Messages

Based on the panic message and FreeBSD version, here are likely causes:

Known Bug in IPv6 Fragmentation Handling

The frag6_slowtimo() function has caused panics in older FreeBSD versions.

It manages stale IPv6 fragments and is run periodically by the system clock.

Outdated FreeBSD Kernel

Your system is running FreeBSD 12.1-p21, which is from 2021 and no longer maintained.

Dozens of bug fixes and security updates have been released since.

Problematic NIC Drivers or Hardware Offloading

Certain Realtek or even Intel NICs have known issues with hardware offloading and older kernels.

The panic could be related to offload features such as TSO/LRO.

Misconfigured or Unused IPv6

If IPv6 is enabled but improperly routed or unused, it can trigger unexpected behavior.

Especially common in dual-stack setups or WANs with no native IPv6 routing.

Key Details from the Crash:
Trap number = 12 → This indicates a Page Fault (access to an invalid or unauthorized memory address).

Panic Cause: frag6_slowtimo()
This is part of the IPv6 fragmentation timeout handling in FreeBSD.

Function Chain:

frag6_slowtimo()

softclock_call_cc()

calltrap()

FreeBSD Version: 12.1-RELEASE-p21-HBSD

Date/Build: Dec 13, 2021 — very outdated

This is a community-driven support forum, and no one gets paid for the help provided here.

If you need immediate assistance, consider contacting the Deciso team and purchasing their support services—they'll be able to help you promptly.

Also, remember that politeness goes a long way in getting the help you need. After all, you catch more bees with honey than with vinegar!

Hi there,

I'm in the process of uploading an ISO to a VMware server from the LAN to VLAN20. There are existing firewall rules allowing any-to-any traffic on both sides. However, I'm currently facing a firewall-related error on the screen. Your assistance in resolving this issue would be greatly appreciated.

Edite: issue is resolved and can be closed

i had this issue last year, i've been working with the support team and they couldnt fix it.
i give up using it.
now i am using Firewall Alias.

We managed to find the blocked port on the firewall live vieuw
Thank you everyone

Thank you for your answer
I see we have on the printer Alias the next ports 137/138/139/161/162/427/9100/9220/9500
Still killing the printer during the print
When the users print I don't see anything on the LAN interface being blocked.

Is the tunnel NATing traffic?

The tunnel interface firewall rules is allowing any to any of this what you mean.

Hello everyone,

We have set up a site-to-site Wireguard VPN to our datacenter. The LAN interface is configured to allow ports 443, 80, 53, and 9100 for printing Konica devices.

However, when the users attempt to print from the remote location to the office, it doesn't work. Printing only functions when we add the rule "any to any."

Could someone advise why this is happening and what I might be missing here? Thank you!

Thank you so much found the cause a lot of logs were hanging in /var/log/filter

i've cleaned them and now i got my storage back

Hi guys,
today we noticed the box is full %109.

Code Select Expand

/dev/gpt/rootfs 49G 49G -3.9G 109% /

devfs 1.0K 1.0K 0B 100% /dev

devfs 1.0K 1.0K 0B 100% /var/dhcpd/dev

devfs 1.0K 1.0K 0B 100% /var/unbound/dev

/usr/local/lib/python3.9 49G 49G -3.9G 109% /var/unbound/usr/local/lib/python3

i cannot seem to find the log that full up my disk.

can you please advise how to clean this up ?

i have the same problem with 23.1.7_3.
i advice to go back to 23.1.6 most of people has tested this

Thanks for the tip. I actually just disabled IPv6 (as it's not critical for me for the moment - and have to get some work done) and everything is now working as a charm. DNS resolution back down to ~1ms for locally cached results (and 4ms for results fetched from Cloudflares cache).

I applied the patch mentioned in https://forum.opnsense.org/index.php?topic=34241.msg165713#msg165713 and it fixed some issues, but no the DNS lookup issue.

when you say disabled IPV6 do you mean on Firewall: Settings: Advanced and uncheck the IPV6 ?
on the page you provided i don't see a patch, which one do you mean?

@My_Network

https://github.com/opnsense/core/commit/25e2c0a30

# opnsense-patch 25e2c0a30


Cheers,
Franco

Hi Franco,

thank you so much for your answer.
when i enter the command line nothing happens with this machine.
i have the feeling this one is broke.
i tried it on a different one 23.1.8 and it seems to be applied succecefully.

Code Select Expand

Patching file etc/inc/system.inc using Plan A...
Hunk #1 succeeded at 677 (offset -10 lines).
done
All patches have been applied successfully.  Have a nice day.

DNS resolution has also become very unstable for me after upgrading to 23.1.8. Using Unbound and Cloudflare as upstream DNS.

I've been running dual stack IPv4/IPv6 on my current ISP with no issues for more than half a year, and nothing seams to have changed on their side.

Looking at Smokeping, resolving test.test on unbound from my local network, I see a huge difference after upgrading to 23.1.8. Spikes going over 800ms and even some timeouts. Internal latency is <0.7 ms.

DNS resolution from my wired laptop are now fairly consistent > 40ms (even for cached results) and before the upgrade they were < 1ms for cached results.

I used to have 20/20 on ipv6-test.com, but now various tests time-out (inconsistent between refreshes) so I end up somewhere between 10/20 and 18/20.

I'll try to downgrade to 23.1.7_3 to see if it helps.

i have the same problem with 23.1.7_3.
i advice to go back to 23.1.6 most of people has tested this

thank you for your answer.
i just been doing some reading and i think the issue is related to the 23.17_1 with the gateway switching ect..
i'll have to revers back to 23.1.6 but the box is not reversing.
i'll have to reinstall it

i am facing the same issue with one box 23.1.7_3.
the gateway keeps showing offline but everything is working. only sometimes it has to think about reloading websites.
when i tried the revert back to opnsense-revert -r 23.1.6 on the shell nothing happens on the shell.
supposed to reboot after the command line opnsense-revert -r 23.1.6 ?