Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Veldkornet

Pages: [1] 2 3
Hardware / Re: PC Engines apu2 experiences
« on: March 07, 2018, 08:22:45 am »
On a sidenote, does anyone else have 2x haproxy services?
I havn't seen that should only have the lowercase 'haproxy' service.. Probably need to edit the config.xml to remove the wrong service tag.. (backup>edit>restore)or the more tricky:(edit /conf/config.xml,delete /tmp/config.cache) just make sure to keep the xml format valid..

Thanks! :)

Hardware / Re: PC Engines apu2 experiences
« on: March 07, 2018, 08:18:31 am »
Mine still says PC Engines APU2 after the update to 2.3.4.

Yeah, mine did too. I more meant after the latest firmware update.

Can you post the output of

Code: [Select]
/bin/kenv -q smbios.system.product
/bin/kenv -q smbios.system.maker

with the 4.0.7 FW.

FYI, This has changed again.... below the output from firmware 4.6.1:

/bin/kenv -q smbios.system.product -> PC Engines apu2
/bin/kenv -q smbios.system.maker -> PC Engines

Hardware / Re: PC Engines apu2 experiences
« on: March 07, 2018, 02:31:38 am »
FYI, anyone updating to the 4.5.x or 4.6.x mainline firmware (, you need to edit the /boot/loader.conf and add the following:


Otherwise it reboots every 4-5 hours.

The rest of the items that they mention here were all already added on my system by default.

I'm now running 4.6.1 without any problems.

Hardware / Re: PC Engines apu2 experiences
« on: February 08, 2018, 02:45:40 pm »
Well, I decided to have a look at these LED's. Installed the driver, LED's work.
During boot, the LED's all dance, and if I install the gwled package, they show the gateway status. Wonderful :)

Only, I noticed that gwled has a service, but doesn't start... it's annoying. Is this normal? See attachment. (On a sidenote, does anyone else 2x haproxy services?).

Secondly, I noticed the following in the my /var/log/dmesg.boot:

ada0: <Samsung SSD 850 EVO mSATA 250GB EMT41B6Q> ACS-2 ATA SATA 3.x device
ada0: 600.000MB/s transfers (SATA 3.x, UDMA6, PIO 512bytes)
ada0: Command Queueing enabled
ada0: 238475MB (488397168 512 byte sectors)
ada0: quirks=0x3<4K,NCQ_TRIM_BROKEN>

What does this 4K,NCQ_TRIM_BROKEN mean exactly in normal English?

I also note that they have a solution below, but again, not quite sure what the difference is between the two....

if you're on 11.1-RELEASE or 11-RELEASE, you should add below on /boot/loader.conf.

 If no other quirks is required:"0x0"

 If you need 4k quirks but want to drop NCQ_TRIM one:"0x1"

      *4k one is bit0 (0x1), and NCQ_TRIM one is bit1 (0x2).

The example above assumes the affected drive is recognized as ada0.
You should change "ada.0" to whatever appropreate.

2.4 Development Snapshots / Re: apu2 led control?
« on: February 08, 2018, 12:00:15 am »
I installed the driver, and that seems to be okay.

However I canít get gwled or blinkled to start... is it just me?

Hardware / Re: PC Engines apu2 experiences
« on: February 01, 2018, 02:34:52 am »
What would the LED's do when those drivers are installed?

I suppose you would be able to configure the LEDís to show gateway status etc.
There are packages that you can install from the pfSense software repository (blinked and gwled) for this if you want to see what the options are. But apparently thereís some extra steps required to actually make it work.

I havenít bothered, I never look at it anyway :P

Hardware / Re: PC Engines apu2 experiences
« on: January 31, 2018, 11:52:44 pm »
I just wanted to check, does anyone else have these messages about needing to accept intel licenses in their /var/log/dmesg.boot?

I updated the firmware yesterday to 4.6.1, now Iím not sure if itís related.

Of course, after doing what it says, the errors/warnings go away.

Hardware / Re: PC Engines APU2 2.4.0 upgrade sucess
« on: October 14, 2017, 09:01:29 am »
Having both cryptodev and AESNI didnít seem to have any improvement or impact, only with the tests mentioned in that bug.

In the OpenVPN config, if you actually select that you want to use cryptodev, then your performance is worse; so DONíT do that.

Everything Iím talking about is in version 2.4.0.... thatís the thread subject.

AES-NI is enabled in the general pfSense setup for me, but itís not selectable anymore in the OpenVPN config like it was in the past.

Hardware / Re: PC Engines APU2 2.4.0 upgrade sucess
« on: October 13, 2017, 05:36:09 am »
After a few basic tests with OpenVPN, I was able to get around double the speed that I was getting previously by using the below settings:

In my OpenVPN configs, under Cryptographic Settings:
- Hardware Crypto -> None

For my Client configurations:
Advanced Configuration:
- UDP Fast I/O -> Checked
- Send/Receive Buffer -> 1.00 MiB

For my Server configuration:
Advanced Configuration:
- UDP Fast I/O -> Checked
- Send/Receive Buffer -> 512 KiB

Hardware / Re: PC Engines APU2 2.4.0 upgrade sucess
« on: October 13, 2017, 02:56:26 am »
Well, I did fine a couple of people on Reddit etc that have the same problem in general, not specific to the APU2.

I did also find this which pretty much says that openssl/openvpn need to have loaded both AESNI and cryptodev to accelerate AES operations.

AESNI was already enabled for me in the GUI, so I enabled cryptodev as well.

Now at least I can select the cryptodev in the OpenVPN gui, although back in 2.3.4 I could still select AESNI. Not sure what this all means for OpenVPN... Is it now using both or just the one? What's going on?

Hardware / Re: PC Engines APU2 2.4.0 upgrade sucess
« on: October 13, 2017, 12:54:43 am »
No problems here either! Everything went great!
BIOS 4.0.11

Actually, I noticed that I'm not able to select Hardware Acceleration anymore in OpenVPN:

Even though hardware acceleration is enabled in pfSense:

Anyone else have this problem?

Hardware / Re: PC Engines apu2 experiences
« on: October 13, 2017, 12:53:43 am »
I noticed today that the APU2 makes a quick short beep every time I login via the GUI.

Have I just never noticed this or is it new in 2.4.0?

DHCP and DNS / Re: DynamicDNS Home Page Widget
« on: September 14, 2017, 02:19:48 pm »
If anyone else comes looking:

Feature #7843: DynamicDNS Widget - Show Description

Feature #7842: Add DynamicDNS Provider - Mythic-Beasts

Anyone with some time that can put in some pull requests on Github?
I can help with the cURL commands for the second one...

DHCP and DNS / Re: Variables in Custom Dynamic DNS urls
« on: September 12, 2017, 04:55:57 am »
Just wondering if anyone got any answers to this? Iíve been trying to do the same.

Pages: [1] 2 3