Messages

Need to see the Services-Unbound-General page

The easiest would be to prepare a new vm on zfs, install all updates and plugins, import the configuration file for the respective vm to be replaced and swap the VMs

That's a weird issue. If old_hw works without the os-realtek driver then it should be working on 26.1

Probably best to open an issue on GitHub OPNsense/src so Franco can have a look—-especially since 15.1 is on the horizon.


I've been told at some point Realtek removed some cards from the vendor driver ( so make sure you try both with and without it)

To get rid of the sed buffer issue you can deploy this patch before and after upgrading edge to 26.1.9

https://github.com/opnsense/core/commit/5de581cd4


Regarding DNS, you haven't said much about it so I won't guess what could be blocking things occasionally there. My main takeaway is that the issue is transient

After installing 26.1 if you don't have another nic available then download os-Realtek-re and realtek kmod packages from here, copy on a stick and install manually


http://pkg.opnsense.org/FreeBSD:14:amd64/26.1/MINT/26.1/latest/All/


Once connected to the Internet apply patches and install plugins, many of whom will be reinstalled automatically when checking for updates once more after the patches have been applied.

Once fully updated and with the plugins installed import the needed config.xml


Do whatever necessary configuration you need to have the internet functional and don't worry about it. Importing the correct configuration will not be tainted by the temporary settings you made to bring everything up.

Same issue here. Neither multiple restarts of unbound & dns-crypt as well as OPNsense nor a rollback to 26.1.5 (the entire VM image) fixed it.

If a rollback failed it is more likely you experienced a brief internet outage that messed up the ssl connections in dnscrypt

I upgraded my internal (not edge) router to 26.1.9 this morning (AEST), promptly losing DNS resolution

Did you try a health check?

Anything unusual in unbound debug logs ?

Confirming LR44, I changed one as well.

Depending on what you have installed, if only using official OPNsense plugins you could simply back up the configuration file and then either:

- get a new license and install 26.4 - import configuration - check for updates

- replace the license on the current installation and keep updating until you reach 26.4.x

- switch to CE and update until you reach 26.1.x. Once CE moves to FreeBSD 15.1 on 26.7 mid July you'll have to either get the license for BE and move to the 26.4 branch or keep using CE until 26.10 is out before moving back to BE

In case of a fresh start your plugins will be automatically reinstalled after installing the updates so check for updates until there's nothing left to do.

25.7 and 26.1 use the same version of FreeBSD.

The upcoming OPNsense 26.7 will be based on 15.1 and we may get newer drivers...maybe for some but not for all ?

> Why did temps suddenly change as noted?


Corrupt databases will do that, hence my answer above

Just because it is there doesn't necessarily mean anyone will use it.

Once OpenSSL changes everyone will be running it

The bigger change might actually be openssl 3.5.x in 26.7 for the packages, and it can already be tested:

1) Take a snapshot

2) in Firmware Settings set the custom repository snapshots/openssl35

Check for updates and reboot at the end.

( There's no need to select development in Firmware settings, only set the custom repository )

I'm running on OpenSSL 3.5.6 for a week with what is essentially 26.1.8 (plus a handful of patches that will be officially released in 26.1.9) with WireGuard, OpenVPN and IPsec


P.S. If having mimugmail packages installed don't change the openssl version or those packages ( example Unifi) will be uninstalled.

AGH will be fine as it handles SSL without dependencies on OPNsense packages.

In Reporting-Settings click on the 3 Reset buttons. Don't repair anything, never works.

You should reset things regularly else the databases grow and in case of corruption peg the CPU. ( Never seen the DNS one having issues yet but it is best to be safe than sorry )

> is there anything I have to be aware


Yes. FreeBSD 15.1 is coming out in July. I wouldn't rush things now since your boot loader is not that old.

FYI, I did a vm just fine. For the rest of the HW I'll just wait until I am on 15.1