Messages

1

General Discussion / Re: Multi wan load balancing at same tier issue

« on: August 08, 2020, 04:29:35 pm »

I found a workaround...on the DSL router there is a "supplemental network" option to add IP's behind the DSL router... Adding WAN1 to that seems work.

Traffic is flowing now with my work around. Still seems strange that packets were leaving WAN2 interface with WAN1 source IP.

2

20.7 Legacy Series / Re: Syslog-ng constantly crashing

« on: August 08, 2020, 02:55:40 am »

Its holding steady right now since this morning.

I use a remote syslog server.... Most everything is pretty vanilla at the moment because I am battling a multi-wan issue and wanted to "start over".

3

General Discussion / Multi wan load balancing at same tier issue

« on: August 08, 2020, 02:53:12 am »

I am having a weird problem with multi wan which I cannot figure out the solution. I have gone to the extent of a wipe and reload of my fw software and starting the config 1-by-1 only to still have the problem. Now asking for help.

When I put the LAN fw rule for outbound traffic into load balance group where both WANs are in same Tier1 - I experience intermittent traffic failures.

I have multi wan setup per the guide.

WAN1 = cable modem w/ dhcp public IP
WAN2 = opnsense is NAT IP behind DSL "router" which has public IP

After several days I finally made some discovery after looking into the WAN2 DSL router logs - it is denying traffic for reason of packets "invalid src IP address" of WAN1.

Traffic shouldnt be coming in an interface that did not originate from, correct...??

When I have either WAN configured as Tier1 and the other as Tier2, I have zero issues like this.

Only when they are both at the same Tier does it occur. Please help

4

20.7 Legacy Series / Re: Syslog-ng constantly crashing

« on: August 07, 2020, 07:51:33 pm »

Once I disable "circular logging" syslog-ng is able to start and I am seeing log events now.

I dont know what the remifications of disabling that are? Can anyone shed light?

FWIW once disabling circular logging, syslogd now shows as being stopped.

5

20.7 Legacy Series / Re: Syslog-ng constantly crashing

« on: August 07, 2020, 07:43:59 pm »

Same problem here. syslog-ng not working.

6

20.7 Legacy Series / Re: Performance problem after 20.7 upgrade

« on: August 07, 2020, 07:18:58 pm »

I see this in my logs too.

kernel: pflog0: promiscuous mode enabled
kernel: pflog0: promiscuous mode disabled

Every couple of minutes.

7

20.1 Legacy Series / Re: dhclient: Creating resolv.conf

« on: July 30, 2020, 05:41:40 am »

did u ever reach any conclusions on this?

8

Tutorials and FAQs / Re: Gateway Groups - Load Balancing - Sticky connections per IP or sessions?

« on: July 30, 2020, 02:12:06 am »

When I see the problem occurring the Firewall liveview shows traffic denies incoming to one of the wan interfaces which I presume are asymmetric route traffic... looking for a solution...!

9

Tutorials and FAQs / Re: Gateway Groups - Load Balancing - Sticky connections per IP or sessions?

« on: July 30, 2020, 02:10:14 am »

I too am facing the exact problem you described. Did you determine the proper settings to solve this?

10

18.1 Legacy Series / Re: Unbound domain overrides failing since 1.7.1

« on: July 05, 2018, 06:23:11 pm »

Want to close the loop on this issue. I have been running 1.7.3 unbound since last friday and have not had a single recurrence of the problem. The issue is solved with 1.7.3 confirmed! Thanks!!

Hi Stefan,

Good, 1.7.3 will be in 18.1.11 early next week.


Cheers,
Franco

11

18.1 Legacy Series / Re: Unbound domain overrides failing since 1.7.1

« on: June 23, 2018, 11:54:04 am »

A test version would be great. I have been dealing with this for a little while, so monday or next week for a test version is definetly fine! Thank you

12

18.1 Legacy Series / Re: Unbound domain overrides failing since 1.7.1

« on: June 22, 2018, 03:53:06 pm »

In the Unbound log I am seeing "useless dp but cannot go up, servfail"

It appears #4100 bug listed in the release notes relates to this.

https://github.com/NLnetLabs/unbound/commit/d3866418208f9a16c7bab09b424dbd90a973df0c

https://github.com/NLnetLabs/unbound/commit/53b1e11eba0614fa0c9196edda92d557286fde59

The logfile message I am receiving appears to be the command that is getting hit due to the code above it...

I am no programmer, but to me 1.7.3 looks kinda promising.

13

18.1 Legacy Series / Re: Unbound domain overrides failing since 1.7.1

« on: June 21, 2018, 04:30:07 pm »

The problem does not appear to be resovled in unbound 1.7.2. Made it a few hours before seeing DNS queries to my override are failing.

I have turned up Logging on Unbound to Level 5. Maybe I will see something that can pinpoint the problem. :-/

If I wished to go back to 18.1.8 - what is the procedure - is there a KB article? thx...

14

18.1 Legacy Series / Re: Unbound domain overrides failing since 1.7.1

« on: June 21, 2018, 01:58:19 pm »

FYI: 1.7.2 was shipped today, after non-reboot update the Unbound service requires a manual restart.


Cheers,
Franco

Thank you! I have installed the update & rebooted. Will let you know if this has solved the issue.

15

18.1 Legacy Series / Re: Unbound domain overrides failing since 1.7.1

« on: June 19, 2018, 02:32:08 pm »

I will try adding @53 and see if it makes a difference.

My overide dns is my personal domain name hosted on a VM inside my network. It is resolving fine when I point my clients directly at the dns server.

When the names will not resolve through my opnsense unbound service I restart unbound and they immediately work again.

My override configuration was working perfectly for months and months. The 18.1.9 release included unbound 1.7.1 is the only change to point to.