Messages

[random]

updated to 24.7.2, but i'm still losing some random packets on ipv6 ping (going out, only a jump after my firewall)

Code Select Expand

--- ipv6.abc.xyz ping statistics ---
1566 packets transmitted, 1547 received, 1.21328% packet loss, time 1567560ms
rtt min/avg/max/mdev = 0.185/2.232/1482.222/43.446 ms, pipe 2

I was more stable on "24.7.1-pf4" (no packet loss)

Any idea why I can't get my hand on 24.7.1-pf4 ?

Code Select Expand


# opnsense-update -zkr 24.7.1-pf4
Fetching kernel-24.7.1-pf4-amd64.txz: ..[fetch: https://pkg.opnsense.org/FreeBSD:14:amd64/snapshots/sets/kernel-24.7.1-pf4-amd64.txz.sig: Not Found] failed, no signature found

Is it fixed by "24.1.10_2" ? (Changelog says "dhcpv6 multicast problem", not vlan priority)

I took some time to investigate further, and the problem was way more simple that I thought .. I had no gateway for the DNS, so timeout was quite logical for every url / outbound access.

Changed it under System > Settings > General, and everything is now running smoothly.

still not working for me with a plugin or even a full reboot.

restart of crowdsec plugin only ?

rolled back to 23.7.3, everything is running fine again. I'll open a ticket with crowdsec.

I upgrade to 23.7.4 this evening.
The reboot took a lot more time, like a service timeout.
After few long minutes it looks like crowdsec plugins isn't correctly start (nothing listening on port, timeout on the cli).

Anyone else getting this behavior?

23.1.5_2 fixed it.

If you use network aliases, you should take a look at https://forum.opnsense.org/index.php?topic=33295.0

I have multiple WAN ip on my server.
WAN1 and WAN2 are alias to thoses ip :


WAN1 alias is empty in diag:


So rules with this alias are not working :


Is a replace WAN1 by the ip address directly, it works.

yes, "WAN1" is empty.

I changed the rule to use an IP instead of the alias .. and it's working.

Yes, a lot (as a destination WAN ip for wireguard rule for example)

Hi

I just upgrade to OPNsense 23.1.5 on my 2 sites (home and remote). And since the reboot of both server, I have no traffic on the wireguard interface.
- No traffic from any client to the main (remote) server
- No traffic between the 2 site (wireguard site-to-site)

Changelog of this version show no impact on wireguard.
The configuration has not changed since few months, and previous upgrade went smoothly, pointing to an upgrade error on 23.1.5 ?

(plugins os-wireguard is installed but os-wireguard-go is not)

Code Select Expand


interface: wg0
  public key: 5awzdJKxxxxxxxxx
  private key: (hidden)
  listening port: 994

peer: O5Wxxxxxxxx
  allowed ips: 10.7.0.225/32
  transfer: 0 B received, 32.23 KiB sent
  persistent keepalive: every 20 seconds

peer: L/W9xxxxx
  allowed ips: 10.7.0.210/32

peer: jbx
  allowed ips: 10.7.0.200/32
  transfer: 0 B received, 31.94 KiB sent
  persistent keepalive: every 20 seconds

peer: EjjDFxxxxxxx
  allowed ips: 10.7.0.130/32
  transfer: 0 B received, 32.38 KiB sent
  persistent keepalive: every 20 seconds

peer: n8gxxxx
  allowed ips: 10.7.0.132/32
  transfer: 0 B received, 31.94 KiB sent
  persistent keepalive: every 20 seconds

peer: B2Cxxxxx
  allowed ips: 10.7.0.134/32
  transfer: 0 B received, 32.38 KiB sent
  persistent keepalive: every 20 seconds

peer: QTxxxx
  allowed ips: 10.7.0.133/32
  transfer: 0 B received, 32.23 KiB sent
  persistent keepalive: every 20 seconds

peer: Saxxxxxx
  allowed ips: 192.168.1.0/24, 10.7.0.254/32
  transfer: 0 B received, 31.22 KiB sent
  persistent keepalive: every 25 seconds

peer: 2Dxxxxxx
  allowed ips: 10.7.0.221/32
  transfer: 0 B received, 32.23 KiB sent
  persistent keepalive: every 20 seconds


**  solved for my specific case, site-to-site endpoints should not have endpoint port and adress **