I have been looking to upgrade an older Qotom unit that has a full RS232 I use for a GPS for NTP. Can anyone with a unit verify if the serial console is fully wired or is it an RX/TX only? I have seen some other denverton systems that had RJ45 console ports that apparently did not connect up any of the signaling lines, but I need DCD/CTS actually hooked to an IRQ for the PPS line and I can't find any documentation or pictures of the traces to determine if it is actually potentially full signal or not.
Qotom Denverton fanless system with 4 SFP+
- Thread starter is39
- Start date
Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
And we all know it's always a great idea to base a firewall appliance on a development version of an OSpfSense CE has been based on FreeBSD 14.0-CURRENT since 2023-06-29 and pfSense Plus since 2023-02-15. pfSense Plus 24.03 and later are based on FreeBSD 15.0-CURRENT.
Versions of pfSense software and FreeBSD | pfSense Documentation
docs.netgate.com
In other words, OPNsense has fallen behind quite a bit.
OPNsense at least uses the release versions but yes, they more and more often are based on outdated (i.e. EOL) versions like TrueNAS, which is hopelessly lagging behind the release versions (but given that ix has become a haven for linux-fanboys and is soon phasing out FreeBSD-based TrueNAS, one should not use/migrate away from that anyways...)
The pf syntax is one of the easiest to learn and read/understand (!!!) of all the firewall solutions out there. Let alone the absolute clusterfuck that is iptables... The GUI makes the configuration *a lot* more complicated and tedious than simply using plain PF. Same goes for pretty much all other configurations. Also, manpages on FreeBSD are very well maintained and pretty much always contain examples.
In short: just dump all those blingbling GUIs and use proper, plain FreeBSD and call it a day. For pure firewalls/gateways that may run a few services and where you don't need/want jails, just use OpenBSD, which has some nice additions to PF or updated syntax in some places and also great integration with other services (overall the interoperability of various networking services on OpenBSD is currently unmatched IMHO - e.g. CARP and demotion or reloading services on failover).
Has anyone found a manual for the Q20331G9-S10? I have been trying to figure out how to enable PXE booting for it in the BIOS. There are IPv4/IPv6 PXE settings that I enabled, but no option to put PXE booting in the boot order. Also, the Intel i226V provides five 2.5gbps ports. In the Intel documentation, these support Intel AMT, but I see no BIOS options to enable AMT and I can't seem to reach the unit via AMT. Normally AMT is enabled on a particular port (like IMEI), but I see nothing explaining which port that is. Great little unit, after finding that Teamgroup memory would not even allow it to post. Fortunately I had some other memory lying around that worked. Sadly, I don't have any USB sticks and not being able to PXE boot makes this only a paperweight...and a heavy one at that.
I have one that I can't get into bios. Any tips? I have 3200mhz ram in the first slot and it beeps and the keyboard lights up but does nothing after that. I have tried 2400mhz ram and it doesn't beep (or do anything). It does not seem to care if my keyboard is plugged in or what port it is plugged into.
After more extensive troubleshooting I was able to get it to reliably POST. However I can’t boot into the actual proxmox 8.2 installer. I select graphical (or tui) install and it loads some stuff but then goes to a black screen and never starts the installer.
No matter what one think of them, Netgate actually contributes to upstream FreeBSD so it makes more sense for them to use a development version than it would for a project like OPNsense. Might help a bit with BSD's subpar hardware support too I suppose, which is a genuine problem.And we all know it's always a great idea to base a firewall appliance on a development version of an OS
My point was that they used to be based on newer versions than pfSense but now they aren't.
IX are not Linux fanboys, but they have realized what many diehard BSD fans won't admit to themselves. Almost all new major feature development happens on Linux at this point and hardware support is significantly better. The software addons they provide in TrueNAS can also use official container images on Linux instead of relying on IX to port them to FreeBSD themselves. Honestly, their forum posts explaining the move to Linux made a lot of sense to me.
I don't think anyone likes the iptables syntax. No arguments there.
Not even the developers like it, which is why nftables replaces iptables and has a somewhat improved syntax. Linux distributions for routing/firewalling like VyOS and OpenWrt both use it nowadays.Isn't a lot of the draw with pfSense and OPNsense for a lot of people those "blingbling GUIs"?
The boxes use the Intel i225-V as far as I know, although I think I've seen similar motherboards from Qotom with i226-V too. The i225-V doesn't support AMT, does it?
What sfp modules are you using? I cant find any rj45 that work. Regarding temp. I added a usb fan on top and now the whole case is cool cpu 37 deg.
Having same problem here. I just received a 10GTek ASF-10G2-T, put it into my Qotom running opnsense 24.7R2, and I'm getting about 3-4% packet loss pinging my existing router over gigabit Ethernet. Same cable into a copper port, no packet loss. Put the ASF-10G2-T in a random Intel X710 card and it seems to not lose any packets.
(And before someone asks why I'm trying to do such an insane thing for testing when the Qotom has plenty of copper gigabit options - the reason I bought the Qotom is to upgrade to multi-gig Internet from my ISP and they'll be doing that over 10GBaseT.)
Should I try to update the firmware on the X553s?
Just to add to this, booted the Qotom with a somewhat older Ubuntu release (it didn't like 24.04). No sign of any packet loss using the ASF-10G2-T.
*siiiiiiigh* so it's FreeBSD/opnsense's fault?
I don't know. People say the out of tree intel driver works with 6.x kernel but for me I can send but not receive. Proxmox 5.x might work, not tried yet, I will do and report back. But this isn't a solution, its end of life. They also say the out of tree driver is necessary due to a bug in the kernel in debian 6, but that opnsense / pfsense are ok. In my experience they are all the same, send at full speed recieve show huge number of rx_errors when you check the interface with ethtool -S <enX>. Not tried vyos yet, this might also be necessary to get the very best routing speeds but there's no GUI ;-(.
Customer support from AliExpress is a disaster. I've been saying 'surely this works? surely you've tested this? what modules do I need?' I've only got vague responses back. People do say that all SFP RJ45's run hot as hell and can be flaky when hot so maybe fibre is a better solution anyway. I'm trying a direct connect cable tomorrow I'll let you know. If it works great but then you've got to think about running fibre all over the house.
SFP RJ45's apparently can draw several watts and some are more efficient than others so it may be that you need a particular module that doesn't draw too much. I've also heard people are putting them in switches every other slot because of the heat generated.
Lot of 'I've heard / people say' here I realise. Its because I'm left randomly guessing what might be wrong not for the lack of searching the web for answers.
Customer support from AliExpress is a disaster. I've been saying 'surely this works? surely you've tested this? what modules do I need?' I've only got vague responses back. People do say that all SFP RJ45's run hot as hell and can be flaky when hot so maybe fibre is a better solution anyway. I'm trying a direct connect cable tomorrow I'll let you know. If it works great but then you've got to think about running fibre all over the house.
SFP RJ45's apparently can draw several watts and some are more efficient than others so it may be that you need a particular module that doesn't draw too much. I've also heard people are putting them in switches every other slot because of the heat generated.
Lot of 'I've heard / people say' here I realise. Its because I'm left randomly guessing what might be wrong not for the lack of searching the web for answers.
Last edited:
My isp is 10gb rj45 handover as well. I've gone down the pci route 10gb rj45 as I have an ms01 but the sfp to rj45 modules whilst work fine they are super hot. I'm running pfsense
I'm running FreeBSD 13.3-RELEASE on my unit and speeds are perfectly fine on all interfaces. At least OPNsense should also be fine, pfsense are known to often use beta-drivers or custom kernel modules (and is based on -CURRENT which is *specifically* not intended for any production use...), so no idea/don't care if its the same for pfSense.
I'm using standard 10G SR LC transceivers though (FS.com). As already discussed, RJ45 SFP+ modules are completely out of spec regarding power usage and heat dissipation, so errors and incompatibilities are to be expected...
Update, I don't know if I missed something. But QSFPTEK RJ45 on new proxmox 6.8.8-3 kernel with out of tree driver 5.20.9 works when plugged into a 2.5G port on the Nicgiga switch. I couldn't get this to work plugging the other end into another 10G SFP+ RJ45 port on my nicgiga switch.
However, the SFP+ DAC cable on Proxmox 8.x OOT driver, works from Qotom 10G port to the nicgiga 10G port. Maybe its the nicgiga that doesn't like the RJ45 adaptor. Or maybe its happy with another brand. Infuriating, but some progress, the DAC cables work, so this leads me to believe an fibre cable would also work.
However, the SFP+ DAC cable on Proxmox 8.x OOT driver, works from Qotom 10G port to the nicgiga 10G port. Maybe its the nicgiga that doesn't like the RJ45 adaptor. Or maybe its happy with another brand. Infuriating, but some progress, the DAC cables work, so this leads me to believe an fibre cable would also work.
I've had one of these running for just under 3 months now (24/7, opnsense fw) with no issues, however today the device has just suddenly stopped working. Like something has shorted something on the board. The light on the included power supply flashes and thats about it. Just wanted to see if anyone else has experienced this and/or experienced Qotom's after sales support / warranty process? I brought mine via aliexpress.
Anybody know what the pinout is for the "sys_fan1" header? It appears to follow a "standard" 4-pin PWM, at least if the rackmount version of this doesn't have its own crazy color scheme for its fan.
For anyone curious, the connector appears to be a "Picoblade", and I found a vendor on eBay selling a Picoblade to "standard" PWM plug. I'm going to use a holesaw to put a 40mm in the bottom of mine; I have two M.2s installed on the board and don't plan on using the 2.5", although I'm probably going to offset the fan to one side to keep the 2.5" mounting space available.
For anyone curious, the connector appears to be a "Picoblade", and I found a vendor on eBay selling a Picoblade to "standard" PWM plug. I'm going to use a holesaw to put a 40mm in the bottom of mine; I have two M.2s installed on the board and don't plan on using the 2.5", although I'm probably going to offset the fan to one side to keep the 2.5" mounting space available.
I am a complete Linux noob so am on a very steep learning curve.
I setup my Qotom with Proxmox and have Home Assistant running sweetly but wanted either pFSense or OPNsense to run too.
After days of wondering why whatever I tried the 10Gb SFP+ ports wouldn't work, reading this thread finally helped me understand that the fault lies with Proxmox having drivers for the Intel X553 SFP+. I'd tried every combination of transceivers and dac leads thinking it was a hardware issue/user error before this.
The Qotom 10Gb SFPs work fine if I run OPNSense directly on it. I don't have the Linux knowledge to run an OOC driver for Proxmox and I don't want to make the system less secure.
I would still like to run both HA and a firewall on the Qotom as this was my intended use for it;
-Is there a realistic chance Proxmox might add the full drivers to their distribution?
-Should I look at another hypervisor solution with drivers for the X553s?
-Would it be a crazy idea to use TrueNAS Scale as the host for HA and OPNSense as VMs? - I have at least got that to work on another system (though not sure if this would drive the X553s)?
Thanks for any advice!
I setup my Qotom with Proxmox and have Home Assistant running sweetly but wanted either pFSense or OPNsense to run too.
After days of wondering why whatever I tried the 10Gb SFP+ ports wouldn't work, reading this thread finally helped me understand that the fault lies with Proxmox having drivers for the Intel X553 SFP+. I'd tried every combination of transceivers and dac leads thinking it was a hardware issue/user error before this.
The Qotom 10Gb SFPs work fine if I run OPNSense directly on it. I don't have the Linux knowledge to run an OOC driver for Proxmox and I don't want to make the system less secure.
I would still like to run both HA and a firewall on the Qotom as this was my intended use for it;
-Is there a realistic chance Proxmox might add the full drivers to their distribution?
-Should I look at another hypervisor solution with drivers for the X553s?
-Would it be a crazy idea to use TrueNAS Scale as the host for HA and OPNSense as VMs? - I have at least got that to work on another system (though not sure if this would drive the X553s)?
Thanks for any advice!
TrueNAS Scale is also based on Linux and is likely using the same broken driver for the X553 NICs as Proxmox.
I might try it to see. I was hoping a Linux guru might know re. the driver support. OPNSense seems very happy with it's drivers in BSD.
Is there a BSD hypervisor I could try?
I found this too which sounded encouraging....
SOLVED - x553 networking support
Some more info from SuperMicro, at the moment the board don't support any form of Legacy boot and only option is to install with UEFI boot support. Wow that's a new one. Not a real problem, but certainly unusual.
www.truenas.com