Installation on a HP DL360 G10

Hello Guys,
i just run into a Problem installing IPFire 2.23 Core Update 139/135 on a HP DL360 G10. (16GB RAM, Intel® Xeon® Silver 4110 CPU @ 2.10GHz, 480GB SSD RAID 1)
After the Grub Menu i only got a Black Screen with a stuck Courser.
I tried different different ways to start the installation. From USB, burned CD or over the ILO device with the ISO as Virtual Drive and disable the build-in Raidcontroller and switching from AHCI to RAID, everytime with the same error.
I tried lagecy boot and it got stuck again on the old screen.
Any Sugesstion to search further?
Thanks in advance.

First of all, install something well supported as CentOS (consider version 8 or 7, not 6) to verify if everything is ok on your hardware.
Is fully updated as BIOS and firmwares on your hardware?
Did you used 64bit image?
Was UEFI/EFI boot enabled or disabled on hardware?

Hi Pike,
the latest Firmware is installed. I used the 64bit image. I tried to install with UEFI/EFI boot enabled and disabled. CentOS 8 is running.

Is there any RAID/SCSI controller installed? Would you consider as test to disabled from UEFI configuration and try a boot from any device?
UEFI boot enabled, 64bit image.

Hello Pike,

Controller disabled; UEFI Boot, 64bit Image: same error… I think I’ll test the141 Update in the afternoon.
If you got other Ideas write them down for me.
Thanks for your help.

My last idea is for an issue between kernel and some other piece of peripherals. If 141 does not have an updated kernel i won’t feel that confident that it’ll boot. However, maybe you can consider as an option (not the best, i can agree) to run IPFire as a virtualized guest into the host made by your DL360 G10.
I’d use ESX which is what I am familiar most…

It does not have an updated kernel, no.

No. Do not do that. There is no reason to massively downgrade the security of that setup and it ruins your performance, too.

Just get different hardware that is tested and works.

@ms sorry, i don’t think that

can be a correct way to address this issue.
You may not want to bring IpiFire compatibility over this Business grade server of a qualified OEM, i can accept that.
Maybe Ipifer like Dell or Lenovo better than HP, that’s understandable.
But sometimes you have to deal with what you’ve got, because “buy-get another box” it’s not an option.

Virtualization reduce performances, I agree, it’s not the top-tier choice.
IpFire it’s not top tier too. I can list at least 4 other firewall distros that are not maybe tweaked as IpFire is, not that updated, maybe even with less modules, but they can at least manage more than one internet connection. I though that was not fair in this place so i don’t mentioned.
Unfair like your “get another box” suggestion…

Yes, I do get your point. There is probably at least one request like this a day on this forum. If we would take care and have a look at all of that hardware that would keep one person busy full-time. We simply do not have that time and very often it is not worth doing this anyways.

I understand that everyone wants the cheapest hardware as possible, but very often people simply pick very very outdated stuff. If things are cheap, there is a reason for it, and very often that is a lack of driver support.

The main point here simply is that it breaks your security concept. Buying a new server costs nothing compared to a security incident. Businesses care and they very rightly so need to care about their own and their customer’s data. Having a virtual firewall does not help you with that. It makes it more difficult so that the extra cost is showing up somewhere else.

Hardware is cheap guys. It costs a thousands Euros (or whatever currency) you are using, but that is cheap compared to all other opportunity cost.

Have you tried install in text mode?
obraz

This menu is only available in CMS mode. But if you get grub in efi mode there are also several kernel parameters to force videomodes. (Press E to edit the commandline) try adding vga=scan here and note the choosen number to add this to /etc/defaults/grub later.

@ms there’s a lot of things to talk about willing and capabilites to support hardware, not the place.
About money and willing to spend from customers/users… man you can advice what you want (i suggest you to do this) but throwing away a old server which was not latest of crapware on market ad that time IMVHO is not the best way to interact.
I mean… Good hardware, is not that cheap, even compared with other issues. Because sometimes you can get insurances or whatever to face off opportunities, but not every time you want the budget is opened.

About virtualization: I get your point about security but please, don’t also forget business continuity and SPOFs. Virtualization can be an answer, and a good virtualization environment sometimes starts with good old hardware.

@awobs any news? Maybe another option CentOS based is viable for you instead of IPFire?

I do not really want to go into too much detail here, because it is a Monday morning and I need to focus on work, but…

Even though hardware works does not mean that it should always be used. It can break, it might have vulnerabilities, no support for your BIOS any more and what other reasons you can come up with.

New hardware is cheap. It is reliable and economically very often the best path to go - note that I am saying economically and deliberately not environmentally, etc. Instead of debugging something for a long time and then still not being able to rely on it is a huge problem - at least in my business I need things that just work.

Yes, it can be. See IPFire in the Cloud. But I know some more details about this case and in this one it just isn’t.

Also note that although you might not have one piece of hardware being your SPOF, you are adding a lot more complexity which brings in more components that could fail.

Virtualisation therefore should only be seen as a last resort here.

sorry guys was a bit busy on the weekend and i didn’t have the time to test your solutions.

sorry pike this is no option for me.

i consider this as the last resort, we wanted to set up the server as a central point for about 100 IPSEC connections

yeah i tried, but didn´t get any other results

Thanks for the tip but was that the right input


because i didn´t get any numbers to post

@ms @pike_it I see you have different views, you could leave the focus on troubleshooting for people with similar problems. Thanks

@all Maybe I am just blind but is there a link somewhere where you can download the update 141 as .iso? And Thanks to all for your help.

AFAIK not yer released, and it won’t until it’ll pass still few days from the testing.

Maybe Firewall Distro base on CentOS 7 won’t solve the problem “Booting/installation of IPFire to DL360 G10”, but maybe it could solve your issue “endpoint for 100 IPSec Tunnels”.

If you really want to test the next kernel, have a look right here: https://nightly.ipfire.org/next/latest/

CentOS 7 is a very outdated distribution. You would not want to set up a new system with it. On top of it, it does not ship a good IPsec implementation - and even if it did, I am not sure if one would want to manage 100 tunnels by hand.

This is why we make IPFire :slight_smile:

out… what?


Not the newest concept? I agree… otherwise, please…

You know what I mean. Do not try to deliberately misunderstand me.

Try to add vga=scan to the line that start with linux not in a own line.

was this the right way to go?

still got the same error, even with the nightly build