NIC speed and duplex settings on R65 Splat

[res002mg]

I was reading different threads about ethtool, mii-tool, splat https and eth_set tools to change/force speed and duplex settings on NIC cards on Splat.
Configuration via HTTPs before R65 was the best/easiest way to make this change, - it does not work on R65. After upgrade to R65 all NICs came up with 100/HD. In my environment all NICs have to be hard-coded to 100/FD
I can force change speed/duplex settings using either mii-tool or ethtool, did not try eth_set and, as expected, settings do not servive reboot.
Before modifying modules.conf file, anyone knows where Checkpoint puts NIC settings made via HTTPs? They are not in module.conf file, - I compared R60 against R65 and files are identical.

[chillyjim]

/etc/sysconfig/netconf.C

If the webui isn't working for you please open a support call.

[res002mg]

Webui gives list of options for all speed/duplex settings availabe, allows to select any of them and allows to hit apply button, but setting is unchanged and on refresh goes to autonegotiate. I have case open with my support vendor. Should it be reported as bug?

[chillyjim]

Its either a bug or something strange with your install/environment.

You're not using IE7 by any chance are you?

[res002mg]

No IE7. I am running IE6 and just tried FireFox with same results. My configuration is: SmartCenter was fresh build as R65 and config were upgrade_imported from R60, Log server was fresh build as R65 with SIC reset (no leftovers here), gateway was upgraded from R60 to R65. SmartCenter and Log serers were build as Splats and gateway is Splat Pro. Hardware: SmrtCenter server is DL380-G4 no add-on NICs, Log server DL380-G5 no add-on NICs, and gateway DL380-G4 wiht 3 2-port Intel cards. Webgui worked on all of them with R60_hfa04.

[melipla]

While I do not know where the web interface saves the speed setting, I do know there are other places to set the nic speed/duplex then the modules.conf, see the last line:

Quote:

#
# File: /etc/sysconfig/network-scripts/ifcfg-eth0
#
DEVICE=eth0
IPADDR=192.168.1.100
NETMASK=255.255.255.0
BOOTPROTO=static
ONBOOT=yes
ETHTOOL_OPTS="speed 100 duplex full autoneg off"

[res002mg]

Thanks, I like meipla's method, as it seams configurable per interface comparing to modules.conf. I will try and let you know the outcome.
I have another question , which tool I should trust mii-too or ethtool or eth_ste?
this is the output using all on the same box against the same interface:
ethtool eth0::
Settings for eth0:
Supported ports: [ MII ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Half 1000baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Half 1000baseT/Full
Advertised auto-negotiation: Yes
Speed: 100Mb/s
Duplex: Half
Port: Twisted Pair
PHYAD: 1
Transceiver: internal
Auto-negotiation: on
Supports Wake-on: g
Wake-on: d
Current message level: 0x000000ff (255)
Link detected: yes

mii-tool eth0
eth0: 100 Mbit, full duplex, link ok

eth_set eth0
Configured speed/duplex settings: 100f
NIC reported speed/duplex settings: 100h
NIC reported speed/duplex capabilities: 10h,100h,1000h,10f,100f,1000f,autoneg

[chillyjim]

I don't know if the ifcfg-ethX files are used after the initial boot up but its worth a try.

Please let us know what support comes back with.

[res002mg]

I still did not get anythig from my vendor on this, but I used two files recommended earlier and 'ifcfg-ethX' does not work on reboot:
(ref: redhat.com | Knowledgebase).
I ended up with rc.local modification, it works on reboot:
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

ethtool -s eth0 speed 100 duplex full autoneg off

[auroranl]

I gave the same problem here with a SPLAT R65 on a HP DL380G5. I solved the speed problem after reboot bij modifying the rc.local file as stated above.

However, what options are there to set the speed after an unplug-plug of the ethernet cable, or a outage of a switch?
Are there any files where one can put fixed settings which are set after such an event?

[Hitman]

Hi,

I have the same problem witn brand new PowerEdge 2950 R65 HFA02

The webui does not work for the NIC speed and duplex configuration.
All the NICs in the firewall are capable of gig speed (1000). And in the webui option, i only see 10HD - 10FD - 100HD - 100FD - auto detect.

No 1000,...weird

Does anybody have this problem and know how to solve it ?

manual patch:
I script the configuration of all the NICs speed and duplex in rc.local with eth_set to survive reboot.

[chillyjim]

You cannot lock the speed at 1,000 Mbps per the 1000BaseT spec, it must be set to autoneg for GE.

[Hitman]

Thanks chillyjim,

You always have the answer for me.
That is why, i do not see 1000 mbps option in the webui.

[eduardw]

We have several hp dl380 G4 and G5 and I prefer auto negotiating on the switch and the Dl380 the best combination.


Eduard

[tHeInDian]

For an interface that running at Go its necessary to fix and it’s recommended to leave at Autoneg.

Normally we could at prompt Shell in Expert mode:

ethtool –s eth0 speed 100 duplex full autoneg off
route --save

route --save (two dash) update netconf.C with the right parameter to reconfigure NIC at the reboot.

BUT a bug is in any version of R65 about configuring speed/duplex through /etc/sysconfig/netconf.C. Check Point sent us a correction patch (but they don’t give us a patch number) and these file was:

scis-1-620021001.i386.rpm (untouched by HFA_30)
spwm_network-1-620053000.i386.rpm (updated with HFA_30 to -1-620630005)
libscis.so (updated through HFA_30 but did not included the fix)

For the 2 x .rpm it’s ok but I do not recommended to install the libscis.so on top of HFA_30. CP told us that they will probably provider a HFA_40 where this bug is supposed to be solved. If you want to us HFA_30, use /etc/rc.local to add a manual ethtool –s ethx command.

[luc.cormorand]

Hi,

I asked Check Point to obtain this Hotfix..Unfortunatly it's like calling Elvis...It takes a long time.
Can you provide me this Hotfix via mail or FTP ?

best regards

[geetarman]

not sure if this is helpful or not but...

On Solaris for the Intel nics there is a conf file (e1000g.conf under /kernel/drv) and you can edit what gets advertised in the autoneg session.
So you can be RFC compliant and auto your Gb connection, but when you autoneg, you only 'announce' 1000-full. More of a "sin of omission" approach.

Perhaps there is a similar option in splat?