As I mentioned in another thread, I’m building an OPNSense box in a Dell Optiplex 5040 with an Intel X520-DA2 providing 10GbE connectivity on the LAN side of things.
I booted into Windows 10 and installed the latest Intel NIC driver package, in hopes that it would automatically flash the card to whatever the newest firmware is supposed to be. The card is recognized in Windows and working, but I’m not sure if I still need to mess with updating the firmware.
Apparently it’s actually a Dell OEM card? And they have their own firmware? But the standard version of this Intel card only has an option ROM? I’m very confused and Google only helped me become more confused.
At this point I’m not sure if still need to do anything to the card. I’d appreciate any suggestions or advice.
Usually a NIC driver isn’t going to have anything to do with the firmware of the AIB directly.
But also, if it’s working just fine and you aren’t having any issues, I don’t see why you would need to update it anyway? Other than maybe if this was on a public facing server or something where a vulnerability could be a major issue.
Thanks.
I’m used to always updating firmware on drives and such as there can be security vulnerabilities or data corruption issues that get patched, or even power use optimizations.
It was my understanding that some of the older 10Gbps cards needed a firmware update to properly auto-negotiate and maintain stability with more modern network equipment as well, which made me want to check, but since OPNSense is BSD I don’t even know how to check the card’s firmware version.
There are FreeBSD driver packages here, and they are relatively new (2022/2023): Intel® Ethernet Converged Network Adapter X520-DA2
I’m guessing one of them would have the firmware checking tool. I might experiment with that just to see if I can get a reading off the card.
(I get why BSD is the way for OPNSense, but I’m realizing that a lot of my Linux toolchain skills don’t translate at all. On Linux I could at least fairly quickly get a reading of a device and figure out what firmware it reports…)
Yeah totally makes sense, I mean if firmware updates are easy then it’s a might as well do it kinda thing. But in my experience the X520-DA2 cards are just rock solid no matter how old/new they are and what machine I put them in. Have never personally updated the firmware on them and also never had an issue on BSD, Linux, Windows, etc… So if it is working well for you and you don’t run into issues, maybe it’s not necessary?
But since you are using it in a firewall, if there are security issues and it’s facing the edge, maybe it is worth it then lol.
I’ll see if I can find any info on doing updates for them through BSD, but IIRC there haven’t been any super major security issues with them; at least not recently. Probably one of the most rock solid reliable NICs out there.