After many years (2015) of operation as a home firewall, my PC Engines APU1D4 croaked (so I thought). Initially I was thinking it was the mSATA drive, so I started there. New drive came in, plugged it in and same issue, click, click, click and no POST. Considering the age of the board, I actually found a replacement which I quickly ordered assuming that was the next best option. New board arrives, I quickly plug it in and click, click, click. Moving on to the next logical piece, the power supply. Ran over to my local electronics parts store and found a suitable power supply with proper voltage/amperage. Plug everything in and up it goes! It was an expensive lesson (with ultimately a cheap solution), but now I have spare parts.
After noticing pfSense had not made updates in well over a year, I moved to OPNsense. The install and setup was flawless, no issues. One thing I did notice was the near daily crashes (page faults) and reboots. The APU1D4 boards have Realtek NIC's and OPNsense does not come bundled with the correct driver, so it uses the default kernel driver. Under Plugins in the OPNsense console, you will notice a "os-realtek-re" option. Install it and reboot. So far its been nearly a day now without a reboot and I am assuming this addresses the issue.
Hopefully this helps someone else in the same frustrating situation.
Update: Crashes continue even after installing the Realtek driver but less frequent. Several posts have mentioned disabling both the Spectre and Meltdown tunables. These are "vm.pmap.pti" = 0 and "hw.ibrs_disable" set to 1. Being a home based firewall, I am not too concerned with either of these. Plus, there is apparently quite a bit of overhead with both settings which should lead to faster throughput being disabled. Firewall has been up for nearly two days now without a crash, so we will see. Next up, updating the coreboot BIOS to v4.17.0.3. Here is a handy little script to do so.
No comments:
Post a Comment