Messages

I ended up disabling PowerD on an N100 and used this post:

Do I need to enable PowerD

Note that the thread mixes up SpeedStep and Speed Shift in a few places!  I think this is the right way around:

SpeedStep is the "old" method - needs PowerD.
Speed Shift is the new method and its available since 6th Gen of Intel CPUs (I think) - doesn't need PowerD.

Sounds like Contact Energy is your ISP?  I'm using Spark with PPPOE on VLAN 10.

Have you set up VLAN on your interface?  Interfaces --> Other Types --> VLAN.  Then create a new device over your WAN port with VLAN = 10.

It's been a while since I did the rest, but I think, on Interfaces --> Assignments set WAN to your VLAN, and then set the WAN parameters in Interfaces --> WAN

Your screenshots are mostly identical to my setup which uses PPPOE on VLAN 10.

The differences are MTU and MAC address.  I have an MTU of 1500.  Should be 1492, but the ISP (Spark NZ) recommends the use of 1500.

I have not got a MAC address on the WAN page.  It's blank. Looking at the help notes for this page, I wonder if you should have it.  It says 'use with care'.  I see the MAC number then appears on the PPPOE page of your screenshot for the VLAN.  Again, I only have the VLAN given.   

Looking at your log and comparing it with my log for PPPOE, it all seems to go wrong about here:

Code Select Expand

2022-12-23T09:23:46-03:00 3 Informational ppp 28636 [wan_link0] LCP: LayerDown
2022-12-23T09:23:46-03:00 3 Informational ppp 28636 [wan_link0] LCP: SendTerminateReq #100
2022-12-23T09:23:46-03:00 3 Informational ppp 28636 [wan_link0] LCP: state change Opened --> Stopping
2022-12-23T09:23:46-03:00 3 Informational ppp 28636 [wan_link0] LCP: received an invalid magic number
2022-12-23T09:23:46-03:00 3 Informational ppp 28636 [wan_link0] LCP: magic number is wrong: 0x050643b4 != 0x43b44449

It seems that the magic numbers are wrong.  I had no idea what magic numbers are, but Google gave me some direction.  They are to check the network is not a loopback (I think).
At this point Opnsense (?) tries to teminate the ppp and tries to do a restart, but the peer seems to want to keep connecting with the old connection:

Code Select Expand

022-12-23T09:23:48-03:00 3 Informational ppp 28636 [wan_link0] PPPoE: connection successful
2022-12-23T09:23:48-03:00 3 Informational ppp 28636 [wan_link0] rec'd proto LCP while dead
2022-12-23T09:23:48-03:00 3 Informational ppp 28636 PPPoE: rec'd ACNAME "BRAS03NG"
2022-12-23T09:23:48-03:00 3 Informational ppp 28636 [wan_link0] PPPoE: Connecting to ''
2022-12-23T09:23:48-03:00 3 Informational ppp 28636 [wan_link0] Link: reconnection attempt 292
2022-12-23T09:23:46-03:00 3 Informational ppp 28636 [wan_link0] Link: reconnection attempt 292 in 2 seconds
2022-12-23T09:23:46-03:00 3 Informational ppp 28636 [wan_link0] LCP: LayerStart
2022-12-23T09:23:46-03:00 3 Informational ppp 28636 [wan_link0] LCP: state change Stopped --> Starting
....

2022-12-23T09:23:46-03:00 3 Informational ppp 28636 [wan_link0] rec'd proto CHAP during terminate phase
2022-12-23T09:23:46-03:00 3 Informational ppp 28636 [wan_link0] LCP: LayerDown

I see the peer trying to start authentication (CHAP) on the first connection attempt while it is closing, but on the second connection attempt, the log doesn't show either side trying to start authentication. 

I'll switch to another mirror. I just chose that one as there are no mirrors close to me at all (New Zealand). Cheers!

I had exactly the same problem with Cloudfare last night (New Zealand).  Changing to LeaseWeb San Francisco worked.

I also have mixed success with Cloudflare, very fast ping times, but not always reliable.

Shouldn't that be 8.8.8.8 and not 8.8.8?  However if you can ping Spark's nameserver by IP address, I'd say you've got internet connectivity.  The gateway and route are set during PPPOE negotiation.

You can play with routing tables, use extra interface and create separate subnets on the device, but I've not had reason to do this.

Spark doesn't use DHCP.  Spark uses PPPOE.  When you get a successful PPPOE connection, an IP address will be assigned as part of the PPPOE negotiation.

For debugging PPPOE logs have a look at my earlier post.
 
I can see from your screenshots provided that you didn't have PPPOE on VLAN 10 then.  Also the two PPPOE interfaces is very odd.  Time to do a system reset and start over?

Hi Dazz,
I'm away in the Central North Island (Tongariro) now for the break, so I can't see my own setup for comparison. And I'm not from the Tron (aka Hamilton)  ;)
I can see you've got two PPPOE when you should have one only.  Neither of them are on the VLAN 10, which you seem to have (good).  Looks like WAN is there too.
I would delete both PPPOE and create a new one on 'VLAN 10 on igb0'.  I think after that you should be good, but let us know how it's going (or not).

Firstly, I wouldn't be playing with the firewall rules.  The defaults should work fine.

In Lobby:Dashboard, look under Gateway.  Is there an IP address and a green light for WAN_PPPOE?
Just below Gateway is Interfaces.  Is WAN up (green arrow) and does it have an IP address?

Have a look at the log file under Interfaces --> Point-to-Point --> Log file.  Put the top right drop down box to 'debug'.
Does Interfaces --> Diagnostics --> Netstat --> Interfaces show PPPOE?

Finally, is PPPOE down and needs to be started the first time? I think this done when you save the settings.  I can't remember.

I've been using Spark with Opnsense for quite a few years now.   

Spark uses PPPOE over VLAN 10.  Setting up a VLAN over the the WAN connection is very important.  Interfaces -- Other Types -- VLAN.  Then set up PPPOE (under point-to-point) over the VLAN.

Username and password  are not used, but Spark recommends you put 'some' value in there to keep software happy.  MTU they recommend 1500, which seems to be fine for me.  The other parameters on the Spark web page aren't important.

I'm running steadily at 300 Mbps, which is my assigned line speed.

2021-07-29T15:11:56   ntpd[49850]   kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized   
2021-07-29T15:11:56   ntpd[49850]   kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized

What this is really saying is that in the first few seconds (minutes?) after booting up the clock is unsynchronised.  After that the clock becomes synchronised and the message stops.

You can search for this in the forums - it has been confusing people for a while.  It would be good if the 'error' message was phrased better, but it is from ntp and not Opnsense. 

This may, or may not help, but there was previous a FreeBSD bug similar to this.  I don't know if it is fixed of not.

https://forum.opnsense.org/index.php?topic=16798.msg76450#msg76450

https://forum.opnsense.org/index.php?topic=11869.0

The web GUI will let you enter settings that don't actually match each other - and then Monit won't work.

You definitely cannot adjust the web settings without reading the Monit manual.  I've learned that myself the hard way.  It's also best to look at the file at /usr/local/monitrc and make sure it matches what is shown in the Monit manual.

Here is part of my Monit file (The rest is custom alert scripts of my own making):

Code Select Expand


set daemon 120 with start delay 120

set logfile syslog facility log_daemon



set mailserver mydomain.com port 25   

set alert user@mydomain.com   mail-format { from: opnsense_box@mydomain.com } reminder on 10 cycles

check system $HOST
   if memory usage is greater than 75% then alert
   if cpu usage is greater than 75% then alert
   if loadavg (1min) is greater than 8 then alert
   if loadavg (5min) is greater than 6 then alert

check filesystem RootFs with path "/"
   if space usage is greater than 75% then alert


Line 14 (your error line) starts with 'set alert... mail format...'

Google says that this error message is not specific to Opnsense and often occurs during initial start up.  After a short while the clock stabilises and the message does not recur.

You can check the clock with:

Code Select Expand

# nptime

Or try chrony, pkg install os-chrony-devel

+1 for chrony

You need both.  The actual tests are in Service Test Settings.  The service is set up in Service Settings.

When setting up a 'service', the 'tests' are selected with the drop down box in Service Settings.

Don't modify the 'tests' in Service Test Settings, unless you have read the Monit Manual.

Don't select the 'ChangedStatus' test for the 'Host' service in Service Settings.  As you have found out, it won't work.