"Recent posts
#1
26.1 Series / WireGuard VPN Resolve Hostname
Last post by Glossy2k - Today at 01:49:28 PMHello everyone! I am a little bit stuck and need some assistance (I am quite new to OPNSense)
Currently, we are hosting some customer servers in our data center and are looking to use WireGuard VPN to resolve hostnames. I understand the differences between Dnsmasq and Unbound DNS, but how would I go about doing this? I must be able to resolve a hostname itself, without a domain such as "CUSTSERVER" instead of "CUSTSERVER.internal".
I hope this makes sense and someone can help!
Currently, we are hosting some customer servers in our data center and are looking to use WireGuard VPN to resolve hostnames. I understand the differences between Dnsmasq and Unbound DNS, but how would I go about doing this? I must be able to resolve a hostname itself, without a domain such as "CUSTSERVER" instead of "CUSTSERVER.internal".
I hope this makes sense and someone can help!
#2
General Discussion / Re: An error has occured "Sorr...
Last post by RobertoZ - Today at 01:34:10 PMSame issue here. Using VPN gets you banned from the forum.
#3
26.1 Series / Re: dnsmasq - expiration optio...
Last post by Monviech (Cedrik) - Today at 01:26:01 PMWe just collect all options that are valid via IANA and don't filter much. We don't know if somebody uses the option you have issues with successfully.
https://github.com/opnsense/core/blob/master/src/opnsense/scripts/dnsmasq/dnsmasq_dhcp_options.py#L36
The options directly supported by Dnsmasq will appear under "common" (means dnsmasq itself advertises these as being supported)
https://github.com/opnsense/core/blob/5b3b163ce0d93d41fcb141807c6d76389178ad1b/src/opnsense/scripts/dnsmasq/dnsmasq_dhcp_options.py#L78-L79
https://github.com/opnsense/core/blob/master/src/opnsense/scripts/dnsmasq/dnsmasq_dhcp_options.py#L36
The options directly supported by Dnsmasq will appear under "common" (means dnsmasq itself advertises these as being supported)
https://github.com/opnsense/core/blob/5b3b163ce0d93d41fcb141807c6d76389178ad1b/src/opnsense/scripts/dnsmasq/dnsmasq_dhcp_options.py#L78-L79
#4
26.1 Series / Re: IPv6 downstream router (Fr...
Last post by Monviech (Cedrik) - Today at 01:14:59 PMHello Gerhard,
this is what I expected.
Also that no route was installed initially. We guard the prefix watcher if no lease.csv files exist, so the watcher exited early. Restarting KEA started it after the lease file was there again.
Thanks for confirming, let's hope its stable now. :)
this is what I expected.
Also that no route was installed initially. We guard the prefix watcher if no lease.csv files exist, so the watcher exited early. Restarting KEA started it after the lease file was there again.
Thanks for confirming, let's hope its stable now. :)
#5
26.1 Series / Re: OpenVPN server not working...
Last post by buridi - Today at 01:08:32 PM26.1.2 has fixed the issue, thanks a lot
#6
Hardware and Performance / Re: Latest BIOS update bricked...
Last post by BGP4 - Today at 01:04:18 PMThe strange thing about the BIOS flash is that the device simply shuts itself off at 100%. There's no information given that this is about to happen, and the process just sits at 100%. In reality, nothing else is being updated at that point. You'd expect some kind of message like 'powering off...', then a blank screen, and only then the shutdown. Just keep an eye on the power LED.
#7
26.1 Series / Re: IPv6 downstream router (Fr...
Last post by GerhardHeus - Today at 12:48:47 PMThank you Cedrik.
I did the following:
- Disconnected Frtiz
- stopped KEA DHCPv6 and deleted the csv's in /var/db/kea
- Rebooted OPNsense and power-cycled Fritz
- After OPNsense came back reconnected Fritz
- Fritz had connection buit no delegated prefix
- Started KEA DHCPv6 in OPNsense
- Saw Fritz obtained correct /60 prefix; saw no route message in KEA log also no error
- Fritz client could not reach internet via IPv6
- Restarted KEA DHCPv6 from the user interface (pressed circled arrow)
- Then I saw the route message appearing
- Everything works as expected now
I did the following:
- Disconnected Frtiz
- stopped KEA DHCPv6 and deleted the csv's in /var/db/kea
- Rebooted OPNsense and power-cycled Fritz
- After OPNsense came back reconnected Fritz
- Fritz had connection buit no delegated prefix
- Started KEA DHCPv6 in OPNsense
- Saw Fritz obtained correct /60 prefix; saw no route message in KEA log also no error
- Fritz client could not reach internet via IPv6
- Restarted KEA DHCPv6 from the user interface (pressed circled arrow)
- Then I saw the route message appearing
- Everything works as expected now
#8
26.1 Series / dnsmasq - expiration option
Last post by katamadone [CH] - Today at 12:30:51 PMIs it intentional that setting the address time[51] via tag isn't possible.
I'm aware that the lease time is set in the range, but maybe the setting possibility for address time[51] should not be there under tags if it's only possible to set via lease time.
also maybe a misconfiguration on my side
I'm aware that the lease time is set in the range, but maybe the setting possibility for address time[51] should not be there under tags if it's only possible to set via lease time.
also maybe a misconfiguration on my side
#9
26.1 Series / Re: NAT Reflection / Hairpinni...
Last post by PilaScat - Today at 12:14:47 PMQuote from: TheSHAD0W on Today at 01:29:12 AMWifi was broken in general for the 26.1 release. I'm surprised it was working for you. Try the latest update. You may need ot delete and reinstall the wifi.
I'm not using the integrated wireless
#10
26.1 Series / Re: IPv6 downstream router (Fr...
Last post by Monviech (Cedrik) - Today at 11:59:13 AMIn DHCPv6 a client can request a certain prefix length from the DHCPv6 server.
If the documentation of the Fritzbox says it needs 62 or lower, I would first try to give it 62 by changing the configuration of KEA (delegated_len).
Maybe it cannot use 60 and then falls back requesting 64.
But that's all just assumptions, the KEA config looks correct.
------
Remove fritzbox from network, reconfigure the KEA PD pool to offer 62 prefix.
Stop KEA, delete the IPv6 lease database completely (or remove lines that are the old leases, your choice) so there are no remainders after changing the configuration:
/var/db/kea/kea-leases6.csv (and .1 .2 if there are)
Reboot OPNsense
Reconnect Fritzbox and see what happens.
-----
In the end the Fritzbox should get one delegated prefix /62, and it should use that internally to split it into multiple /64 prefixes.
If the documentation of the Fritzbox says it needs 62 or lower, I would first try to give it 62 by changing the configuration of KEA (delegated_len).
Maybe it cannot use 60 and then falls back requesting 64.
But that's all just assumptions, the KEA config looks correct.
------
Remove fritzbox from network, reconfigure the KEA PD pool to offer 62 prefix.
Stop KEA, delete the IPv6 lease database completely (or remove lines that are the old leases, your choice) so there are no remainders after changing the configuration:
/var/db/kea/kea-leases6.csv (and .1 .2 if there are)
Reboot OPNsense
Reconnect Fritzbox and see what happens.
-----
In the end the Fritzbox should get one delegated prefix /62, and it should use that internally to split it into multiple /64 prefixes.
