Messages

I want to configure monit to alert (email) me when the unbound service restarts.

I have configured monit (via the GUI) and have this resultant configuration (shown from the CLI)

Code Select Expand

check file resolver.log with path "/var/log/resolver.log"
   if match "info: start of service (unbound" then alert

However I don't think I'm looking at the correct log file.

When I look via the GUI (via Services: Unbound DNS: Log File), these are examples of the entries in the unbound log file:

Code Select Expand

2021-07-18T14:30:15 unbound[34317] [34317:0] info: start of service (unbound 1.13.1).
2021-07-18T14:28:46 unbound[88879] [88879:0] info: service stopped (unbound 1.13.1).

When I look in resolver.log I don't see those entries.  I've looked around at other log files and can't find that information anywhere.  Any guidance appreciated.

Hi,
I just posted a question which, whilst not the same as yours, seems to perhaps have some similarities to your issue: https://forum.opnsense.org/index.php?topic=23961.0

Did you get to any conclusion/resolution with your issue?

I have OPNSense running on a Pico PC (Intel® E3845 4xLAN) and it's been rock-solid for months with one very big notable exception.  This is relating to my dual WAN setup.  I have 2 x VDSL circuits (both providing c.20Mbps downstream) both of these services are using the providers original routers and these two units are connected upstream to 2 x Ethernet interfaces on my OPNsense.

When I have a single gateway in OPNsense enabled (either WAN1 or WAN2 doesn't matter), everything is rock solid.  However if I configure any load-balancing then things seem to get unpredictable and unreliable, i.e. loss of Internet connectivity.  I've even had some issues when I have OPNSense configured for just failover.

I even resorted to using each of the single broadband connections each from their local subnet as a test (so no OPNsense) and both circuits are stable, no errors and long up times.

In OPNsense, I've double checked my configuration but I'm thinking I must have done something stupid...

My gut feel is it's something to do with the "Monitor IP" configuration on the gateways.  In that regard I have tried using different IPs for the monitoring (I originally used 8.8.8.8 & 8.8.4.4).  I even tried disabling this yesterday and that didn't seem to help.

I have even changed my downstream WAN2 router to be in bridge mode (thus eliminating the WAN2 router) so now I have OPNsense configured for PPPoE.  In this configuration the gatway is showing Down in OPNSense but it is actually up and working.

Any thoughts/guidance appreciated.

I have OPNsense running as my main router in my SOHO with clients on a directly connected LAN.  Downstream from the OPNsense router there are two Ethernet WAN connections.  These are each connected to VDSL routers (via 2 separate private networks), so I have doube-NAT.

Currently I do not have any load balancing enabled so all outbound (Internet) traffic is using a single WAN connection.

All is good with a single exception.  I have have a work PC which has a Cisco AnyConnect client which is used to establish a VPN towards an external destination.  This VPN client always prompts for the credentials but rarely establishes a connection.  I would say that 1 connection in 10 is successful, if that.

If I connect from one of the private networks 'behind' the OPNsense router then I have no such issue, so I assume it's something within the OPNsense configuration which is causing the issue.

Thoughts appreciated.

So I can see the inbound udp/123 traffic in the packet capture (no response though).  There's nothing in the firewall live view trace at all (deny rule is logging).

Looking at Interfaces: Diagnostics: Netstat I do see my LAN (igb0)

udp4/[192.168.1.1:123-*:*]
protocol:udp4
receive-bytes-waiting:0
send-bytes-waiting:0

But this command from my PC doesn't work (i.e. I get an error).

w32tm /stripchart /computer:192.168.1.1 /dataonly /samples:5

Good thought, but regardless of it being TCP of UDP what I don't understand is that I'm not seeing the traffic in the Firewall -> Log Files -> Live view.

For example if I use Angry IP Scanner towards my firewall for the ports 80, 443, 8080, I get a reply (allow) for the 80/443 as expected but for 8080 I get nothing (nothing in the log).

I'm wondering if I'm confusing what's listening on a given port with what the firewall is/isn't allowing.  i.e. for port 8080 there's nothing even listening on that port on the firewall and may be that's why I get nothing back rather than any deny from the firewall?

Just looping back on my post in case it's useful to anyone else.
In the end I went for a Pico PC (Intel® E3845 4 LAN 1 COM AES-NI 4G Fanless Firewall Router)
https://www.pondesk.com/product/Intel-E3845-4-LAN-1-COM-AESNI-4G-Fanless-Firewall-Router_MNHO-073
I used a spare 2.5" SSD I had and also added 8GB RAM.  I'm slowly adding services to the OPENsense configuration and it's been rock-solid.  Am impressed with the build quality of the Pico PC too.

I've been fault finding ntp (running as a service on OPNsense).  I thought I would use the Live View feature in the Firewall settings to diagnose.  However I am not seeing any ntp traffic in relation to the traffic I am generating towards OPNsense using w32tm or Angry IP Scanner).  If I use the latter and scan for ports 80,443 & 123 I do see the 80/443 in the Live View but nothing relating to the 123.

I assume I'm missing something obvious.  Any thoughts appreciated.

For anyone else with this issue, I got the fix in the end.

BIOS configuration change.

Advanced -> IT8613 Super IO Configuration -> CIR Controller Configuration -> CIR Controller = Disabled

So I think the console is a red-herring (I now have the exact same behaviour for HDMI or console configuration).   I temporarily installed W10 on the hardware (just to see if there's anything wrong with the hardware) and that's all good, seems to run fine.

Back with OPNsense now, playing with BIOS settings to see if any tweaks will prevent the crash.

So I just tried pfSense and it's exactly the same

Ah you I think your scenario is a bit different to mine.  I have the HDMI/keyboard connected and always get a boot, to just past the OPNsense menu, then the display stops.

I have tried disabling the serial port in the BIOS and that doesn't change things.
I have also just tried the 'serial' version of OPNsense (having reenabled the serial port, of course) and still no output on the serial connection.

I think I need to check the wiring on the serial port (it's an RJ45 port), I'm using a standard Cisco RJ45-DB9 cable and have tested it and the serial-USB adapter on another bit of kit.

Other thing I will try is something like pfsense just to see if it's an OPNsense specific issue.

Yup UEFI.

Actually I think I might know what this is.....

The last line on the display prior to the apparent crash relates to a UART (so reasonable to assume it's something to do with com. ports?).  My unit has both HDMI and a console/com. port and I am using the HDMI (and a USB keyboard).

I am wondering if there's actually no crash, but it's just flipping over to the serial connection and 'away' from the HDMI and keyboard as it boots.

I'm going to plug my PC into console port too, to see.  Also I will try disabling the com. port in the BIOS as another option.

I have used this one

OPNsense-20.7-OpenSSL-vga-amd64.img.bz2

Thanks

I have a brand new PICO PC (MNHO-073) with 2G RAM (soon to be upgraded to 4GB) and a 120GB SSD.  I have downloaded 20.7 and used Rufus to write it to a USB memory stick.  When I turn the solution on it boots fine, getting to the normal/initial dialogue.  However it crashed soon after, consistently (n the same place).  Once crashed it's completely dead (caps lock on/off not responding).  After a power cycle the same happens.

See attached for the output prior to the crash.  Any thoughts appreciated.

Thanks in advance.