OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of cloudguy »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - cloudguy

Pages: [1]
1
20.7 Legacy Series / pfsync unicast 3+ nodes
« on: January 17, 2021, 07:14:29 pm »
Is it possible to specify a mesh of 3 or more pfsync members?   Use case is for cloud platform (azure, GCP, AWS) deployments where multicast is not permitted and a scale out scenario of load balanced active-active cluster of opnsense instances. 

2
General Discussion / Automatic / programmatic config sync to backup (secondary)
« on: April 04, 2020, 09:13:19 pm »
Hello.   Would like to understand how to programmatically "Synchronize config to backup".   Our use case is:

* Two opnsense firewalls
* lets encrypt running on the one designated as "primary"
* upon trust change (new certs) would like to propagate to backup node
* I'm able to do this via "configctl filter sync restart" and cron, however would like to understand how this could work natively within opnsense system cron / api / etc.

Thanks.

3
18.7 Legacy Series / Re: BGP learned route reset on NIC update
« on: February 12, 2019, 04:42:43 pm »
Thanks for this, but unlike an OS, Opnsense is the distribution (not RH / Cent / Freebsd).   I'm thinking there should be a hook built into the FRR package to detect and reload routes on I/F reset / apply.   I've made a note of this in our processes, however other routing / security platforms / distributions have that process link between them.   

Would this constitute a formal feature request or there's another mechanism to post such a request to the OpnSense developers?

4
18.7 Legacy Series / Re: BGP learned route reset on NIC update
« on: February 10, 2019, 09:22:50 pm »
FRR keeps running, BGP session active.  Interface doesn’t go away.  When Interface setting are applied the BGP  learned routes are cleared from the routing table (only static ones persist).  I’m thinking there needs to be a process to refresh routing tables or restart BGP as part of interface “apply” workflow. 

And no, it doesn’t happen on every other OS. 

5
18.7 Legacy Series / BGP learned route reset on NIC update
« on: February 10, 2019, 08:25:27 pm »
Hi.  I’m running BGP via FRR in Opnsense 18.7.10.  Have BGP going via FRR, everything works great.  However, noticed that everyone settings are applied to a NIC (eg IP changes, new NIC etc) dynamically learned routes disappear from the opnsense route table.  Have to restart BGP session to get them back.  Is this by design or am I missing something?


Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2