Crap, it’s not always Comcast

Let me start with a disclaimer, this does not pertain directly to home theaters, it is a simple lesson in my own humility.  And when it comes to technology, I very much dislike feeling stupid.  Read on if still interested, otherwise check out some of the new reviews.

First a little background.  I am not a networking engineer or network guru by any means but I do consider myself fairly knowledgeable on the subject.   For instance, given a Cisco router I could not replace the IOS configuration without a reference material but I have written applications to remotely audit networking equipment.

About a year ago I was introduced to pfSense.  For those not familiar with it, “pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router.”  I was in geek heaven.  Prior to pfSense I was going through a new router every few months but ultimately ended up wasting money or returning equipment.  Nothing I purchased offered the mix of stability, performance and features I was looking for.  I thought the problem was with the OEM consumer level firmware and was very impressed with both DD-WRT and Tomato but I still wasn’t happy.

For the last year I have been running pfSense as Hyper-V virtual on my server.  I was mildly irritated that I had to use legacy virtual network cards since Hyper-V does not officially support FreeBSD, but it was a small price to pay.  

Stability — Other than user error while testing new packages I have never had to reboot the pfSense router.  

Performance — When running as a virtual my WAN download speeds were on average 6 Mbps faster than anything else I had been using.  At the time I tested against a D-Link DIR-655, Apple AirPort Extreme, Buffalo WHR-G300N and even a Cisco IAD 2400. 

Features — Wow.  Just about everything I wanted was offered natively and what was not I could achieve through packages.  It is worth noting that the 6 Mbps speed increase I mentioned above was benchmarked while running HAVP (HTTP Antivirus Proxy), squid (Proxy Server and Web Cache), squidGuard (Web Proxy URL Filter), Tinydns, HAProxy (TCP/HTTP Load Balancer) and Snort (IDS/IPS).

About 3 months ago I decided I was sick of troubleshooting my wireless access points (WAP) and wanted a dedicated pfSense system that also acted as my WAP.  I wanted something rack-mountable, reasonably affordable, and powerful yet relatively low power consumption.  Newegg happened to be having a special on the Supermicro SYS-5015A-PHF + 4GB RAM combo and I was sold.  It didn’t take much; I am a Supermicro fan, dual onboard Intel 82574L network cards, IPMI 2.0 and I had wanted to test out the Intel Atom D510.

So here I am months later and the SYS-5015A-PHF + pfSense 2.0-BETA x86-64 has not disappointed.  In fact, I liked the SYS-5015A-PHF so much that I have since acquired almost identical systems for my SAN and backup\development router.  I did have one issue though.  Every few weeks my DHCP lease would expire and it would take me an hour of tinkering for it to work again.  I read a number of angry forum posts concerning similar issues with Comcast and my cable modem, Motorola SB6120, so I joined the bandwagon and blamed Comcast.

Over the weekend I was tinkering with a pfSense package I am developing and inadvertently created a duplicate WAN network interface that was preventing pfSense from starting properly.  It was close to 4am and I didn’t want to wake my wife to get to the router which is wall mounted in the master bedroom closet so I tried to use IPMI to get remote console access.  [Note: Intelligent Platform Management Interface (IPMI) is an Intel led standard.  The SYS-5915A-PHF, like many Supermicro systems, offers IPMI 2.0 with KVM Over LAN capabilities].  No luck, I could not connect to the corresponding IPMI session.  I was tired so I decided to get some sleep and troubleshoot in the morning.

This brings me to my stupidity:  

Stupidity #1 – I had forgotten to setup a static IP address on the IPMI which is odd since I use it fairly frequently to access my SAN and even did the entire SAN install including the BIOS setup via IPMI.   While irritating this was not a big deal, it was my first time attempting to use IPMI against it so obviously not a huge need for it.  But even after setting up the static IP address I could not connect to the IPMI session.  That is when the light bulb went off…

Stupidity #2 – When I initially setup the router I assigned the first network port (em0) as the WAN interface which normally is not a problem but the SYS-5015A-PHF IPMI “shares” the first network port.  The issue I mentioned above with not being able to get a DHCP lease had nothing to do with Comcast.  Depending on the timing the IPMI interface would acquire my single DHCP address before pfSense could.  It explained why the issue would reoccur and why I could get it work with a little tinkering.

After swapping the WAN\LAN ports I could connect to IPMI and more importantly I am no longer worried about losing my DHCP lease.  Hopefully my stupidity helps someone else.  I know I’ve learned an important lesson: it’s not always Comcast’s fault—sorry Comcast.

  • Michael – can you blog a

    Michael – can you blog a little more about your pfSense install? Thinking about using some old hardware and putting together a system to replace my dying WRT54G. This seems like it could be faster/more stable/etc compared to buying a new wireless router.


    Our Textbook





    Our Textbook Buyback comparison website allows you

     to compare book buyback prices to ensure that you receive the best possible prices and service

     for selling and shipping  your textbooks. Unlike other textbook buyback comparison websites, Price

     Books 4 Me prides itself on offering price comparison with only the highest quality vendors with

     proven track records of successful  customer service and reliability. Why sell yourself short when

     it comes time to sell college textbooks?