Messages

1

20.1 Legacy Series / Re: Getting just around ~200Mbit of 1Gbit Bandwidth

« on: April 26, 2020, 12:17:33 pm »

Do you have a PPPoE connection to the ISP?
In case unfortunately you cannot get too much from the APU as PPPoE connection cannot be multithreaded and split between CPU cores.

With an APU2 I was able to get around 450Mbps over PPPoE with these tunable settings (reboot the APU once you add those tunables)

net.isr.dispatch=deferred
net.isr.maxthreads=4
net.isr.numthreads=4
legal.intel_igb.license_ack
hw.igb.rx_process_limit=-1
hw.igb.tx_process_limit=-1
kern.random.harvest.mask=351


In any case you will not reach Gbps with an APU1 or APU2, what I did at the end was to use another router to do the PPPoE connection and then configure a DMZ there pointing to OPNsense. I got 1ms ping more because of the double NAT but I achieved Gbps.

If you're going this way just remove the "net.isr.dispatch=deferred" tuneable as this setting is just to optimise PPPoE but decrease the general forwarding performance.

2

General Discussion / Re: Bufferbloat help

« on: April 23, 2020, 09:18:12 pm »

You should go in the Rules tab of the page, not the general firewall rules on the left menu.

3

20.1 Legacy Series / Re: OpnSense 20.1.4 WAN (VLAN PPPoE) problem

« on: April 20, 2020, 11:07:51 am »

Hi, I had a similar issue with my OPNsense, I found out that if you're using VLAN you need to keep enable both the VLAN interface (In my case assigned to LWAN) and the pppoe WAN assigned to WAN.

This is how my configuration looks like:

4

19.7 Legacy Series / Re: [Solved] Sonos on VLANS

« on: February 18, 2020, 04:18:51 pm »

Sounds like the media server stops sending once it's got an ack from the control point.

I will try to debug once I get back home (this weekend) but it seems strange that he stops sending when he receive the ACK as this don't happens when both are connected under the same network.

Maybe @bertofurth has some suggestions on how to debug it.

Please let me know if you want to continue this discussion on the new thread.

Thanks a lot.

5

19.7 Legacy Series / Re: [Solved] Sonos on VLANS

« on: February 17, 2020, 04:22:55 pm »

Thanks a lot Marjohn, It works flawless with mDNS (used for AirPlay) but it has some issues with SSDP, here is my scenario:
Network 1: DLNA control point (iPhone Naim app)
Network 2: DLNA media server (QNAP NAS) + DLNA media renderer (Naim streamer
Configured relay to IP 239.255.255.250 for the 1900 UDP port.

Whenever I open the control point application from network 1 I can't see the media server.
If I restart the media server while I'm in the discovery screen of the control point I can see and select the Media Server.
If I close the app and reopen it the media server is gone.
So basically it seems that if the control point is running and the media server send the broadcast message at startup the frames got relayed, otherwise no. Please note that if I keep the control point app on the same network this does not happen and it always shows the Media Server.

Till now I tried to change the TTL flag and also enabled/disabled IGMP snooping, but nothing changes.
Do you have any advice on how can I debug this issue?

Many thanks for your work.

6

19.7 Legacy Series / Re: [Solved] Sonos on VLANS

« on: February 16, 2020, 02:21:05 pm »

Hey marjohn56, may I have the plugin too?
Thanks!

7

18.7 Legacy Series / Re: Opnsense as a Gateway for IPSec Roadwarrior (NAT issue)

« on: January 04, 2019, 08:11:53 pm »

Hi, could you please explain better the steps?
I added the NAT and I see that in the logs my local VPN is getting NATted but somehow the packet is not routed back to the IPSec interface and I cannot connect to external IPs.

Thanks

8

General Discussion / Re: Cloudflare DNS over TLS with Unbound

« on: April 07, 2018, 05:02:04 pm »

Had the same issue, I used the following parameters in the custom options field and then it worked.

Code: [Select]

server:
forward-zone:
name: "."
forward-ssl-upstream: yes
forward-addr: 1.1.1.1@853
forward-addr: 1.0.0.1@853


9

17.7 Legacy Series / Re: Route all traffic through IPsec VPN

« on: January 24, 2018, 06:05:01 am »

Does anyone can help?
Thanks!

10

17.7 Legacy Series / Re: Route all traffic through IPsec VPN

« on: January 13, 2018, 09:06:46 pm »

Hi Bart,
thanks for the answer.

WAN interface has a local IP on a private network 192.168.100.0/24 but gets the public IP via PPPoE

here are my automatic routes (The obscured one is the public IP):

11

17.7 Legacy Series / Route all traffic through IPsec VPN

« on: January 12, 2018, 06:19:03 pm »

Hi all, I followed the How to guide for configuring an IPsec Road-Warrior VPN to connect my home network from outside and I'm now able to access my local network.

What I would like to do now is having the possibility to route all the internet traffic from my laptop trough my home connection.

I created the following firewall rules


And when I try to navigate I see in the logs that the rule is triggered


Despite the firewall rules working I cannot connect outside the LAN.

Those are the automatic generates NAT rules:


Does anyone has a suggestion on where it could be the issue?

Thanks!