"
Yes.
Cheers,
Franco
Cheers,
Franco
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#2
26.1 Series / Re: radvd warnings
Today at 05:10:06 PM
Hi,
Thanks for the report.
I'm inclined to say this is due to the noisier logging we've introduced in 26.1 (including RCs), because we don't set "AdvCurHopLimit" anywhere so this is some kind of clash in your network. I'd say it's safe to ignore but I also don't know what it means since we've never had these logs before.
At some point diving into the radvd source code may be a good idea to see what it means.
Cheers,
Franco
Thanks for the report.
I'm inclined to say this is due to the noisier logging we've introduced in 26.1 (including RCs), because we don't set "AdvCurHopLimit" anywhere so this is some kind of clash in your network. I'd say it's safe to ignore but I also don't know what it means since we've never had these logs before.
At some point diving into the radvd source code may be a good idea to see what it means.
Cheers,
Franco
#3
26.1 Series / Re: 26.1 is out!!!
Today at 04:20:53 PM
Well, the announcement is out now. Upgrade path still to do but a bit too much for one day today.
Cheers,
Franco
Cheers,
Franco
#4
Announcements / OPNsense 26.1 released
Today at 04:03:45 PM
Hi there,
For over 11 years now, OPNsense is driving innovation through
modularising and hardening the open source firewall, with simple
and reliable firmware upgrades, multi-language support, fast adoption
of upstream software updates, modern IPv6 support, as well as clear
and stable 2-Clause BSD licensing.
26.1, nicknamed "Witty Woodpecker", features almost a full firewall
MVC/API experience as automation rules have been promoted to the new
rules GUI, Suricata version 8 with inline inspection mode using "divert",
assorted IPv6 reliability and feature improvements, router advertisements
MVC/API, full code shell command escaping revamp, default IPv6
mode now using Dnsmsaq for client connectivity, Unbound blocklist source
selection, an automatic host discovery service, plus much more.
The upgrade path for 25.7 will likely be unlocked on January 29, which
is probably tomorrow if anyone is asking why it is not there yet.
We want to ensure the upgrade goes as smoothly as possible so please
be patient! :)
Download links, an installation guide[1] and the checksums for the images
can be found below as well.
o Europe: https://opnsense.c0urier.net/releases/26.1/
o US East Coast: https://mirror.wdc1.us.leaseweb.net/opnsense/releases/26.1/
o US West Coast: https://mirror.sfo12.us.leaseweb.net/opnsense/releases/26.1/
o South America: http://mirror.ueb.edu.ec/opnsense/releases/26.1/
o East Asia: https://mirror.ntct.edu.tw/opnsense/releases/26.1/
o Full mirror list: https://opnsense.org/download/
Here are the full patch notes:
o system: factory reset and console tools now default to using Dnsmasq for DHCP
o system: wizard now offers an abort button and deployment type selections
o system: wizard can disable WAN or LAN interface now
o system: provide resolv.conf overrides via /etc/resolv.conf.local
o system: add XMLRPC option for hostwatch
o firewall: improve GeoIP alias expiry condition
o firewall: escape selector in rule_protocol
o firewall: "Port forward" was migrated to "Destination NAT" MVC/API
o firewall: unified look and feel of MVC/API pages formerly known as "automation"
o firewall: improved support of gateway groups in policy-based routing
o firewall: plugin support for "ether" rules has been removed
o firewall: add import/export to shaper queues and pipes
o firewall: "divert-to" support in new rules GUI
o firewall: added a rule migration page (use with care)
o firewall: make previously associated DNAT rules editable
o interfaces: a new IPv6 mode called "Identity association" was added
o interfaces: settings page was migrated to MVC/API
o interfaces: handle hostwatch user/group via package
o interfaces: force-reload IPv6 connectivity when PDINFO changes during renew
o interfaces: dhcp6c rapid-commit, request-dns and config write refactoring
o interfaces: generalise the rtsold_script code
o interfaces: use descriptive interface names in automatic discovery table
o interfaces: harden settings page with file_safe() and allowed_classes=false
o dhcrelay: relax the check for present addresses and CARP-related cleanups
o dnsmasq: add automatic RDNSS option when none is configured
o dnsmasq: fix log conditions
o firmware: opnsense-code: run configure script on upgrade if needed
o intrusion detection: add a "divert" intrusion prevention mode
o ipsec: expose ChaCha20-Poly1305 AEAD proposals in IKEv2 (contributed by Kota Shiratsuka)
o kea: add libdhcp_host_cmds.so to expose internal API commands for reservations
o kea: exit prefix watcher script if no lease file exists
o kea: allow "hw-address" for reservations
o kea: add pool in subnet validation
o kea: minor code cleanups in model code
o openvpn: account for CARP status in start and restart cases as well
o openvpn: removed the stale TheGreenBow client export
o radvd: migrated to MVC/API
o radvd: remove faulty empty address exception
o radvd: remove configuration file if disabled
o radvd: implement RemoveAdvOnExit override
o radvd: add Base6Interface constructor
o radvd: support nat64prefix
o console: opnsense-log now supports "backend" and "php" aliases
o backend: safe execution changes in the whole code base
o backend: removed short-lived mwexecf_bg() function
o lang: various translation updates
o mvc: add ChangeCase support to ProtocolField for DNAT special case
o mvc: improve importCsv() to support either comma or semicolon
o mvc: removed long obsolete sessionClose() from ControllerRoot
o mvc: BaseModel: isEmptyAndRequired() has been removed
o mvc: removed unusued RegexField
o rc: replace camcontrol with diskinfo for TRIM check (contributed by Maurice Walker)
o ui: allow HTML tags in menu items and title
o ui: improve user readability in SimpleFileUploadDlg()
o plugins: os-acme-client 4.12[2]
o plugins: os-ddclient 1.29[3]
o plugins: os-freeradius 1.10[4]
o plugins: os-isc-dhcp 1.0[5]
o plugins: os-nextcloud-backup 1.1[6]
o plugins: os-nginx 1.36[7]
o plugins: os-postfix 1.24.1[8]
o plugins: os-q-feeds-connector 1.4[9]
o plugins: os-wazuh-agent 1.3[10]
o src: assorted patches from stable/14 for LinuxKPI, QAT, and network stack
o src: e1000: revert "try auto-negotiation for fixed 100 or 10 configuration"
o src: if_ovpn: use epoch to free peers
o src: carp6: revise the generation of ND6 NA
o ports: dhcp6c v20260122
o ports: hostwatch 1.0.9
Migration notes, known issues and limitations:
o ISC-DHCP moves to a plugin. It will be automatically installed during upgrades. It is not installed on new installations because it is not being used, but you can still install and keep using it.
o To accommodate the change away from ISC-DCHP defaults the "Track interface" IPv6 mode now has a sibling called "Identity Association" which does the same except it is not automatically starting ISC-DHCPv6 and Radvd router advertisements to allow better interoperability with Kea and Dnsmasq setups.
o Dnsmasq is now the default for DHCPv4 and DHCPv6 as well as RA out of the box. One thing that the upstream software cannot cover is prefix delegation so that is no longer offered by default. Use another DHCPv6 server in this case.
o Due to command line execution safety concerns the historic functions mwexec_bg() and mwexec() will be removed in 26.1.x. Make sure your custom code is not using them and use mwexecf(), mwexecfb() and mwexecfm() instead.
o The function sessionClose() has also been removed from the MVC code and is no longer needed. Make sure to remove it from your custom code.
o The custom.yaml support has been removed from intrusion detection. Please migrate to the newer /usr/local/etc/suricata/conf.d override directory.
o The new host discovery service "hostwatch" is enabled by default (since 25.7.11). You can always turn it off under Interfaces: Neighbors: Automatic Discovery if you so choose.
o The firewall migration page is not something you need to jump into right away. Please make yourself familiar with the new rules GUI first and check the documentation for incompatibilities. Single interface from the floating interface will not be considered "floating" in priorities.
o Firewall: NAT: Port Forwarding is now called "Destination NAT". Firewall rule associations are no longer supported, but the old associated firewall rules remain in place with their last known configuration and can now be edited to suit future needs.
o Firewall: NAT: Source NAT is from the set of pages formerly known as automation, but Outbound NAT is still the main page for these types of rules.
The public key for the 26.1 series is:
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArTnFQp0jjj5bkLNx9G1j
q26WmN/EtAaJUt+2MY8W8h7L3kokRMlTgEvCYJOkUjbJYbjuG0Cut3JExNYa1vdD
1SLIlJShyI8OsjbAS/flZdJB9c0Vxz2CwpoX9Efmp5TaB3GWqhHS0OVLx4MSI3HJ
qP/aQLjZMuCQHX8beUQB77YWcT6sPC5UMYeNEW1uHR7Oki/TpOXWnzNStEQXRL6/
MiuYJovedlNXeNUeebJyG0TyLJ/3uGMYhHKYK+OJkB03P3iLGGVE/WWNugsqX6bY
tTU9PquHo5zDApndp8iG49Fs/DC0r7V1P85ETPtW2SuZQ7YeDuz3VKvuMxAqyQoC
1FLOsIuEfudDmRuMuTsRgB6jaGACEWUTuRyiFG4+kVDi1/qOWpYatP8C8B7Lx9UU
CTZhCl+Se4woWGtp5KOtYe+pvJ4oz40SL4drUQFEP3ZOsK/HzyLjPFRgxfANNUPG
ONayKHJXVVFPg2ATk9jeNPsLmXlcDmi/rihyN4RM2w0/bi8BWSc+dMGZ5ZhNJdsF
wHBIscgpiAhs+HS8Usxy3idv/JkY0h9tZ2QnljhUUwhYV+DT9yZf5ABU0B68VjJ4
/GloUc3bS7HBeSTAauYMOQvgkY1vcySGWTXvsGOw/Crpk4DYx5KpGNYHmENRey2c
AQdi+Fvi3fFkV1BoxGo78NcCAwEAAQ==
-----END PUBLIC KEY-----
Stay safe,
Your OPNsense team
--
SHA256 (OPNsense-26.1-dvd-amd64.iso.bz2) = 856c00a4ddf62f40cdc0871cd9fb6bbd455fb4dcca9337713b95ff42a41c88b2
SHA256 (OPNsense-26.1-nano-amd64.img.bz2) = 5731a3f21c5dbe221acf5b4777ed686f705f27e7560ffb05d29a68ea4e7c7e50
SHA256 (OPNsense-26.1-serial-amd64.img.bz2) = aaca6d4c44371673c555be354317533cf91ced86fc86c026716325c29c451d79
SHA256 (OPNsense-26.1-vga-amd64.img.bz2) = 3901b83750dd19ca26632b61bf5fe7ac86b8cfa0bfb3e633928c37416a14e5f9
[1] https://docs.opnsense.org/manual/install.html
[2] https://github.com/opnsense/plugins/blob/stable/26.1/security/acme-client/pkg-descr
[3] https://github.com/opnsense/plugins/blob/stable/26.1/dns/ddclient/pkg-descr
[4] https://github.com/opnsense/plugins/blob/stable/26.1/net/freeradius/pkg-descr
[5] https://github.com/opnsense/plugins/blob/stable/26.1/net/isc-dhcp/pkg-descr
[6] https://github.com/opnsense/plugins/blob/stable/26.1/sysutils/nextcloud-backup/pkg-descr
[7] https://github.com/opnsense/plugins/blob/stable/26.1/www/nginx/pkg-descr
[8] https://github.com/opnsense/plugins/blob/stable/26.1/mail/postfix/pkg-descr
[9] https://github.com/opnsense/plugins/blob/stable/26.1/security/q-feeds-connector/pkg-descr
[10] https://github.com/opnsense/plugins/blob/stable/26.1/security/wazuh-agent/pkg-descr
For over 11 years now, OPNsense is driving innovation through
modularising and hardening the open source firewall, with simple
and reliable firmware upgrades, multi-language support, fast adoption
of upstream software updates, modern IPv6 support, as well as clear
and stable 2-Clause BSD licensing.
26.1, nicknamed "Witty Woodpecker", features almost a full firewall
MVC/API experience as automation rules have been promoted to the new
rules GUI, Suricata version 8 with inline inspection mode using "divert",
assorted IPv6 reliability and feature improvements, router advertisements
MVC/API, full code shell command escaping revamp, default IPv6
mode now using Dnsmsaq for client connectivity, Unbound blocklist source
selection, an automatic host discovery service, plus much more.
The upgrade path for 25.7 will likely be unlocked on January 29, which
is probably tomorrow if anyone is asking why it is not there yet.
We want to ensure the upgrade goes as smoothly as possible so please
be patient! :)
Download links, an installation guide[1] and the checksums for the images
can be found below as well.
o Europe: https://opnsense.c0urier.net/releases/26.1/
o US East Coast: https://mirror.wdc1.us.leaseweb.net/opnsense/releases/26.1/
o US West Coast: https://mirror.sfo12.us.leaseweb.net/opnsense/releases/26.1/
o South America: http://mirror.ueb.edu.ec/opnsense/releases/26.1/
o East Asia: https://mirror.ntct.edu.tw/opnsense/releases/26.1/
o Full mirror list: https://opnsense.org/download/
Here are the full patch notes:
o system: factory reset and console tools now default to using Dnsmasq for DHCP
o system: wizard now offers an abort button and deployment type selections
o system: wizard can disable WAN or LAN interface now
o system: provide resolv.conf overrides via /etc/resolv.conf.local
o system: add XMLRPC option for hostwatch
o firewall: improve GeoIP alias expiry condition
o firewall: escape selector in rule_protocol
o firewall: "Port forward" was migrated to "Destination NAT" MVC/API
o firewall: unified look and feel of MVC/API pages formerly known as "automation"
o firewall: improved support of gateway groups in policy-based routing
o firewall: plugin support for "ether" rules has been removed
o firewall: add import/export to shaper queues and pipes
o firewall: "divert-to" support in new rules GUI
o firewall: added a rule migration page (use with care)
o firewall: make previously associated DNAT rules editable
o interfaces: a new IPv6 mode called "Identity association" was added
o interfaces: settings page was migrated to MVC/API
o interfaces: handle hostwatch user/group via package
o interfaces: force-reload IPv6 connectivity when PDINFO changes during renew
o interfaces: dhcp6c rapid-commit, request-dns and config write refactoring
o interfaces: generalise the rtsold_script code
o interfaces: use descriptive interface names in automatic discovery table
o interfaces: harden settings page with file_safe() and allowed_classes=false
o dhcrelay: relax the check for present addresses and CARP-related cleanups
o dnsmasq: add automatic RDNSS option when none is configured
o dnsmasq: fix log conditions
o firmware: opnsense-code: run configure script on upgrade if needed
o intrusion detection: add a "divert" intrusion prevention mode
o ipsec: expose ChaCha20-Poly1305 AEAD proposals in IKEv2 (contributed by Kota Shiratsuka)
o kea: add libdhcp_host_cmds.so to expose internal API commands for reservations
o kea: exit prefix watcher script if no lease file exists
o kea: allow "hw-address" for reservations
o kea: add pool in subnet validation
o kea: minor code cleanups in model code
o openvpn: account for CARP status in start and restart cases as well
o openvpn: removed the stale TheGreenBow client export
o radvd: migrated to MVC/API
o radvd: remove faulty empty address exception
o radvd: remove configuration file if disabled
o radvd: implement RemoveAdvOnExit override
o radvd: add Base6Interface constructor
o radvd: support nat64prefix
o console: opnsense-log now supports "backend" and "php" aliases
o backend: safe execution changes in the whole code base
o backend: removed short-lived mwexecf_bg() function
o lang: various translation updates
o mvc: add ChangeCase support to ProtocolField for DNAT special case
o mvc: improve importCsv() to support either comma or semicolon
o mvc: removed long obsolete sessionClose() from ControllerRoot
o mvc: BaseModel: isEmptyAndRequired() has been removed
o mvc: removed unusued RegexField
o rc: replace camcontrol with diskinfo for TRIM check (contributed by Maurice Walker)
o ui: allow HTML tags in menu items and title
o ui: improve user readability in SimpleFileUploadDlg()
o plugins: os-acme-client 4.12[2]
o plugins: os-ddclient 1.29[3]
o plugins: os-freeradius 1.10[4]
o plugins: os-isc-dhcp 1.0[5]
o plugins: os-nextcloud-backup 1.1[6]
o plugins: os-nginx 1.36[7]
o plugins: os-postfix 1.24.1[8]
o plugins: os-q-feeds-connector 1.4[9]
o plugins: os-wazuh-agent 1.3[10]
o src: assorted patches from stable/14 for LinuxKPI, QAT, and network stack
o src: e1000: revert "try auto-negotiation for fixed 100 or 10 configuration"
o src: if_ovpn: use epoch to free peers
o src: carp6: revise the generation of ND6 NA
o ports: dhcp6c v20260122
o ports: hostwatch 1.0.9
Migration notes, known issues and limitations:
o ISC-DHCP moves to a plugin. It will be automatically installed during upgrades. It is not installed on new installations because it is not being used, but you can still install and keep using it.
o To accommodate the change away from ISC-DCHP defaults the "Track interface" IPv6 mode now has a sibling called "Identity Association" which does the same except it is not automatically starting ISC-DHCPv6 and Radvd router advertisements to allow better interoperability with Kea and Dnsmasq setups.
o Dnsmasq is now the default for DHCPv4 and DHCPv6 as well as RA out of the box. One thing that the upstream software cannot cover is prefix delegation so that is no longer offered by default. Use another DHCPv6 server in this case.
o Due to command line execution safety concerns the historic functions mwexec_bg() and mwexec() will be removed in 26.1.x. Make sure your custom code is not using them and use mwexecf(), mwexecfb() and mwexecfm() instead.
o The function sessionClose() has also been removed from the MVC code and is no longer needed. Make sure to remove it from your custom code.
o The custom.yaml support has been removed from intrusion detection. Please migrate to the newer /usr/local/etc/suricata/conf.d override directory.
o The new host discovery service "hostwatch" is enabled by default (since 25.7.11). You can always turn it off under Interfaces: Neighbors: Automatic Discovery if you so choose.
o The firewall migration page is not something you need to jump into right away. Please make yourself familiar with the new rules GUI first and check the documentation for incompatibilities. Single interface from the floating interface will not be considered "floating" in priorities.
o Firewall: NAT: Port Forwarding is now called "Destination NAT". Firewall rule associations are no longer supported, but the old associated firewall rules remain in place with their last known configuration and can now be edited to suit future needs.
o Firewall: NAT: Source NAT is from the set of pages formerly known as automation, but Outbound NAT is still the main page for these types of rules.
The public key for the 26.1 series is:
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArTnFQp0jjj5bkLNx9G1j
q26WmN/EtAaJUt+2MY8W8h7L3kokRMlTgEvCYJOkUjbJYbjuG0Cut3JExNYa1vdD
1SLIlJShyI8OsjbAS/flZdJB9c0Vxz2CwpoX9Efmp5TaB3GWqhHS0OVLx4MSI3HJ
qP/aQLjZMuCQHX8beUQB77YWcT6sPC5UMYeNEW1uHR7Oki/TpOXWnzNStEQXRL6/
MiuYJovedlNXeNUeebJyG0TyLJ/3uGMYhHKYK+OJkB03P3iLGGVE/WWNugsqX6bY
tTU9PquHo5zDApndp8iG49Fs/DC0r7V1P85ETPtW2SuZQ7YeDuz3VKvuMxAqyQoC
1FLOsIuEfudDmRuMuTsRgB6jaGACEWUTuRyiFG4+kVDi1/qOWpYatP8C8B7Lx9UU
CTZhCl+Se4woWGtp5KOtYe+pvJ4oz40SL4drUQFEP3ZOsK/HzyLjPFRgxfANNUPG
ONayKHJXVVFPg2ATk9jeNPsLmXlcDmi/rihyN4RM2w0/bi8BWSc+dMGZ5ZhNJdsF
wHBIscgpiAhs+HS8Usxy3idv/JkY0h9tZ2QnljhUUwhYV+DT9yZf5ABU0B68VjJ4
/GloUc3bS7HBeSTAauYMOQvgkY1vcySGWTXvsGOw/Crpk4DYx5KpGNYHmENRey2c
AQdi+Fvi3fFkV1BoxGo78NcCAwEAAQ==
-----END PUBLIC KEY-----
Stay safe,
Your OPNsense team
--
SHA256 (OPNsense-26.1-dvd-amd64.iso.bz2) = 856c00a4ddf62f40cdc0871cd9fb6bbd455fb4dcca9337713b95ff42a41c88b2
SHA256 (OPNsense-26.1-nano-amd64.img.bz2) = 5731a3f21c5dbe221acf5b4777ed686f705f27e7560ffb05d29a68ea4e7c7e50
SHA256 (OPNsense-26.1-serial-amd64.img.bz2) = aaca6d4c44371673c555be354317533cf91ced86fc86c026716325c29c451d79
SHA256 (OPNsense-26.1-vga-amd64.img.bz2) = 3901b83750dd19ca26632b61bf5fe7ac86b8cfa0bfb3e633928c37416a14e5f9
[1] https://docs.opnsense.org/manual/install.html
[2] https://github.com/opnsense/plugins/blob/stable/26.1/security/acme-client/pkg-descr
[3] https://github.com/opnsense/plugins/blob/stable/26.1/dns/ddclient/pkg-descr
[4] https://github.com/opnsense/plugins/blob/stable/26.1/net/freeradius/pkg-descr
[5] https://github.com/opnsense/plugins/blob/stable/26.1/net/isc-dhcp/pkg-descr
[6] https://github.com/opnsense/plugins/blob/stable/26.1/sysutils/nextcloud-backup/pkg-descr
[7] https://github.com/opnsense/plugins/blob/stable/26.1/www/nginx/pkg-descr
[8] https://github.com/opnsense/plugins/blob/stable/26.1/mail/postfix/pkg-descr
[9] https://github.com/opnsense/plugins/blob/stable/26.1/security/q-feeds-connector/pkg-descr
[10] https://github.com/opnsense/plugins/blob/stable/26.1/security/wazuh-agent/pkg-descr
#5
26.1 Series / Re: os-git-backup error with 26.1-r2_2
Today at 02:08:07 PM
Thanks, likely this:
# opnsense-patch https://github.com/opnsense/plugins/commit/4212ffea8c2c
Cheers,
Franco
# opnsense-patch https://github.com/opnsense/plugins/commit/4212ffea8c2c
Cheers,
Franco
#7
26.1 Series / Re: 26.1.rc1 -> 26.1 rc2 ..... worked
Today at 07:54:40 AM
> My upgrade worked but threw an error due to a missing file.
Known issue which is impossible to reproduce cleanly. I'll try to dig into the package manager when 26.1 is out.
> For context, after the upgrade to RC1, I removed the ISC-DHCP related plugins, as I have already moved to kea DHCP.
You're still on the development version as well. See Maurice's comment.
Cheers,
Franco
Known issue which is impossible to reproduce cleanly. I'll try to dig into the package manager when 26.1 is out.
> For context, after the upgrade to RC1, I removed the ISC-DHCP related plugins, as I have already moved to kea DHCP.
You're still on the development version as well. See Maurice's comment.
Cheers,
Franco
#8
26.1 Series / Re: Upgrade to RC1 successful
January 27, 2026, 08:05:08 PM
Yep, looked good to me: only two explicit entries and both were disabled before and after migration. If you have more tracking interface the radvd was maybe starting and feeding the others, but not these two.
Cheers,
Franco
Cheers,
Franco
#9
26.1 Series / Re: Upgrade to RC1 successful
January 27, 2026, 07:21:13 PM
I'd like to see the System: Configuration: History diff for the migration of the radvd settings when it went to RC1.
It says "run_migrations.php made changes" in the left dropdown. The top one is probably it. Just click and it shows the diff vs. the previous one which is the interesting one. You can send it to franco AT opnsense DOT org
Thanks,
Franco
It says "run_migrations.php made changes" in the left dropdown. The top one is probably it. Just click and it shows the diff vs. the previous one which is the interesting one. You can send it to franco AT opnsense DOT org
Thanks,
Franco
#10
26.1 Series / Re: 26.1.rc1 -> 26.1 rc2 ..... worked
January 27, 2026, 05:55:14 PM
What does your System: Firmware: Status say?
Cheers,
Franco
Cheers,
Franco
#11
26.1 Series / Re: Upgrade to RC1 successful
January 27, 2026, 05:54:05 PM
Local patches and test packages are not an issue. The upgrade will remove them.
Just make sure to directly follow up RC1 with RC2 and a reboot to ensure consistency within the latest RC2 code.
The final update to 26.1 will take care of this eventually, but intermediate RCs are a bit "floating" in terms of overall integration. ;)
Cheers,
Franco
Just make sure to directly follow up RC1 with RC2 and a reboot to ensure consistency within the latest RC2 code.
The final update to 26.1 will take care of this eventually, but intermediate RCs are a bit "floating" in terms of overall integration. ;)
Cheers,
Franco
#12
26.1 Series / Re: Upgrade to RC1 successful
January 27, 2026, 04:41:21 PM
I think I'd have heard from you about that already. :)
Cheers,
Franco
Cheers,
Franco
#13
26.1 Series / Re: Upgrade to RC1 successful
January 27, 2026, 02:49:18 PM
I haven't seen the migration config diff so I can't say anything definite about it yet.
The migration has to assume all radvd servers found in the config.xml are in use when not disabled. The code for track6 and manual override option on top of radvd burried in ISC-DHCPv6 server settings is not easy to follow and may even have been wrong historically in some spots. So if you set a radvd entry for an interface at some point but it was disabled for interface settings specific reasons it may come back as enabled even if the code was previously treating it as not being started although set to enabled (not adhering to the specific configuration, but the overall interface IPv6 config). It's a complicated situation we're trying to untangle here.
Cheers,
Franco
The migration has to assume all radvd servers found in the config.xml are in use when not disabled. The code for track6 and manual override option on top of radvd burried in ISC-DHCPv6 server settings is not easy to follow and may even have been wrong historically in some spots. So if you set a radvd entry for an interface at some point but it was disabled for interface settings specific reasons it may come back as enabled even if the code was previously treating it as not being started although set to enabled (not adhering to the specific configuration, but the overall interface IPv6 config). It's a complicated situation we're trying to untangle here.
Cheers,
Franco
#14
25.7, 25.10 Series / Re: Dnsmasq logging configuration is ignored
January 27, 2026, 08:51:36 AM
It's queued up for a soon-to-be (but non-critical) hotfix in 25.7.11 (when we also add the upgrade path to 26.1).
Cheers,
Franco
Cheers,
Franco
#15
26.1 Series / Re: 26.1.rc1 -> 26.1 rc2 ..... worked
January 27, 2026, 08:40:30 AM
ok, nice, thanks for the feedback :)
