Topics

I have run into an odd memory issue with the latest version of OPNsense. It has not impacted the performance that I have observed and that might be due to my setup having 16GB of RAM (total overkill i3 box). I have attached a 4 day netdata graphs of the ram and swap so you can observe the abrupt utilization of swap.

I have tried restarting a few services I suspected might be involved; OpenVPN, unbound DNS, squid, maltrailserver, & pf; but no effect on the memory utilization. I haven't able to pinpoint a source of the "memory leak".

Can someone point me in the right direction for tracking down the culprit?

I recently upgraded to 21.1.6 and suddenly my DNS-dependent scripts started failing. I take advantage of static DHCP entries for a lot of my workstations, servers & pis. To all my DHCP clients, I provide a third-level domain for the dynamic DNS entries. So if my parent domain is example.com, my DHCP clients get internal.example.com as their domain.

Since the upgrade to 21.1.6, all static DHCP clients are provided the parent domain, example.com, for DNS registration instead of the child domain, internal.example.com. However, any dynamic DHCP client gets the expected internal.example.com domain for DNS registration.

I am pretty sure this is related to this entry in the update change log: "unbound: use dhcpd_staticmap() for lease registration"

If you look at the help information for this setting in Unbound DNS, it points to using a domain that is configured in System General Settings: "If this option is set, then DHCP static mappings will be registered in Unbound, so that their name can be resolved. You should also set the domain in System: General setup to the proper value."

That setting on my configuration is the parent domain. The expected behavior from the configuration of the DHCP is that the child domain is registered with the hostname. I have disabled the new setting and my static DHCP clients fail to register a record in DNS.

The short-term fix is to register A records for my static DHCP clients in the child domain. Not terrible but I want to make sure if anyone else was confused like me knows they are not alone.

I did a search but did not come up with a hit on this topic. Has there been any discussion regarding a Datadog plug-in for OPNsense?

Just an FYI. I was noticing a daily crash and reboot of my OPNsense install around 2:25 AM local time. I would submit daily reports but had no idea what was happening to cause the issue. I finally realized that the 'os-nut' plugin was (potentially) causing the issue after I removed it. I surmised after long thought that I was stable until I installed plugin a month or so ago. I never got the plugin to work with my UPS when I first installed it and never did anything with it when I gave up trying.