Messages

I have the impression that 23.3.5 messed it, I got my ipv6 broken after it did the upgrade few days ago.

After upgrading to 21 my log is spammed with messages like:
postfix/smtpd[40858]   OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied

I should mention that postfix, Enable Rspamd Integration is disabled.

This error does not give any hint regarding what should I do to avoid it.

Thanks, I applied `opnsense-revert -r 20.7.6 unbound` and I will find out soon. I am also watching the upstream bug.

I will report the results in a day or two. Hopefully my xmas streaming would not be affected.

How about enabling github sponsor button? I am using it as both donor and receiver and I am pleased so far. One of the best things about it the extra visibility.

As github already moved discussions out of beta and anyone can now enable them, could we at least experimentally enable them and see if they could prove a reliable alternative to the current outdated forum platform?

If it works the benefits would be considerable as it is far easier to use and it integrates greatly with the issue tracker.

I proposed that at https://github.com/opnsense/core/issues/4547 --- I am curious what people think.

Something really happened with 20.7.7 upgrade that got the Unbound resolved to a status where it stops responding, quite often, sometimes even after less than 24h.

Reloading all services does restore it but that is not something I want to do. So far I was not able to identify what is causing this as the logs are huge and I do not know what to search for in them.

Clearly this is a regression as it was not happening until recently. I do use `Enable DNSSEC Support`, logging verbosity is 2.

The only thing weird I found on resolver logs was a small number of lines like:
notice: sendto failed: Permission denied

Update: But at the same time I was able to spot something interesting general log, which may correlate with the moment it went down. Maybe is not really the dns? Still I have no idea how to fix it. I do use ipv6 and is fixed.


2020-12-24T12:36:42   opnsense[95177]   /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]   
2020-12-24T12:36:40   dhcp6c[99706]   transmit failed: Can't assign requested address   
2020-12-24T12:36:39   opnsense[40415]   /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]   
2020-12-24T12:20:10   opnsense[7251]   /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]   
2020-12-24T12:20:05   opnsense[72599]   /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]   
2020-12-23T23:08:08   opnsense[9414]   /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]   
2020-12-23T23:08:06   dhcp6c[99706]   transmit failed: Can't assign requested address

No more freezes since tuning the BIOS like said, so a big THANK YOU!

One more issue still remains, it seems that rebooting router does make it not pick the right interfaces. I am wondering if there is something I can do to avoid this and assure it will pick the same eth0123 each time.

Thanks! Funny, yesterday it froze again and I ended up looking at the bios and changing few things related to power. If it freezes again I will go directly to c-state setting.

It makes sense to be bios related as it enters a very weird state which seems unrelated to the operating system.

For a router it makes sense to disable any option to put the machine into sleep. Slowdown yes but suspend or sleep nope.

What is still a big mystery is why I seen the increased occurrence only now, as I am sure nobody touched the bios. Maybe is related to newer code in powerd.


Sent from my iPhone using Tapatalk

I am using a QOTOM-Q370G4 I7 as my home router and occasionally (3 times this year) the router freeze and stopped responding to anything. http://www.qotom.net/product/32.html

Even plugging and unplugging it after 10s did not make it boot again but using the RESET button did the trick.

When it froze I can see the LAN lights flashing, the HDMI connection does not work until the reset button is pressed. After this it will boot normally.

The worst part is that I have zero logs from before the boot. Last time when it happened it was last night and mainly coincidentally exactly at midnight.

I really doubt that it could be a thermal issue because the CPU stays around 40-45 Celsius, I have PowerD enabled and using HiAdaptive. Also it is on UPS and I am not having any fluctuations around.

What can it be or how can I reconfigure it to assure that it keeps some logs?

I am afraid that this may never materialize because these distributions were designed to be click-interface configurable from day one, with no API in mind. That is one of the reasons why I am still looking for a replacement router operating system, one that is still open-source but that is also designed to be configured with configuration-management tools (nope downloading entire config and reuploading it is not what I would call CM, at least not good-CM). Sadly nothing at the horizon.

This reminds me that is still impossible to deploy a cron user script job that persists reboots or updates. The only cron activities possible are plugin exposed commands, not possible to write your own.

I am still hopping to find a simple solution for including a mini dashboard item regarding the caching status, not a hack.

The current GUI implementation for cron does not allow a user to add a specific command to be run without creating a patch. Every time you will update the router your custom command will be lost.

How can I made this work persistently so I so not have to rerun all my configuration management scripts to repair the upgrade "damange".

Before someone asking about https://docs.opnsense.org/development/backend/autorun.html -- the answer is no, because I have a special script that runs every minute, refreshing an OTP token.

I still see `notice: sendto failed: Permission denied` in the logs with 19.7 version without any clue of what can be wrong.

Is https://github.com/opnsense/plugins/issues/540#issuecomment-527805198 the same bug? Apparently I cannot make haproxy to bind to ipv6 address. Maybe someone knows a trick about that?

@payback007 is right: the only way to make it work is to follow the complex process of stop,reset,reboot,start... and I mention that I did not do any dirty tricks around squid.