hifn errors on console
Eric W. Bates
ericx_lists at vineyard.net
Fri Apr 7 17:51:46 UTC 2006
Sam Leffler wrote:
> Eric W. Bates wrote:
>
>> I'm running pfsense (an embedded FreeBSD 6.1) on a wrap2C. I recently
>> added a Soekris vpn1411 and am now getting infrequent errors:
>>
>> hifn0: rndtest: ones interval 4 failed (382, 251-373)
>> hifn0: rndtest: ones interval 1 failed (2663, 2343-2657)
>> hifn0: rndtest: zeros interval 5 failed (206, 111-201)
>> hifn0: rndtest: ones interval 2 failed (1385, 1135-1365)
>> hifn0: rndtest: zeros interval 3 failed (718, 542-708)
>> hifn0: rndtest: zeros interval 4 failed (243, 251-373)
>> hifn0: rndtest: zeros interval 3 failed (717, 542-708)
>>
>> IPSec works fine. However, I do not know how to tell whether the hifn
>> is being used.
>>
>> I had no luck with Google. Can anyone enlighten me?
>
>
> man rndtest(4). pfSense has configured the FIPS rng testing module to
> monitor the entropy sent by the h/w to the system prng. Looks like
>
> sysctl kern.rdntest.verbose=0
>
> will turn off console msgs.
I guess I want to follow up on this a bit. It seems that rndtest is
unsatisfied with the degree of randomness presented by the card.
Is that randomness used to produce /dev/random?
Is this an indication of a fault with the card?
How does such a card "create"/"collect" entropy?
Is there anything I can do to improve the situation?
Thanks.
btw: adding a similar card (Soekris VPN 1410 -- PCI not mini-pci) to a
full size motherboard running 6.0-RELEASE-p6 produces the same errors.
> Sam
>
>
More information about the freebsd-net
mailing list