Messages

1

German - Deutsch / Re: Glasfaser Einrichtung / OpnSense / Modem notwendig?

« on: November 22, 2024, 02:57:17 pm »

Das geht theoretisch - da muss normalerweise aber der ISP mitspielen, dass er die ONT-ID bei sich einträgt. Normal ist nur die ID des mitgelieferten ONT hinterlegt. Wegen Endgerätefreiheit müssen die ISPs das zwar zulassen, tun es aber sehr ungern.

Das ist auch insofern problematisch, weil Du so kein Backup hast (Highlander-Regel: es kann nur einen geben). Besser klappt es, wenn man die ID des originalen ONTs auslesen kann - das geht bei DG aber, je nach Ausbaugebiet und verbauter Technik, eventuell nicht.

Noch ein Nachteil dabei ist: Support macht DG nur für die eigene Technik.

Das ist m.E. den Stress nicht wert.

Guter Punkt.

2

German - Deutsch / Re: Glasfaser Einrichtung / OpnSense / Modem notwendig?

« on: November 22, 2024, 01:05:57 pm »

Am Rande bemerkt: in der c‘t war kürzlich ein Artikel wie man ein zyxel pmg3000 für openwrt am Telekom Glasfaser Anschluss verwendet. Das ist ein SFP Slot Modem. Ggf läuft das auch unter OPNsense und an anderen Glasfaser Anschlüssen. Ich fand das ganz sexy das man kein zusätzliches externes Modem braucht.

3

24.1 Legacy Series / Re: Not a smooth upgrade this time...

« on: February 13, 2024, 05:49:44 pm »

That doesn't look related to my problem. Did you check you can resolve these addresses?
I can:

Code: [Select]

> set q=AAAA
> mirror.sfo12.us.leaseweb.net
Server: 2003:e6:7744:8501:242:43ff:feae:1c
Address: 2003:e6:7744:8501:242:43ff:feae:1c#53

Non-authoritative answer:
mirror.sfo12.us.leaseweb.net has AAAA address 2605:fe80:2100:b001::5187
So it might be a DNS problem on your end.

4

24.1 Legacy Series / DynDNS - native client

« on: February 12, 2024, 12:13:39 pm »

When I change from ddclient to native client, do I need to recreate all host records? Because the logs still show "ddclient" as process being used.
Thanks!

5

24.1 Legacy Series / Not a smooth upgrade this time...

« on: February 09, 2024, 12:52:01 pm »

I think I have been spoiled by all the smooth upgrades I had in the past. This time it was all but smooth.
The server went unresponsive multiple times (had to hard-reboot), web gui not responding, LAN interface got unresponsive after a few minutes being up. I finally have it running now, but still occasionally can't connect to the web UI.
I have submitted a crash report. What else can I do to help?

I also now have this error message popping up in backend log every hour:

Code: [Select]

[07bbd436-4c8f-446a-9205-24455d9ba5f5] Script action stderr returned "b'Traceback (most recent call last):\n File "/usr/local/opnsense/scripts/OPNsense/Zenarmor/sensei-db-version.py", line 11, in <module>\n from packaging import version\nImportError: cannot import name \'version\' from \'packaging\' (unknown location)'"Is Zenarmor fully supported with this release?
Thank you for your great work!

6

23.7 Legacy Series / API access to certificate store

« on: February 01, 2024, 10:36:23 am »

I think this has been asked before (can't find the thread anymore) but maybe something has changed:
Is there any plan to support API access to the certificate store? I would love to utilise the acme plugin to manage all my certificates, not only those used on the firewall. But then I need some automated way to retrieve them after renewal.
Is there any workaround? Maybe someone has a shell script that exports the certificate locally and then I can scp it from the machine?
Thanks! Till

7

General Discussion / phpIPAM API integration

« on: November 17, 2023, 12:49:02 pm »

Has anyone already done some phpIPAM integration into OPNSense? Both tools have open API's.
I wonder if I could build something like:
- creating a new device with a static IP in phpIPAM will aotmatically create an DHCP entry in OPNSense for the static v4 IP.
Anyone?
Thanks!

8

General Discussion / DNS0.EU - anyone?

« on: March 02, 2023, 10:48:50 am »

Did anyone already look into the newly lounged DNS0.EU initiative? Sounds like a good European alternative to NextDNS or the like. -Till

9

23.1 Legacy Series / Re: IPv6 on Deutsche Telekom very unstable, PPPoE reload dyfunctional since 23.1

« on: February 09, 2023, 06:36:59 pm »

I run the same constellation (Deutsche Telekom, Vigor , OPNSense) and I have the same issue.
You can't blame OPNsense for the unstable PPPoE connection because it is the Vigor dropping it. And yes, I have tested the Speedport and it is more stable. I had tickets open with Vigor and tested several firmware releases with varying success but never solved it completely.
That after a reconnect the IPv6 is not established is indeed in my opinion an OPNsense issue. And I feel it is a timing issue. because when I manually force a reload of the PPPoE connection then IPv6 works perfectly.
The only thing that would be needed in my opinion, is some task that monitors if IPv6 addresses are assigned after PPPoE is up and if not bounce the connection again and re-establish.
I wonder if that can be done via monit?

10

23.1 Legacy Series / Re: Web UI doesn't start anymore after last update

« on: February 07, 2023, 04:09:11 pm »

Well, at least the old one still exists and works. I've been pushing out migration for a while.

11

23.1 Legacy Series / Re: Migrating to ddclient - spdns combined hosts

« on: February 07, 2023, 10:29:38 am »

Thanks for all the feedback, I'll give it a try.
Issue is that spDYN used to have separate update tokens for IPv6 vs IPv4 and they seem to go away from that.
Anyway, I'll try.

12

23.1 Legacy Series / Migrating to ddclient - spdns combined hosts

« on: February 06, 2023, 11:29:24 am »

Does anyone have experience in updating spdns combined hosts (IPv4 & IPv6 with a single update token) with ddclient?
The update URL looks like this:

Code: [Select]

https://update.spdyn.de/nic/update?hostname=Domain&myip=IPv4Address,IPv6Address&user=hostname&pass=update-tokenDo I need to go for custom with this?

Thanks!

13

23.1 Legacy Series / [solved] Web UI doesn't start anymore after last update

« on: February 06, 2023, 11:09:56 am »

I managed to recover from this by running

Code: [Select]

pkg remove ddclient-devel-3.10.0
Then rebooted, then re-installed ddclient.

14

23.1 Legacy Series / Web UI doesn't start anymore after last update

« on: February 05, 2023, 01:57:32 pm »

I was on 23.1 for a few days and today I was offered an updated ddclient package, so I installed.
Since then web UI doesn't start anymore.
When restarting all services via SSH, I get the following output which indicated problems with ddclient.
Can someone help me to recover from that? I am not really deep into freebsd CLI. thank you!

Code: [Select]

FAILED:   updating <domian_replaced>: unexpected status (14)
Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4105.
Use of uninitialized value $_[0] in sprintf at /usr/local/sbin/ddclient line 2163.
WARNING:  updating : nochg: No update required; unnecessary attempts to change to the current address are considered abusive
Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4114.
Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4115.
Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4116.
Use of uninitialized value $h in hash element at /usr/local/sbin/ddclient line 4105.
Use of uninitialized value $_[0] in sprintf at /usr/local/sbin/ddclient line 2163.
FAILED:   updating : unexpected status (0)
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.
Use of uninitialized value in string ne at /usr/local/sbin/ddclient line 1157.

FAILED:    was not updated because protocol <undefined> is not supported.

15

22.1 Legacy Series / Re: IPv6 track interface often fails after temporary DSL line failure

« on: May 31, 2022, 05:02:11 pm »

@marjohn56
Any hint how to enable debug logging for dhcp6c?

thanks, Till