DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Installation and Upgrading

OpenBSD Installation and Upgrading Installing and upgrading OpenBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 11th August 2011
tomp's Avatar
tomp tomp is offline
Real Name: Tom Purvis
Local Area Nitwit
 
Join Date: Aug 2011
Location: Colorado
Posts: 17
Thanked 0 Times in 0 Posts
Default configuring second NIC

Quote:
Originally Posted by kiimao View Post
...I have added a second network card to the PC Card slot of the laptop, and OpenBSD recognises it as "Realtech 8139" and assigns it device name "rl1"...
Total OpenBSD newb here, just popped in looking for a clue and saw this thread right at the top. I'm at a different stage of my quest, but would like to ask for some basic info:

I've just installed 4.9 to an HP Pavilion 525w (Pentium 4) to make it into a firewall using pf. The box has a nic onboard, and I need to add another.

When I installed it I left the 2nd nic out and chose dhcp just to get on my feet. It found the dhcp server and what-all so I know the nic is/was working. I went through clues I found at openbsd dot org faq6 dot html and set it up to be a static IP, which promptly made it not actually find anything. But that's not why I'm posting. I'm sure I'll be able to figure that out. But I thought I should at least get my hardware profile to where it ultimately needs to be first.

I decided to add the 2nd nic, which is an SMC 1244TX pci card. kiimao said that OpenBSD is recognizing his 2nd. Stupid question that I can't seem to find answer for: when you drop a new device into the machine, like a pci card, how do you get OpenBSD to see it?

When I run dmesg I see "rl0 at pci1 dev 13 function 0 "Realtek 8139" rev 0x10..." and a MAC address. I went ahead and wrote a hostname.rl1 in my /etc/ directory, but I assume that dmesg shows what hardware the OS is actually seeing, and that the hostname.* file will only work if there's actually something at that device name that is being recognized.

But I'm really pretty lost trying to get basics like this. I have no problem reading about this stuff, but Uncle Google seems to keep pointing me at information that assumes a certain amount of base knowledge, and searches of this forum didn't really get me anywhere either. I've installed and configured various linux dists start the first time back in about '94, so I do have some experience, it's just really pretty far back in time.

Any help appreciated.
Reply With Quote
  #2   (View Single Post)  
Old 11th August 2011
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

On OpenBSD, drivers are named after the vendor & chipset they support, rl(4) is for the cards based on the Realtek 8129/8130 chipset.

If your dmesg only shows a single rl0 device, then another driver is being used for the additional card.

You can look through the dmesg, or with ifconfig(8) to find what cards are in your system.

In your example, you state rl0 but create a file named hostname.rl1, perhaps that was a typo?
Reply With Quote
  #3   (View Single Post)  
Old 11th August 2011
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 2,888
Thanked 190 Times in 160 Posts
Default

Welcome to our forums! I have separated your message from the original thread responded to, as we discourage hijacking.

Most members of these forums search through old threads for research. Keeping threads to a single subject makes this exercise significantly easier.
Quote:
Originally Posted by tomp View Post
when you drop a new device into the machine, like a pci card, how do you get OpenBSD to see it?
Simply reboot. The kernel will attempt to identify it & load the appropriate driver upon booting. The output of dmesg(8) will show what the kernel encountered. If you need to discuss this further, post the output of dmesg(8) so we can see what your system is detecting.
Quote:
...but Uncle Google seems to keep pointing me at information that assumes a certain amount of base knowledge...
The OpenBSD project & community is merely a fraction of the size associated with Linux. As such, development of a collateral support infrastructure isn't in place, & not likely to change. The information found on the project's Website along with the official mailing lists particularly important to study. This site is not affiliated with the various *BSD projects proper, but we are enthusiasts & professionals who can provide some help.
Reply With Quote
  #4   (View Single Post)  
Old 11th August 2011
rocket357's Avatar
rocket357 rocket357 is offline
Real Name: Jonathon
Wannabe OpenBSD porter
 
Join Date: Jun 2010
Location: 127.0.0.1
Posts: 330
Thanked 9 Times in 9 Posts
Default

First off, welcome to daemonforums.org...

Second, Google is certainly a trusted source when it comes to Linux. The man pages on Linux tend to leave a lot to be desired...not so with OpenBSD (most BSD projects, for that matter, have superior man pages than Linux). You can "man -k <some_topic>" to get a list of man pages that discuss whatever topic you're looking for. That should be your first stop before consulting Google =)

As for the second NIC, is it actually being recognized? You mention a single line from dmesg, but since you already have a NIC in the machine, is there a second dmesg line that matches the SMC 1244TX? If not (or it says "not configured" after it), your card doesn't have a driver and won't work until a driver is written for it. If it *IS* being recognized, what does ifconfig have pertaining to that card?

And you're correct, hostname.* files are only used if the hardware is actually there.
__________________
Linux Admin by Profession. OpenBSD user by choice.
Reply With Quote
  #5   (View Single Post)  
Old 11th August 2011
tomp's Avatar
tomp tomp is offline
Real Name: Tom Purvis
Local Area Nitwit
 
Join Date: Aug 2011
Location: Colorado
Posts: 17
Thanked 0 Times in 0 Posts
Default thanks folks, progress report:

Quote:
Originally Posted by rocket357 View Post
...As for the second NIC, is it actually being recognized? You mention a single line from dmesg, but since you already have a NIC in the machine, is there a second dmesg line that matches the SMC 1244TX? ...
Thanks all for fixing my hijaking and for offering good info.

I kept plugging away after I left this post. Here's where I got:

I piped dmesg to a file and really looked through it. I had been just using |more to page through. I found that yes, the card was being recognized!

Code:
dc0 at pci1 dev 11 function 0 "ADMtek AN983" rev 0x11: apic 2 int 23 (irq 9), address 00:50:bf:9f:0a:80
dc0: MII without any PHY!
rl0 at pci1 dev 13 function 0 "Realtek 8139" rev 0x10: apic 2 int 17 (irq 10), address 00:0c:6e:0f:ab:51
rlphy0 at rl0 phy 0: RTL internal PHY
Since I had removed the card nic and looked, I am confident that the Realtek 8139 (rl) is the one that is on my motherboard. And I was able to configure it so that it works (pings nearby hosts, ftp connection to hosts out on the 'net, etc). So I wrote a hostname.dc0, assigning it a different IP address. And then I called netstart ('sh /etc/netstart'). And...

my system hung. It hung badly enough that I had to cycle power. I had to boot from the install cd and mount the hard disc filesystem and then rename hostname.dc0 before it would boot. It would boot, but would hang as soon as the "starting network" came up. I just now tried again after I found the man pages for rl and for dc and made some changes. Any ideas GREATLY appreciated.

TP in CO
Reply With Quote
  #6   (View Single Post)  
Old 12th August 2011
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 2,888
Thanked 190 Times in 160 Posts
Default

Quote:
Originally Posted by tomp View Post
TSo I wrote a hostname.dc0, assigning it a different IP address.
I assume both interfaces were connected to the same subnet. Is this correct?

Likewise, the testing described has two cases:
  • The rl(4) interface was configured by itself. From what you have stated, this scenario worked -- allowing you to connect, ping(8), etc.
  • Then both interfaces (rl(4) & dc(4)) were configured. This didn't work.
So what happens when the dc(4) interface is configured by itself?
Reply With Quote
  #7   (View Single Post)  
Old 12th August 2011
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

Quote:
dc0: MII without any PHY!
This doesn't seem like a message worth ignoring.
Reply With Quote
  #8   (View Single Post)  
Old 14th August 2011
tomp's Avatar
tomp tomp is offline
Real Name: Tom Purvis
Local Area Nitwit
 
Join Date: Aug 2011
Location: Colorado
Posts: 17
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by ocicat View Post
I assume both interfaces were connected to the same subnet. Is this correct?
Actually, I had the two IP addresses on different subnets. One was 192.168.0.249 and the other was 192.168.1.249
Quote:
Originally Posted by ocicat View Post
So what happens when the dc(4) interface is configured by itself?
I have not had a chance to try this yet. I ran out of of time. I would need to disable the onboard NIC in the BIOS.

If that allows the dc device to work, I will have learned something--but it might be that I have learned that I need to find another pci card NIC to use as the 2nd one.
Reply With Quote
  #9   (View Single Post)  
Old 14th August 2011
tomp's Avatar
tomp tomp is offline
Real Name: Tom Purvis
Local Area Nitwit
 
Join Date: Aug 2011
Location: Colorado
Posts: 17
Thanked 0 Times in 0 Posts
Default MII without any PHY!

Quote:
Originally Posted by BSDfan666 View Post
This doesn't seem like a message worth ignoring.
Agree, MII without any PHY! seems like a pretty important factoid. I did some searching around, finding no obvious clues. I was hoping someone here might have an aha. But I ran out of time to do much more than post my message before my work week ended.

I may try to round up a different PCI NIC (though I did a fairly exhaustive search of the PC junk pile at my workplace--buying one seems crazy! but I'd really like to learn about what is going on.

Thanks as always for the attention and help. When a solution is found I will post all details.
Reply With Quote
Old 15th August 2011
tomp's Avatar
tomp tomp is offline
Real Name: Tom Purvis
Local Area Nitwit
 
Join Date: Aug 2011
Location: Colorado
Posts: 17
Thanked 0 Times in 0 Posts
Default Monday morning tactics

Hey there. This morning first thing I went into CMOS setup and disabled the onboad NIC. Then I put in my SMT 1244TX PCI card (dc0) and started openBSD. The dc0 device appeared to be recognized properly; no 'MII without any PHY!' message, but at the very end of dmesg was 'watchdog timeout'. No connectivity either. After a little searching around I found one tip that moving the card to a different slot might help that problem.

I thought that sounded a little crazy, and I only saw one reference to that, but it seemed like an easy thing to try.

Putting that card in a different slot did change things. Once again I got the 'MII without any PHY!' message, but no 'watchdog timeout'. Also no connectivity.

I found another nic in another old PC in our boneyard. It's a DLink. That card hasn't got an effective modular connector retainer (when you plug in the 10-baseT connector it won't go 'click' and the cable can just be pulled out/fall out). This makes me less enthusiastic about using it as part of our enterprise firewall, but...

It works. I tried it with the onboard nic still disabled and it came up fine and I have connectivity with it. So then I re-enabled the onboard nic. Once I did that the onboard nic had connectivity but not the DLink. I'm wondering if that could be simply because I have some of the other net config stuff wrong. Or whether it is because those two devices are conflicting with each other.

New info... any ideas from you knowledgable folks out there would be appreciated as always!

Tom in CO, USA
Reply With Quote
Old 15th August 2011
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,711
Thanked 214 Times in 189 Posts
Default

You can't effectively use 2 NICs on the same subnet; this might be why both won't work simultaneously.
Reply With Quote
Old 15th August 2011
tomp's Avatar
tomp tomp is offline
Real Name: Tom Purvis
Local Area Nitwit
 
Join Date: Aug 2011
Location: Colorado
Posts: 17
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by jggimi View Post
You can't effectively use 2 NICs on the same subnet; this might be why both won't work simultaneously.
I didn't think that was a good idea, but it didn't work on some previous testing iteration, so I had them both on the same subnet. I just tried changing the rl1 device (the one that is not communicating) to 192.168.1.249, then from root I executed:

sh /etc/netstart

No change. I can ping rl0 (192.168.0.254) but cannot ping rl1 (192.168.1.249).

For reference, here's the excerpt from my dmesg output pertaining to the two nics:
Code:
...
pci1 at ppb0 bus 1
rl0 at pci1 dev 11 function 0 "D-Link 530TX+" rev 0x10: apic 2 int 23 (irq 9), address 00:05:5d:4e:71:e3
rlphy0 at rl0 phy 0: RTL internal PHY
rl1 at pci1 dev 13 function 0 "Realtek 8139" rev 0x10: apic 2 int 17 (irq 10), address 00:0c:6e:0f:ab:51
rlphy1 at rl1 phy 0: RTL internal PHY
...
hostname.rl0:
Code:
inet 192.168.0.254 255.255.255.0 NONE
hostname.rl1:
Code:
inet 192.168.1.249 255.255.255.0 NONE
Perhaps someone can spot an obvious issue with those hostname files? Other config file contents that would be helpful? Any chance that it would help for me to move the DLink card to another slot?

At this point I have pretty much written off the SMC 1244TX card even though it came new out of a box. Seems like it might just have basic problems with OpenBSD...

TIA as always.

Tom in CO
Reply With Quote
Old 15th August 2011
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,711
Thanked 214 Times in 189 Posts
Default

The output of $ ifconfig may be of assistance; it should show physical connectivity, or the lack thereof.

And where are you pinging these addresses from? The OpenBSD platform, or externally? If the latter, routing may be an issue.
Reply With Quote
Old 15th August 2011
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 2,888
Thanked 190 Times in 160 Posts
Default

Quote:
Originally Posted by tomp View Post
Hey there. This morning first thing I went into CMOS setup and disabled the onboad NIC. Then I put in my SMT 1244TX PCI card (dc0) and started openBSD. The dc0 device appeared to be recognized properly; no 'MII without any PHY!' message, but at the very end of dmesg was 'watchdog timeout'. No connectivity either.
"watchdog timeout" messages are not uncommon for some drivers. While the onboard NIC is still disabled, configure /etc/hostname.dc0, reboot, attempt to ping some arbitrary host, & post the output of ifconfig(8) while in this configuration. Someone might see something in this output.
Quote:
After a little searching around I found one tip that moving the card to a different slot might help that problem.
Correct. The card may have not been seated well, or may have poor connections. It may be worth putting a few drops of rubbing alcohol on a kleenex, & cleaning the card's PCI contacts to possibly get rid of oxidation.
Quote:
I'm wondering if that could be simply because I have some of the other net config stuff wrong. Or whether it is because those two devices are conflicting with each other.
  • You may need to try a different card, preferably something which isn't a 10Base-10 card.
  • I would also suggest looking at the possibility of using two cards, & not using the onboard NIC at all.
Reply With Quote
Old 15th August 2011
rocket357's Avatar
rocket357 rocket357 is offline
Real Name: Jonathon
Wannabe OpenBSD porter
 
Join Date: Jun 2010
Location: 127.0.0.1
Posts: 330
Thanked 9 Times in 9 Posts
Default

Check your route tables ("netstat -nrf inet" or similar). If you have a blanket statement like:

192.168/16 link#2 <etc...> rl1

That could cause ALL 192.168 traffic to route through link#2. I've had this happen before, and it causes one NIC to appear to go "brain dead".

If you can't put them on seperate IP blocks (i.e. put one on 10/8, and the other on 192.168/16 or 172.16/12), you'll have to hammer out your routing tables (something I've never messed with since I could always switch to an unused private block).
__________________
Linux Admin by Profession. OpenBSD user by choice.
Reply With Quote
Old 15th August 2011
tomp's Avatar
tomp tomp is offline
Real Name: Tom Purvis
Local Area Nitwit
 
Join Date: Aug 2011
Location: Colorado
Posts: 17
Thanked 0 Times in 0 Posts
Default Nics are now working!

Quote:
Originally Posted by jggimi View Post
The output of $ ifconfig may be of assistance; it should show physical connectivity, or the lack thereof.

And where are you pinging these addresses from? The OpenBSD platform, or externally? If the latter, routing may be an issue.
Looking at ifconfig got me thinking... I was trying to tell whether the nic at 192.168.1.249 was working by pinging it, with no response. Thinking about it and talking with my colleague here, I realized that my PC saw our DSL Modem/router as its default gateway. That gateway wasn't forwarding my ping packets to the 192.168.1 subnet. I switched my PC's static IP to 192.168.1.103 and my default gateway to 192.168.1.249 (the internal nic address) and voila! I can ping both nics. I ping 192.168.1.249 because it's my default gateway, and I can ping 192.168.0.254 (the other nic) because the box bridges to that address. Does that seem to make sense to you?

So now I know that both Nics are working. Big milestone!

I was hoping that I would be able to use the box to bridge to my internet gateway (our dsl modem/router), meaning that I could actually access the 'net through my OpenBSD box, serving as a bridge to the internet gateway, but it isn't working that way.

The router/gateway address is 192.168.0.1. I am assuming that getting this to work will imply having the right configuration info in mygate, myname, and hosts, correct? Here are the contents of those files now:

Code:
$ cat /etc/mygate
192.168.0.1
$ cat /etc/myname
tincup.rmt0.com
$ cat /etc/hosts
#       $OpenBSD: hosts,v 1.12 2009/03/10 00:42:13 deraadt Exp $
#
# Host Database
#
# RFC 1918 specifies that these networks are "internal".
# 10.0.0.0      10.255.255.255
# 172.16.0.0    172.31.255.255
# 192.168.0.0   192.168.255.255
#
127.0.0.1       localhost
::1             localhost
192.168.0.254   tincup.rmt0.com tincup
192.168.1.249   tincup0.rmt0.com tincup0
I am able to connect to ftp servers out on the 'net from my OpenBSD box, so I think that the mygate value has to be valid, at least for the internet connectivity of the OpenBSD box itself. But my PC can't get through using the OpenBSD box as it's gateway. Make sense?

Thanks a million for the help so far folks. I'm making progress. My ultimate goal is to get pf (Packet Filter) running, which will pass all the traffic from our internal network to the DSL Modem/Router, filtering by port of course. I assume that the configuration will need to be working to make the machine a simple bridge first though.

If you have a page that describes getting a pf-based firewall going once the nics are running properly, feel free to send me to that and I will get down to reading and experimenting. Or send me to a place where I can get data about basic net config. I've been reading man pages about myname, mygate, and hosts. Pretty clear, but as I follow them I don't seem to be getting the higher level stuff working.

Thanks again! Good Monday so far!
Reply With Quote
Old 15th August 2011
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 2,888
Thanked 190 Times in 160 Posts
Default

Quote:
Originally Posted by tomp View Post
If you have a page that describes getting a pf-based firewall going once the nics are running properly, feel free to send me to that and I will get down to reading and experimenting.
If you haven't discovered the following yet, you should:

http://www.openbsd.org/faq/pf/index.html

The PF User's Guide should be considered definitive.

Likewise, the following may help as well:

http://home.nuug.no/~peter/pf/
Reply With Quote
Old 15th August 2011
tomp's Avatar
tomp tomp is offline
Real Name: Tom Purvis
Local Area Nitwit
 
Join Date: Aug 2011
Location: Colorado
Posts: 17
Thanked 0 Times in 0 Posts
Default Thanks

Quote:
Originally Posted by ocicat View Post
If you haven't discovered the following yet, you should:

http://www.openbsd.org/faq/pf/index.html

The PF User's Guide should be considered definitive.

Likewise, the following may help as well:

http://home.nuug.no/~peter/pf/
I'm on it. Let the reading begin!

I think this probably should be considered the conclusion of a thread in OpenBSD Installation and Upgrading called configuring second NIC.

A few questions are left unanswered, most notably, what was wrong with the SMC 1244 TX pci NIC that I started with? It was not listed in the supported hardware for OpenBSD 4.9, which is a strong clue. It is recognized by the dc driver, but the 'MII without any PHY!' message suggests that there is some aspect of it that the driver doesn't like. R.I.P. SMC 1244 TX, you go back onto the shelf. Perhaps you will become useful at some other time. For now you are to be exiled to the island of misfit toys, the hardware boneyard.

The DLink card will be doing the job. The cable will be duct-taped in place to keep it from falling out since the retention clip doesn't work.

Any questions that arise I will be willing to address to the extent of my ability. Email is tpurvis at arkansasvalley dot net
Reply With Quote
Old 15th August 2011
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,711
Thanked 214 Times in 189 Posts
Default

Glad you got things working, Tom. And, I'm glad that you were able to identify the problem with connectivity was routing.

Speaking of routing....

For routing packets, which most firewalls do, don't forget to enable IP forwarding, as described in FAQ 6.2.7. Your OpenBSD platform won't be a router without it.
Reply With Quote
Old 15th August 2011
tomp's Avatar
tomp tomp is offline
Real Name: Tom Purvis
Local Area Nitwit
 
Join Date: Aug 2011
Location: Colorado
Posts: 17
Thanked 0 Times in 0 Posts
Default Thanks for the advice of IP Forwarding

Quote:
Originally Posted by jggimi View Post
...Speaking of routing....

For routing packets, which most firewalls do, don't forget to enable IP forwarding, as described in FAQ 6.2.7. Your OpenBSD platform won't be a router without it.
I actually did do that. I read that section in the FAQ as I was trying to figure out how to get my PC to get to the internet gateway via the OpenBSD box (making that box my PC's default gateway and then hoping that the BSD box would allow me to get to its default gateway, the DSL Modem). I uncommented the line in /etc/sysctl.conf that enables IP Forwarding. Did not allow me to bridge to my actual internet gateway (192.168.0.1).

So I kept reading and saw about putting aliases in the hostname.rlX file(s), so I've been experimenting with that. Not sure I understand it though--actually pretty sure I don't understand it. And not allowing me to get to the internet gateway while identifying the OpenBSD box as the PC's default gateway.

More reading...
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
It's necesary to use firmware configuring rum or zyd? ximo FreeBSD General 7 8th July 2009 10:05 AM
Configuring authpf freebsd kasse FreeBSD General 0 7th February 2009 12:32 PM
Help configuring pine cssgalactic FreeBSD General 4 29th June 2008 11:50 PM
Need Help Configuring Postfix iainnitro General software and network 6 8th June 2008 04:55 AM
Configuring VLANs under FreeBSD Popof FreeBSD General 5 13th May 2008 04:08 PM


All times are GMT. The time now is 12:40 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick