Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - franco

#1
I don't think further mix and match doesn't work. It didn't work before when reporting bugs on top of bugs either.
#2
25.7 Series / Re: 25.7.3_7
Today at 11:08:03 AM
Uwe: Thanks for the nice summary.  :)
#3
Happy to hear :)
#4
> Or does anyone have an idea how to get the function back?

As Patrick said: it works this way by default now. It should have been this way from the beginning, but that problematic integration was introduced many many years ago.


Cheers,
Franco
#5
25.7 Series / Re: 25.7.3_7
Today at 10:52:44 AM
BTW

>>> Root file system: /dev/gpt/rootfs

I think the conclusion is for N100 ZFS does perform more stable on FreeBSD 14.3 (so since 25.7) for whatever reason.


Cheers,
Franco
#6
Thanks, just for reference the ticket is https://github.com/opnsense/plugins/issues/4943
#7
25.7 Series / Re: 25.7.3_7
Today at 10:44:42 AM
> pkg-1.19.2_6: checksum mismatch for /usr/local/lib/libpkg.so.4

This is a bad sign, but not one of a server side issue.

The update can cancel it self and rerunning the update is the only way to fix this. We actually made a fix for 25.7.2 that tells the user this and avoids a reboot into an inconsistent state.

> Upgrading python311 from 3.11.13 to 3.11.13_1...

Also, python package has many files. Disk performance matters too.


Cheers,
Franco
#8
PS: I tried to find information about your current issue but since this is your first post I was unsuccessful.
#9
I wouldn't recommend it as vital configuration may be stored elsewhere in 25 as opposed to 24. We did move at least one type of firewall rules that the old system will have no way of restoring. 25 vs 24 is a fuzzy target also... that may span 4 major upgrades and a lot of changes.


Cheers,
Franco
#10
Quote from: Patrick M. Hausen on Today at 09:05:49 AMOr just use the existing "reload" button?

Interfaces > Overview - see screen shot.

Top answer! Came here to say that.


Cheers,
Franco
#11
> If the local password database is corrupted

That's rather unlikely. I'd expect missing PHP modules or other system files that cause this.

> I also tried accessing it via the serial interface, but it says that my credentials are incorrect, even though I used the exact same ones less than an hour before the outage.

Also unlikely. In most cases the credentials used are wrong. Using OTP also has some downsides here if NTP isn't working.

The images do have a password recovery option to reset it back to defaults. That would be the easiest option.


Cheers,
Franco
#12
> Where/when did it get fixed?

When did it get broken? Or more precisely, how? That's all I'm asking really.


Cheers,
Franco
#13
This was added a few days ago: https://github.com/opnsense/dhcrelay/issues/4

Dhcrelay excludes loopback and pointtopoint devices and likely for a valid reason.


Cheers,
Franco
#14
General Discussion / Re: Visibility of aliases
September 16, 2025, 12:59:50 PM
I see. Virtual IPs have tried to fill this gap, but it wasn't overly successful and straightforward. The biggest caveat of virtual IPs is that the primary interface IP addresses are not visible to virtual IPs so you cannot select them in some services, which work around this by also offering an interface selection or alias/CARP address. Historically we also scrapped most virtual IP selectors in code and bind to all primary and virtual IP addresses of a selected interface which offers a more robust user experience although it has its limit when micromanaging addresses is required.

If the interface code were all MVC (especially model-based) we could try to structure this better but that's likely 3-5 years away from being usable out of the box if we committed to this now. It's probably going to happen, but I also think the interface code is the last bit to be moved to MVC (and we're 80% done with that conversion after 10 years of work).


Cheers,
Franco
#15
Now a proper bug report would go a long way compared to bro-opting on an already fixed issue reported here walking back concluding "it" is "broken". I mean you just saw how the support process works and chose to undermine it.


Cheers,
Franco