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - dugeem

Pages: [1]
Hardware / PC Engines apu2 experiences
« on: February 05, 2016, 09:36:59 pm »
Hello all,

Thought I'd start a dedicated thread on the apu2 for tips, comments and feedback.

PC Engines link to product page is

Board form factor is identical to alix and apu1 - although note that apu LAN port numbering is reversed from alix. A 12V/1.5A power supply is required.

There are currently two versions of BIOS:
  • standard version with mSata/Sata/USB boot support dated 160120, and
  • alternate version supporting SD card & USB boot dated 151106

My apu2b4 is running pfSense 2.2.6 with BIOS 160120 and a Toshiba mSata SSD. Previously was running an alix 2d13.

Upstream my apu2 has 2 WANs - a 34Mb/s HFC/DOCSIS service (IPv4 only) and a 10Mb/s DSL line (IPv4 & IPv6). The Alix could manage this bandwidth okay but throw in incoming requests to a NTP pool server (~2k - 20k states) and the memory was getting tight.

Dmesg output:

Code: [Select]
Copyright (c) 1992-2014 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 10.1-RELEASE-p25 #0 c39b63e(releng/10.1)-dirty: Tue Dec 22 16:57:00 CST 2015
    root@pfs22-amd64-builder:/usr/obj.RELENG_2_2.amd64/usr/pfSensesrc/src.RELENG_2_2/sys/pfSense_SMP.10 amd64
FreeBSD clang version 3.4.1 (tags/RELEASE_34/dot1-final 208032) 20140512
CPU: AMD GX-412TC SOC                                (998.15-MHz K8-class CPU)
  Origin = "AuthenticAMD"  Id = 0x730f01  Family = 0x16  Model = 0x30  Stepping = 1
  AMD Features=0x2e500800<SYSCALL,NX,MMX+,FFXSR,Page1GB,RDTSCP,LM>
  Structured Extended Features=0x8<BMI1>
  TSC: P-state invariant, performance statistics
real memory  = 4815060992 (4592 MB)
avail memory = 4095557632 (3905 MB)
Event timer "LAPIC" quality 400
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
FreeBSD/SMP: 1 package(s) x 4 core(s)
 cpu0 (BSP): APIC ID:  0
 cpu1 (AP): APIC ID:  1
 cpu2 (AP): APIC ID:  2
 cpu3 (AP): APIC ID:  3
ioapic1: Changing APIC ID to 5
ioapic0 <Version 2.1> irqs 0-23 on motherboard
ioapic1 <Version 2.1> irqs 24-55 on motherboard
wlan: mac acl policy registered
random: <Software, Yarrow> initialized
module_register_init: MOD_LOAD (vesa, 0xffffffff80fc4290, 0) error 19
kbd0 at kbdmux0
cryptosoft0: <software crypto> on motherboard
padlock0: No ACE support.
acpi0: <CORE COREBOOT> on motherboard
acpi0: Power Button (fixed)
cpu0: <ACPI CPU> on acpi0
cpu1: <ACPI CPU> on acpi0
cpu2: <ACPI CPU> on acpi0
cpu3: <ACPI CPU> on acpi0
atrtc0: <AT realtime clock> port 0x70-0x71 irq 8 on acpi0
Event timer "RTC" frequency 32768 Hz quality 0
attimer0: <AT timer> port 0x40-0x43 irq 0 on acpi0
Timecounter "i8254" frequency 1193182 Hz quality 0
Event timer "i8254" frequency 1193182 Hz quality 100
hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff on acpi0
Timecounter "HPET" frequency 14318180 Hz quality 950
Timecounter "ACPI-safe" frequency 3579545 Hz quality 850
acpi_timer0: <32-bit timer at 3.579545MHz> port 0x818-0x81b on acpi0
acpi_button0: <Power Button> on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus> on pcib0
pcib1: <ACPI PCI-PCI bridge> at device 2.2 on pci0
pcib1: failed to allocate initial I/O port window: 0x1000-0x1fff
pci1: <ACPI PCI bus> on pcib1
igb0: <Intel(R) PRO/1000 Network Connection version - 2.4.0> mem 0xfe600000-0xfe61ffff,0xfe620000-0xfe623fff at device 0.0 on pci1
igb0: Using MSIX interrupts with 5 vectors
igb0: Ethernet address: 00:0d:b9:XX:YY:ZZ
igb0: Bound queue 0 to cpu 0
igb0: Bound queue 1 to cpu 1
igb0: Bound queue 2 to cpu 2
igb0: Bound queue 3 to cpu 3
pcib2: <ACPI PCI-PCI bridge> at device 2.3 on pci0
pci2: <ACPI PCI bus> on pcib2
igb1: <Intel(R) PRO/1000 Network Connection version - 2.4.0> port 0x2000-0x201f mem 0xfe700000-0xfe71ffff,0xfe720000-0xfe723fff at device 0.0 on pci2
igb1: Using MSIX interrupts with 5 vectors
igb1: Ethernet address: 00:0d:b9:XX:YY:ZZ
igb1: Bound queue 0 to cpu 0
igb1: Bound queue 1 to cpu 1
igb1: Bound queue 2 to cpu 2
igb1: Bound queue 3 to cpu 3
pcib3: <ACPI PCI-PCI bridge> at device 2.4 on pci0
pci3: <ACPI PCI bus> on pcib3
igb2: <Intel(R) PRO/1000 Network Connection version - 2.4.0> port 0x3000-0x301f mem 0xfe800000-0xfe81ffff,0xfe820000-0xfe823fff at device 0.0 on pci3
igb2: Using MSIX interrupts with 5 vectors
igb2: Ethernet address: 00:0d:b9:XX:YY:ZZ
igb2: Bound queue 0 to cpu 0
igb2: Bound queue 1 to cpu 1
igb2: Bound queue 2 to cpu 2
igb2: Bound queue 3 to cpu 3
pci0: <encrypt/decrypt> at device 8.0 (no driver attached)
xhci0: <XHCI (generic) USB 3.0 controller> mem 0xfeb22000-0xfeb23fff at device 16.0 on pci0
xhci0: 32 byte context size.
usbus0 on xhci0
ahci0: <AMD Hudson-2 AHCI SATA controller> port 0x4010-0x4017,0x4020-0x4023,0x4018-0x401f,0x4024-0x4027,0x4000-0x400f mem 0xfeb25000-0xfeb253ff at device 17.0 on pci0
ahci0: AHCI v1.30 with 2 6Gbps ports, Port Multiplier supported with FBS
ahcich0: <AHCI channel> at channel 0 on ahci0
ahcich1: <AHCI channel> at channel 1 on ahci0
ehci0: <EHCI (generic) USB 2.0 controller> mem 0xfeb25400-0xfeb254ff at device 19.0 on pci0
usbus1: EHCI version 1.0
usbus1 on ehci0
isab0: <PCI-ISA bridge> at device 20.3 on pci0
isa0: <ISA bus> on isab0
sdhci_pci0: <Generic SD HCI> mem 0xfeb25500-0xfeb255ff at device 20.7 on pci0
sdhci_pci0: 1 slot(s) allocated
uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
uart0: console (115200,n,8,1)
orm0: <ISA Option ROMs> at iomem 0xc0000-0xc0fff,0xef000-0xeffff on isa0
ppc0: cannot reserve I/O port range
uart1: <16550 or compatible> at port 0x2f8-0x2ff irq 3 on isa0
hwpstate0: <Cool`n'Quiet 2.0> on cpu0
Timecounters tick every 1.000 msec
IPsec: Initialized Security Association Processing.
random: unblocking device.
usbus0: 5.0Gbps Super Speed USB v3.0
usbus1: 480Mbps High Speed USB v2.0
ugen0.1: <0x1022> at usbus0
uhub0: <0x1022 XHCI root HUB, class 9/0, rev 3.00/1.00, addr 1> on usbus0
ugen1.1: <AMD> at usbus1
uhub1: <AMD EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus1
uhub0: 4 ports with 4 removable, self powered
uhub1: 2 ports with 2 removable, self powered
ugen1.2: <vendor 0x0438> at usbus1
uhub2: <vendor 0x0438 product 0x7900, class 9/0, rev 2.00/0.18, addr 2> on usbus1
uhub2: 4 ports with 4 removable, self powered
ada0 at ahcich0 bus 0 scbus0 target 0 lun 0
ada0: <TOSHIBA THNSNJ128GMCU JUT10101> ATA-9 SATA 3.x device
ada0: Serial Number 64BAXXXXXXXX
ada0: 600.000MB/s transfers (SATA 3.x, UDMA5, PIO 8192bytes)
ada0: Command Queueing enabled
ada0: 122104MB (250069680 512 byte sectors: 16H 63S/T 16383C)
ada0: Previously was known as ad4
SMP: AP CPU #1 Launched!
SMP: AP CPU #3 Launched!
SMP: AP CPU #2 Launched!
Timecounter "TSC" frequency 998149610 Hz quality 1000
Trying to mount root from ufs:/dev/ufsid/56ab799e3048e296 [rw]...
padlock0: No ACE support.
aesni0: <AES-CBC,AES-XTS,AES-GCM> on motherboard
igb1: link state changed to UP
ng0: changing name to 'pppoe1'
igb2: link state changed to UP
igb0: link state changed to UP
tun1: changing name to 'ovpns1'
pflog0: promiscuous mode enabled
ovpns1: link state changed to UP

OpenVPN / OpenVPN dropouts every 30 mins with IPv6
« on: September 03, 2014, 03:51:39 am »
For those people experiencing frequent dropouts with OpenVPN server running on a pfSense box with IPv6 enabled, a fix was previously documented in

NB The dropouts will occur even if OpenVPN server is only configured for IPv4.

Note that there are 2 parts to the fix:

  • First part relates to IPv4 script /etc/rc.newwanip - this fix is rolled into 2.1.4 and later.
  • Second part relates to IPv6 script /etc/rc.newwanipv6... But appears to be awaiting review (despite ticket being marked Resolved).

In the meantime it is easy to apply the fix and stop the dropouts.

Perhaps someone could reassign the ticket for review & integration into future release(s)?


Pages: [1]