Messages

Yep.

Definitely don't want to be using Linux when configuring Raspberry Pi OS (lul debian rite?) as a NUT master or a slave. Certainly don't want to be using a *nix based O/S with terrible documentation, ambiguous fields, and error messages that tell me less than a Windows error (now that takes talent!).

Sadly, much like Windows - it's the only option for some things. So, here I am.

Fortunately, I found a 15 minute solution to a week of endless frustration trying to make this godforsaken anachronistic operating system talk to one of its own lackeys. Offline redundant backup of the config files and current version installation media.

Tada!

Bah... screw it.

I'm done wasting my time on Linux operating systems.

Yet another failed attempt to make Linux relevant to my life.

So these are the part 1 and part 2 guides that I followed when setting this up.

https://www.howtoraspberry.com/2020/11/how-to-monitor-ups-with-raspberry-pi/

https://www.howtoraspberry.com/2021/05/how-to-configure-an-orderly-shutdown/

I've doublechecked myself against the guide for the NUT server configuration and it appears correct - but I'm not sure if the guide is 100% complete. I did create a user in the nut config files and referenced it as directed but... no dice. My apache web connection to the device works flawlessly and I can use my NUT username/password to gain access to the UPS settings/display from any device on my wired network.

As far as connectivity - the RBPi3 (hereby known as Master) is capable of pinging my OPNsense firewall and just prior to this, fully updated itself with the Raspi servers.


What I'm curious about...

Do I need to create an actual system level user account & password to reference in the opnsense NETCLIENT submenu? If so... It follows that the NUT password would be set in the currently default "Monitor Password" field that I'm currently struggling to identify a use for.

This would be a million times easier if I could simply access the NUT .conf files on the OPNsense box without having to try to interpret limited instructions on ambiguous fields.  >:(

[General Settings TabEnable Nut - - - ENABLEDService Mode - - - NETCLIENTName - - - *doesnt matter?*Listen Address - - - IP of NUT serverUPS Type TabNetclient optionEnable - - - ENABLEDIP Address - - - IP of NUT serverUsername - - - NUT user (as described in the various nut conf files on the NUT master)Password - - - NUT user password (as described in the various nut conf files on the NUT master)]

I've been fighting with trying to get NUT up and running on OPNsense for... a while.

Current (desired) setup:

OPNsense Router (netclient SLAVE)
Raspi4 (DNS Filter SLAVE)
Raspi3b+ (UPS Monitor MASTER)
APC BackUPS Pro 1500s

Here's my issue.

What I think I know...

I think the following is correct:

General Settings Tab
Enable Nut - - - ENABLED
Service Mode - - - NETCLIENT
Name - - - *doesnt matter?*
Listen Address - - - IP of NUT server

UPS Type Tab
Netclient option
Enable - - - ENABLED
IP Address - - - IP of NUT server
Username - - - NUT user (as described in the various nut conf files on the NUT master)
Password - - - NUT user password (as described in the various nut conf files on the NUT master)

This seems logical, straightforward, and simple. But it doesn't work. Does the following tab have anything to do with any of this or should this simply be left at default (password) for both fields?

Nut Account Settings (accessed by clicking on general settings tab and selecting this option in the menu)
Admin Password
Monitor Password

Admin Password? Monitor Password?

Wut? That tab makes absolutely no sense to me.

If I leave NUT enabled, this is the endless log output I receive in OPNsense:

UPS [░░░░░░░@░░░░░░░]: connect failed: Connection failure: Connection refused

I'm out of ideas.

Yeah.

Buy.

Spend a couple hundred bucks on an out of the box solution that I can have up and running in 15 minutes vs spending untold hours trying to make an undocumented product work. As it stands, I've invested over 16 hours in attempting to get this extremely simple task running with absolutely zero success.

I am out of ideas on how to get this to work and the ideas that have been floated have been unsuccessful. That is not to say that I don't appreciate them. I definitely do. Sadly, the facts of the matter are that I have a network that is screwed, no idea how to fix it, no leads to follow to fix it, and no documentation to engross myself in to even attempt to troubleshoot this issue.

Every time I work with a community supported *nix product, I end up with a bitter taste in my mouth and the overarching feeling of "this is exactly why Linux will never be a mainstream product". I also swear that "this will be the last time"... right up until I try it again.

I've seen nothing to change that view - though I was hoping beyond hope to have an open source solution that actually worked for me.

Thanks for your amazingly insightful post though!

Yeah...

Might be time to scrap this project and buy a finished product.

Also,

The only firewall rules I have are the "Default allow LAN to any rule" that allows everything else to communicate correctly.

Does a VLAN need an additional rule or..?

Why is there no documentation for any of this?!  :o

Sorry for the delay in replying, I've been busy with other projects.

Here's a recap of where I'm at.

I want to have VLANs span across multiple LAN interfaces and be able to communicate across those interfaces.

I currently have the following configured:

bxe0 and bxe1 (my LAN interfaces) - Bridged as Bridge0

bxe0, VLAN10_a
bxe1, VLAN10_b
VLAN10_a & VLAN10_b bridged as "VLAN10" Bridge1

The DHCP IP assignments are handed out by VLAN10 under Bridge1

Now... I have a device connected to one of my switches that successfully pulls a DHCP IP address from the VLAN10 DHCP Pool.

But! - That device will not connect to the internet and I cannot ping to it from the router or ping the router from the device. I've set firewall rules on the Bridge as well as the two member VLANs with no success.

I really don't understand why this isn't working.

Well...

It made logical sense and I really thought it would work but - no dice.

I'm testing on VLAN 10 without success. No connectivity now but I do get IP addresses assigned from the VLAN 10 DHCP server.

Any ideas..?

[4]

I built a little rackmount router with a total of physical interfaces with the following configuration for the interfaces:

Doh! Should read "...total of 4 physical interfaces..."

Hey guys,

I've got a fun one for ya! I have been unable to figure out what I'm doing wrong and could really use some insight here...

I built a little rackmount router with a total of physical interfaces with the following configuration for the interfaces:

re0 - DHCP WAN
re1 - 192.168.15.1/24 - VoIP router dedicated port
bxe0 - Basement Switch (TL-SG3216 v1.0)
bxe1 - 2nd Floor Switch (TL-SG3216 v2.0)

The following have also been created:

bridge0 - comprising bxe0 and bxe1
VLAN1 - 192.168.1.1/24 (parent bxe0)
VLAN10 - 192.168.10.1/24 (parent bxe0)

My network is configured as follows:

|-----Router-----|

bxe0|                       |bxe1

TL-SG3216-B<---->TL-SG3216-2

Disregard the link between the two switches - for the moment, I have disconnected this connection as I haven't had a chance to set up STP.

So here's my problem...

I've been trying to get the VLANs to apply to both switches (bxe0 & bxe1) but I can't seem to pull it off. I've tried adding the VLANs into my bridge interface to see if that would work but everything becomes inaccessible and I have to gui into the router through my VoIP port to change everything back.

Everything works fine out of bxe0 - all VLANs correctly deploy DHCP and all clients can successfully connect.

Aside from that, the bxe1 side of the network is basically inaccessible. I can manually ping from the router to the managed IP address of the bxe1 connected TL-SG3216 switch - but I have no other connectivity.

How does one go about putting the same VLAN in place across multiple LAN interfaces in OPNsense? Does the VLAN need to be on a bridge or..?

I'm so confused by how the VLAN interface assignments work in opnsense - it just doesn't seem very intuitive to me from anything else I've ever worked with. :o