The HPE H220, now LSI SAS9207-8 and TrueNAS 12

I’ve been running TrueNAS (previously FreeNAS) at home for more than 10 years on various grades of “least expensive” HP Server hardware. I’ve been impressed from the very beginning. With two young boys data has been accumulating at a fast rate for a number of years and my most recent HP ML10V2 server had simply run out of storage space. So when my file server started throwing SMART errors, telling me one of the drives was on the way out it was time to hurry up with that planned upgrade.

I won’t bore anyone with the details suffice to say, it was going to go from a three drive Raid-Z1 array to *at least* a Six drive Raid-Z2 array, increasing storage from 6TiB to a whopping 16TiB and doubling the number of active spindles. That should give us all plenty of time to grow our “media” library somewhat and replace drives as necessary upgrading the pool as we go.

However before I made this jump I needed to get the HP H220 Raid Card re-flashed and reconfigured for a life outside its traditional RAID setup. After a little research on the interwebs it turns out the HP H220 that I’d bought was a rebadged LSI/Avago/Broadcom SAS9207-8 controller with custom firmware. It pays to cruise the interwebs (especially Serve The Home forums) and find out about your cards chipset, since there are two known versions of the HP H220 card in circulation and they use different chipsets, which can be bothersome.

Now these Storage cards are “intelligent” and come configured for SAS/SATA RAID systems in what’s called IR mode. For TrueNAS we need to the card in a more traditional IT or JBOD mode where TrueNAS can see and control the disks each individually. It does seem odd that we take these high-spec cards and dumb them down, but keep in mind the two SFF-8087 connectors on the card can drive up to four SATA drives at 6Gbps without flinching, with all eight channels singing it will bring the I/O load up on any PCI-E 2.0 bus . For less than A$65 at the time of writing this is still good value.

So just how does one re-flash the firmware on these LSI 9207-8 cards without bricking them ? Well it turns out these cards are hard to brick, the software has a number of checks to prevent silly mistakes, so they are not as fragile as many would fear.

However there are some tricks that I learnt which I thought I’d share, note this is not a how to guide just a collection of my notes I made as I went;

  • The DOS version of the SAS2FLSH utility is what we want to use, it will allow the upgrade or downgrade of firmware and card bios, the UEFI, Windows and linux varieties are not so nice, there is a technical article (ID: 1211161501344) that you can read all about it (YMMV).
  • You can download (at the time of writing) all of the firmware for these cards from the Broadcom website. The webpage is not intuitive, start in the Support and Services / Support documents and downloads page, search using “Legacy Products” and “All legacy products” then 9207-8, perservere there are there and can be found; don’t forget to read and accept the Broadcom license agreements.
  • You will need the P20, P19 and the P14 firmware with IT, IR, BIOS for MSDOS, they are 1.7MB zip files.
  • You can then make yourself a FreeDOS boot disk using Rufus
  • Copy the P20 firmware (9207-8.bin), P19 bios (mptsas2.rom) and P14 sas2flsh.exe utility to the DOS boot disk, and you’re done.
  • The P14 SAS2FLSH utility does not balk at the card being branded HPE when it’s expecting to see LSI, later versions of SAS2FLSH (P19/P20) do this check and will refuse to update. Note that once you write the LSI bios you’ll need to find the original HP bios ROM on the interwebs if you want to go back, there didn’t appear to be any “save” current bios options… caveat emptor
  • The P20 bios ROM will “red screen of death” on some HPE server machines, my ML10V2 was no exception; I simply downgraded the bios to P19 which was 6 months older than my HP bios (J10) version and worked.
  • Once flashed, reboot the machine and enter the controller configuration and setup the card the way you need, hint it helps to specify which card/drive you will boot from, might save you a few unnecessary reboots to find out why it’s not working… sigh

Anyway I’ve made this post to firstly remind me what I’ve done if and when I need to repeat this exercise in the future, it may also be helpful to someone that is trying to update the card and is having trouble. These cards are difficult (not impossible) to brick, but the above certainly worked for me on my hardware, as always YMMV.

Altium Designer & Windows 10

If you are a regular user of an older version of Altium Designer (AD), you may find some “interesting” problems when running on the latest version of Windows 10.

When recently creating a smart PDF I noted that the reference zone text within the page boundaries of a schematic had suddenly disappeared. Thinking this was odd, I also tried printing to a PDF no dice, worse yet a print preview gave the same result. So where did they go ?

There was little useful help from the Altium website about such issues, other than to say it could be a video card or print driver problem and to delete all drivers and add them back one at a time until you work out which one is causing the problem. Sigh, so not helpful.

Instead it turns out in older versions of AD may use the 32-bit GDI+ interface to render text, this was always going to end badly with the latest 64-bit edition of Windows 10.

Thankfully one can disable this feature within AD by clearing the “Render text using GDI+” checkbox in the following Menu;

DXP > Preferences > Schematic > General > Options

After unchecking, the reference zone characters reappeared in both my SmartPDF and printed copies, woo were back ! I’m filing this here so I can remember what to do the next time I have this problems, I hope that others may find this useful.

pfBlockerNG + GeoIP and the unintended consequences

For anyone using pfBlockerNG with GeoIP enabled there are a couple of hidden gotchas if you like Streaming Services !

During this COVID-19 crisis I was able to work from home remotely. During this time I noticed that every hour at 1 minute past the hour that various streaming services would loose connectivity for approximately 60 seconds. Apart from being very annoying and embarrassing, my co-workers began to set their clocks in meetings each time I dropped out.

So after ruling out the usual DHCP issues on my WAN, ISP issues, low level hardware issues etc I then remembered some weeks before this COVID-19 malarkey installing pfBlockerNG using instructions from one of my favourite YouTube channels Lawrence Systems (click). There are no such things as co-incidences.

So investigating various options and double checking configurations I noted this unassuming check box at the bottom of the pfBlockerNG IP configuration page;

So thinking about this a little, what it means is every hour on the hour this will force any current IP states in the firewall found to be within a blocked range to be cleared. This includes established states. It was about then the penny dropped, what if the streaming services I was currently using were in a GeoIP blocked group, every hour on the hour any established connection would close, then be forced to renegotiate a connection. Sigh. So this is how I had configured my GeoIP settings;

What you can’t see here is within Oceania I’d unblocked my own country “Australia” from these rules. What made me twig to this being the problem is some of the streaming services I use were not being interrupted, upon a little digging all of these used a CDN (mainly Cloudflare) and were coming from IP ranges that were not being blocked. Where as services like Foxtel Go, Microsoft Teams and even ssh connections to my virtual server in Japan were dropping with frightening regularity.

To stop this from happening all I needed to do was not enable the kill states and away it went again. I could have also taken a longer route and identified IP ranges for stream services I wanted to allow, and may investigate this further. YMMV.

The Windows 10 Conundrum

One of my son’s laptops recently suffered a hard drive failure. He’d been using his “roadkill” laptop for a year or so that came pre-installed with Windows 10. Until now I’ve avoided upgrading any of my machines past Windows 7 (why fix what isn’t broken) and I personally prefer Linux on my laptops for reasons.

The roadkill laptop I’d given my eldest son was a HP business machine so it wasn’t hard to slip a new WD Green SSD drive and give it a small boost in performance at the same time.

Reinstalling Window 10 was also rather simple, simply requiring creation of a USB media stick and following the bouncing ball with the license codes I had on paper.

So far so good.

However upon booting the machine I was horrified with the push to sign up for a Microsoft account to “simplify your user experience”. Ummm childs laptop, not a good idea to suck on the cool-aide and allow tracking of habits at a young age, there stills needs to be some privacy. So with the help of Google we managed to create a local account (not intuitive), which does not require internet access to login.

So now we have an account on the local machine I could see what the new UI looks like. Once again I wasn’t impressed with the standard apps installed, the bloat and blatant adverting gumph plastered on every screen. There was content waiting and ready to download as soon as you clicked on an icon, installed games and a host of stuff I wouldn’t let corporate users access too. So off they came too.

I’m going to be forever thankful to the writers at HowToGeek for there series of articles on how to disable the advertising and things like Cortana (also not what I want on my childs laptop). Below are the two articles I found most useful;

One day the likes of Lego may learn that Linux exists and the one App that forces me to use Windows 10 on his laptop will allow him to move to Linux on his laptop, fingers crossed.

I am not looking forward to when I must move my last Windows 7 machine to this new monster. At least now I’ve had some experience disabling the features that I personally don’t like.