Messages

The upstream box, is my ISP's router.  It connects directly to the opnsense box.

As mentioned above, the only reference to an ipv6 on the ISP router's windows is the one that says that is working in dual mode (i.e. supporting both ipv4 and ipv6).

I have now reconnected my computer to the opnsense box.  So ISP router > opnsense box > my computer.

Having done that, as requested I went to http://www.ipv6now.com.au/pingme.php and pinged google.com, here are the results:

The response for 'google.com' using IPv4 is:
PING google.com (172.217.5.110) 56(84) bytes of data.
64 bytes from sfo03s07-in-f110.1e100.net (172.217.5.110): icmp_seq=1 ttl=121 time=1.34 ms
64 bytes from sfo03s07-in-f110.1e100.net (172.217.5.110): icmp_seq=2 ttl=121 time=1.41 ms
64 bytes from sfo03s07-in-f110.1e100.net (172.217.5.110): icmp_seq=3 ttl=121 time=1.44 ms
64 bytes from sfo03s07-in-f110.1e100.net (172.217.5.110): icmp_seq=4 ttl=121 time=1.40 ms
64 bytes from sfo03s07-in-f110.1e100.net (172.217.5.110): icmp_seq=5 ttl=121 time=1.50 ms

--- google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4006ms
rtt min/avg/max/mdev = 1.342/1.422/1.503/0.062 ms

The response for 'google.com' using IPv6 is:
PING google.com(sfo03s18-in-x0e.1e100.net) 56 data bytes
64 bytes from sfo03s18-in-x0e.1e100.net: icmp_seq=1 ttl=121 time=1.49 ms
64 bytes from sfo03s18-in-x0e.1e100.net: icmp_seq=2 ttl=121 time=1.50 ms
64 bytes from sfo03s18-in-x0e.1e100.net: icmp_seq=3 ttl=121 time=1.58 ms
64 bytes from sfo03s18-in-x0e.1e100.net: icmp_seq=4 ttl=121 time=1.50 ms
64 bytes from sfo03s18-in-x0e.1e100.net: icmp_seq=5 ttl=121 time=1.53 ms

--- google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4005ms
rtt min/avg/max/mdev = 1.495/1.523/1.587/0.060 ms

Also, for testing purposes, I just plugged my pc into my router directly (bypassing my opnsense box).

Here are the differening results when I visit https://test-ipv6.com/ bypassing the opnsense box:

Test with IPv4 DNS record       
ok (0.362s) using ipv4

Test with IPv6 DNS record       
ok (0.399s) using ipv6

Test with Dual Stack DNS record       
ok (0.423s) using ipv6

Test for Dual Stack DNS and large packet       
ok (0.363s) using ipv6

Test IPv6 large packet       
ok (0.594s) using ipv6

Test if your ISP's DNS server uses IPv6       
ok (0.516s) using ipv6

Find IPv4 Service Provider       
ok (0.387s) using ipv4 ASN 812

Find IPv6 Service Provider       
ok (0.412s) using ipv6 ASN 812

If I try to start the service, it will not start.

when I visit https://test-ipv6.com/  this is what I get:

Test with IPv4 DNS record -    
ok (0.105s) using ipv4

Test with IPv6 DNS record       
bad (0.007s)

Test with Dual Stack DNS record       
ok (0.107s) using ipv4

Test for Dual Stack DNS and large packet       
ok (0.100s) using ipv4

Test IPv6 large packet       
bad (0.005s)

Test if your ISP's DNS server uses IPv6       
ok (0.101s) using ipv4

Find IPv4 Service Provider       
ok (0.106s) using ipv4 ASN 812

Find IPv6 Service Provider       
bad (0.006s)


When I sign on to my router, the only thing I can see related to ipv4 vs ipv6 is

Router Mode - and its set to dual (meaning both ipv4 and ipv6).

My network's external IP address is assigned by the ISP; as far as I can see it doesn't change very often but does change - if that is what your asking?

Awoke to another set of updates this morning, I applied them, but the DHCPv6 Server is still not starting.

I just applied the latest update as follows:

2021-06-26T14:26:35   pkg-static[7325]   os-ntopng-enterprise upgraded: 4.3.210622 -> 4.3.210626   
2021-06-26T14:26:28   pkg-static[7325]   ntopng upgraded: 4.3.210622 -> 4.3.210626

and now the DHCPv6 Server is not starting (where it was before the update).

When I check for updates the system says there are no more.

I tried rebooting the machine, still no love.

Any ideas on what is required to get this working again?

ok - so I went into Services - redis - General Tab and then clicked the Reset button, after that Redis started.

I was then able to start ntoping.

However, I then signed in via the web interface, and it appears all the names I had previously assigned my hosts have been lost :-(

When I tried to do the 21.1.7_1 update this morning the system hung.   I rebooted but it was still hanging.

Following the advice of other the posts here today and I cleared my browser cache, after which time the update reports having being completed. 

Now when I check for updates the system says it is up to date. 

However, now both the ntopng service and the redis service as shown as red / stopped on the dashboard, and neither can not be restarted. 


Ntoping log says:

2021-06-22T10:38:04   ntopng[94041]   [Redis.cpp:150] ERROR: to specify a redis server other than the default   

2021-06-22T10:38:04   ntopng[94041]   [Redis.cpp:149] ERROR: Please start it and try again or use -r   

2021-06-22T10:38:04   ntopng[94041]   [Redis.cpp:148] ERROR: ntopng requires redis server to be up and running


The redis service option to enable it is checked, but it is not running.

I assume once I can get redis working again, ntoping will follow.


Any advice would be appreciated.

gdur,

Thanks for your help - I think I am making progress - but am confused with the results.

I changed the protocol from 'any' to 'udp' as you suggested, and am now seeing some traffic blocked in the live view. 

I would have thought that 'any' would have included 'udp' - is that not correct?

Regardless, also to make progress, I changed the rules from using '192.168.1.121' (which is the internal IP address of my device) to 'any' (please see attached screenshot).

Odd things are:

1. live view only shows traffic blocked where 139.162.72.65 is the source (but not the destination)

2. the destination is not my device's internal lan address, rather my external IP address (which I have blurred in the screenshot)

3. one outgoing connection seems to have been allowed?

4. ntopng results remain unchanged, and it appears that traffic is flowing both ways (however perhaps ntoping is reporting what is being requested vs what is being allowed?)


Also, I did check to see if I could ping out from the device at 192.168.1.121 to 139.162.72.65 and I could not - which is good.

needing to post file over more than one post due to size limits (final)

needing to post file over more than one post due to size limits

Thanks but that hasn't changed the results?

Originally, I had the direction you suggest - but changed it when that did not appear to be working.

Attached are some screenshots of (after I made and applied the changes you suggested), these are:
1. the rules showing how they are set up (and applied) now
2. what I am seeing on my live view
3. what I am seeing using a packed dump from ntopng

Sorry if this is a total basic question, but there is an external IP address that I would like to have all traffic to and from one of my networked devices blocked.  I tried adding a rule to my LAN interface but can't seem to figure out how to identify things correctly - or at least I can't get it to work.

Here is what I had tried (screenshot below) - but it did not work (I also tried changing the direction (in to out and out to in) but that didn't help, I also tried a similar set of rules at the WAN level - again, no love.


Any help would be appreciated.

thank you

If the only thing that is running on my opnsense box is opnsense (and related plugins), is it advisable to periodically run sudo apt update sudo apt upgrade if I am already periodically checking for updates from the dashboard/lobby and applying them?