Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Replies 10 replies
  • Subscribers 40 subscribers
  • Views 1774 views
  • Users 0 members are here
Options
Suggested

No connection intel x520-DA2 (82599ES) on sophos home

Oliver Zoisl

Hello I struggle a little bit atm. I had sophos home virtualized on something intel N with 4x2.5G running proxmox. The thing had no legacy BIOS (sadly) so this was my only option.

Then I got a SG230 cheap and I installed a intel 10G nic (x520-DA2, 82599ES). Sophos recognized it without any problem. I loaded the old config and adapted everything. I configured a LAG with both ports and a bridge with the original LAN port.

Time to plug everything in and.. nothing.. the link LEDs are blinking on the nic and the unifi aggregation switch, but in the sophos UI it shows no cable connected. I've removed the LAG and bridge to try singe port but it's not working.

I also tried with a RJ45 module in the SFP+ port.. at first sight it's also not working but I had no time to further test it. 

Anyone an idea?



Edited TAGs
[edited by: Erick Jan at 12:24 PM (GMT -7) on 26 Aug 2024]
  • 0

    What driver does the VM show it is using and does it show a connection to the XG? Does the XG console show an IP address assignment?

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v20.0.2 MR-2

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    I'm not sure if you understand what i mean. I used the VM and want to use hardware driectly now. 

    I bought a Sophos SG230 and I diy put the 10G NIC in the flexi port slot, which should connect to my Unifi aggregation switch.

    Sorry that the screenshot is in german. I don't know how to chnage the language. At some point everything was german and I hate it. On my linux desktop I've englisch as main language and it's also german. Idk

    Green is my current connection. Port 4 is only a placeholder. There should be the 20G LAG.

    Yellow is one of the 10G ports where the cable is plugged in and it says no connection

  • 0 in reply to Oliver Zoisl

    I understood what you were saying, I checked my VM which has a dual Intel 10gb NIC, slightly different model before asking

    What are the details of your LAN bridge, the screenshot seems a bit confusing to me?

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v20.0.2 MR-2

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Okay. The LAN bridge is completly worthless atm. I want to bridge the default LAN port and the 20G LAG (form the dual 10G nic).

    I try live boot ubuntu atm. lspci shows me the card completly normal, but I see no connection comming up if I plug in the cable to the switch. Still the LEDs are blinking. dmesg shows me, that the system recognized it, but there is no entry if I unplug/replug it.

    I'm not sure if the card is broken. Definitely weird. What card are u using? 

  • 0 in reply to Oliver Zoisl

    I've checked it in detail. dmesg says at 21.7 connection up (on that one port which was connected at start) and at 47.7-48.2 the sytsem removes both with " Waring firmware error detected FWSM: 0xFFFFFFFF" 

    I'm going to check the card in another system. 

  • 0 in reply to Oliver Zoisl

    I tried a bunch of things including compiling a newer driver.. nothing. After I restarted the live ubuntu with no cable connected it worked fine? No problems. I could also ping the switch. 

    Then I started back into sophos home and looked into dmesg. There is only the initialization with no problem/error 

    So Firmware is the problem? 

  • 0 in reply to Oliver Zoisl

    My fault I didn't read it completely. The crad gets removed.

    SFVH_SO01_SFOS 20.0.2 MR-2-Build378# dmesg | grep ixgbe                         
    [    7.773704] ixgbe_nm 0000:01:00.0: enabling device (0000 -> 0002)            
    [    8.960320] ixgbe_nm 0000:01:00.0: Multiqueue Enabled: Rx Queue count = 4, Tx
     Queue count = 4 XDP Queue count = 0                                            
    [    8.961687] ixgbe_nm 0000:01:00.0: 32.000 Gb/s available PCIe bandwidth, limi
    ted by 5 GT/s x8 link at 0000:00:01.0 (capable of 63.008 Gb/s with 8 GT/s x8 lin
    k)                                                                              
    [    8.961769] ixgbe_nm 0000:01:00.0 eth8: MAC: 2, PHY: 1, PBA No: FFFFFF-0FF   
    [    8.961770] ixgbe_nm 0000:01:00.0: 98:b7:85:1f:f7:3c                         
    [    8.961771] ixgbe_nm 0000:01:00.0 eth8: Enabled Features: RxQ: 4 TxQ: 4 FdirH
    ash                                                                             
    [    8.961813] ixgbe_nm 0000:01:00.0 eth8: Intel(R) 10 Gigabit Network Connectio
    n                                                                               
    [    8.961877] ixgbe_nm 0000:01:00.1: enabling device (0000 -> 0002)            
    [   10.148321] ixgbe_nm 0000:01:00.1: Multiqueue Enabled: Rx Queue count = 4, Tx
     Queue count = 4 XDP Queue count = 0                                            
    [   10.149701] ixgbe_nm 0000:01:00.1: 32.000 Gb/s available PCIe bandwidth, limi
    ted by 5 GT/s x8 link at 0000:00:01.0 (capable of 63.008 Gb/s with 8 GT/s x8 lin
    k)                                                                              
    [   10.149783] ixgbe_nm 0000:01:00.1 eth9: MAC: 2, PHY: 1, PBA No: FFFFFF-0FF   
    [   10.149783] ixgbe_nm 0000:01:00.1: 98:b7:85:1f:f7:3d                         
    [   10.149784] ixgbe_nm 0000:01:00.1 eth9: Enabled Features: RxQ: 4 TxQ: 4 FdirH
    ash                                                                             
    [   10.149826] ixgbe_nm 0000:01:00.1 eth9: Intel(R) 10 Gigabit Network Connectio
    n                                                                               
    [   10.181958] ixgbevf: Intel(R) 10 Gigabit PCI Express Virtual Function Network
     Driver - version 4.1.0-k                                                       
    [   10.181959] ixgbevf: Copyright (c) 2009 - 2015 Intel Corporation.            
    [   10.965004] ixgbe_nm 0000:01:00.0 Port9: renamed from eth8                   
    [   10.996997] ixgbe_nm 0000:01:00.1 Port10: renamed from eth9                  
    [   34.590628] ixgbe_nm 0000:01:00.1: Adapter removed                           
    [   34.599775] ixgbe_nm 0000:01:00.1: registered PHC device on Port10           
    [   36.019487] ixgbe_nm 0000:01:00.1 Port10: MNG_VETO bit detected.       
  • 0 in reply to Oliver Zoisl

    After a restart without a cable connected it says another information.

    [    9.756626] ixgbevf: Copyright (c) 2009 - 2015 Intel Corporation.            
    [   10.625047] ixgbe_nm 0000:01:00.0 Port9: renamed from eth8                   
    [   10.649066] ixgbe_nm 0000:01:00.1 Port10: renamed from eth9                  
    [   34.132785] ixgbe_nm 0000:01:00.1: registered PHC device on Port10           
    [   34.261158] ixgbe_nm 0000:01:00.0: registered PHC device on Port9            
    [  153.326896] ixgbe_nm 0000:01:00.1: Adapter removed                           
    [  153.426577] ixgbe_nm 0000:01:00.1 Port10: Software semaphore SMBI between dev
    ice drivers not granted.                                                        
    [  153.774890] ixgbe_nm 0000:01:00.0: Adapter removed                           
    [  153.874410] ixgbe_nm 0000:01:00.0 Port9: Software semaphore SMBI between devi
    ce drivers not granted.                                                         
    [  155.328017] ixgbe_nm 0000:01:00.1 Port10: MNG_VETO bit detected.             
    [  155.776041] ixgbe_nm 0000:01:00.0 Port9: MNG_VETO bit detected. 


    ChatGPT says:

    • Software Semaphore Issues:

      • [153.426577] ixgbe_nm 0000:01:00.1 Port10: Software semaphore SMBI between device drivers not granted. and [153.874410] ixgbe_nm 0000:01:00.0 Port9: Software semaphore SMBI between device drivers not granted. indicate that a software semaphore, specifically the SMBI (Software Managed Block Identifier), was not granted between device drivers. This semaphore is used to coordinate access between multiple drivers or processes, preventing them from interfering with each other. The failure to grant this semaphore might result in potential conflicts or issues in managing the network interfaces.

    • MNG_VETO Bit Detection:

      • [155.328017] ixgbe_nm 0000:01:00.1 Port10: MNG_VETO bit detected. and [155.776041] ixgbe_nm 0000:01:00.0 Port9: MNG_VETO bit detected. indicate that the MNG_VETO bit was detected for both Port10 and Port9. The MNG_VETO bit is associated with management functions, typically indicating that the management controller (e.g., BMC or IPMI) has vetoed certain operations, possibly due to a conflict or ongoing management activity.
  • 0

    Well I've no idea what's going on but it somehow worked fine for a bit after a restart and suddenly stopped working. It also showed ist perfectly fine in the UI.

    [ 8.095743] ixgbevf: Copyright (c) 2009 - 2015 Intel Corporation.
    [ 8.869057] ixgbe_nm 0000:01:00.0 Port9: renamed from eth8
    [ 8.893026] ixgbe_nm 0000:01:00.1 Port10: renamed from eth9
    [ 32.785811] ixgbe_nm 0000:01:00.1: registered PHC device on Port10
    [ 32.914235] ixgbe_nm 0000:01:00.0: registered PHC device on Port9
    [ 32.964007] ixgbe_nm 0000:01:00.1 Port10: detected SFP+: 4
    [ 33.088010] ixgbe_nm 0000:01:00.0 Port9: detected SFP+: 3
    [ 33.112037] ixgbe_nm 0000:01:00.1 Port10: NIC Link is Up 10 Gbps, Flow Control: RX/TX
    [ 33.232020] ixgbe_nm 0000:01:00.0 Port9: NIC Link is Up 10 Gbps, Flow Control: RX/TX
    [ 358.034890] ixgbe_nm 0000:01:00.0: Adapter removed
    [ 359.918958] ixgbe_nm 0000:01:00.1: Adapter removed
    [ 360.032057] ixgbe_nm 0000:01:00.0 Port9: MNG_VETO bit detected.
    [ 360.032130] ixgbe_nm 0000:01:00.0 Port9: speed changed to 0 for port Port9
    [ 361.920042] ixgbe_nm 0000:01:00.1 Port10: MNG_VETO bit detected.
    [ 361.920120] ixgbe_nm 0000:01:00.1 Port10: speed changed to 0 for port Port10

  • +1

    I found the problem. The PCIe riser has signal integrity problems when it's not flat. Straighten it out solved it. I wouldn't thought it could be a problem with PCIe2.0 speed. I only know it with 4.0 and above.

Unfiltered HTML