OPNsense Forum
Archive => 18.7 Legacy Series => Topic started by: bigpine on August 15, 2018, 09:03:51 am
-
I've upgraded from 18.1.13-amd64 to 18.7.0-amd64, and then to 18.7.1-amd64. After the upgrades, everything works fine except "System - Firmware - Updates". If I try "Check for updates", in four out of five attempts, I get either message "Package manager not responding" or "Timeout while connecting to the selected mirror". I have to change/switch "Firmware Mirror" setting several times, to do successful check for updates. There were no such issues with 18.1.x and other previous versions.
Also, in the list of firmware updates, last listed update is 18.1.3. There are no 18.7.x updates in the list. Is this normal/expected?
This doesn't affect normal operation of OPNsense, it's just a little bit annoying.
-
My ISP only provides IPv4 connectivity, no IPv6. It's annoying, but apart from that they are a good ISP.
After a upgrade to 18.7, I had the same problem. I found that the DNS was returning an IPv6 address and an IPv4 address. I think that Opnsense 18.7 was favouring the IPv6 address - which clearly wouldn't work.
DNSMasq or Unbound are the same result.
After much searching, I found the following fixed the issue for firmware updates:
System --> Settings --> General --> Prefer IPv4 over IPv6 --> (tick)
I also have found that apt-get on Debian/Ubuntu is trying to use IPv6 lookups (Had to force IPv4 in apt configuration). Same for fetchmail, which was fixed by giving IP addresses instead of hosts in the .fetchmailrc file. This only seems to be since 18.7. The above setting in Opnsense has no affect.
I thought I could probably limit lookups in DNSMasq or Unbound to IPv4, but Google does not think so.
-
Nope, certainly not normal.
(https://preview.ibb.co/gTbwd9/Capture.png)
-
If you want to have your systems prefer IPv4 then you have to modify the /etc/gai.conf file on each server, see here: https://community.rackspace.com/products/f/public-cloud-forum/5110/how-to-prefer-ipv4-over-ipv6-in-ubuntu-and-centos
The change has been made to prefer IPv6 so that people will move in the direction of using IPv6 as a matter of course.
[EDIT}Obviously the change mentioned in the second post is the correct way to change the behaviour of OPNsense. :)
-
Thank you all for advises.
"Prefer IPv4 over IPv6" setting didn't change anything. Also, I've updated to OPNsense 18.7.1_3-amd64, but everything is still the same.
I'll probably reinstall a whole server when I become sufficiently annoyed :)
-
I'm not sure if I'm following as if you don't have IPV6 supported on your server and/or ISP, it's best to just turn off IPV6 so you don't get odd issues. I am on Verizon FIOS and no IPV6 so it's all off:
(https://i.imgur.com/2LZwh3h.png)
I do the same thing on my debian box.
sysctl.conf:
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
If Verizon finally catches up, I can turn it back on, but for no, it's all off.
-
There's also a block all IPv6 option from Firewall: Settings: Advanced.
Cheers,
Franco