Messages

1

20.7 Legacy Series / Re: radvd stops announcing IPv6 prefix after a while (radvd freeze?)

« on: December 25, 2020, 09:05:35 am »

For those just joining the party, see https://github.com/opnsense/core/issues/4338#issuecomment-732397405

Thank you for the pointer.

The opnsense-patch 9a4a908 applied cleanly to OPNsense 20.7.7_1-amd64 and rtadvd is running since 15+ hours after reloading the WebUI and restarting the Router Advertisement Daemon manually, but executed no reboot so far, to avoid loss of connectivity and BGP route flaps upstream.

Now keeping an eye on it as rtadvd approaches the 20 hours mark whereabout radvd got stuck, started to fill the router log with its messages, and required a restart.

2

20.7 Legacy Series / Re: radvd stops announcing IPv6 prefix after a while (radvd freeze?)

« on: December 23, 2020, 04:55:55 am »

Having the same issue with OPNsense 20.7.7_1-amd64 on APU4 hardware. Have setup the work-around with daily restart of radvd by cron for now (using the Cron UI as pointed out by pmhausen Reply #19 above https://forum.opnsense.org/index.php?topic=19032.msg90983#msg90983 ).

3

Development and Code Review / Re: dns/powerdns-recursor as binary package

« on: November 17, 2019, 03:05:01 pm »

@mimugmail  In the mean-time, I found examples of Feature Requests in https://github.com/opnsense/tools/issues .

So I opened https://github.com/opnsense/tools/issues/165 hoping this is what you suggested.

4

Development and Code Review / Re: dns/powerdns-recursor as binary package

« on: November 17, 2019, 02:16:59 pm »

At first you should open a feature request via github/tools ..

Do I interpret your hint correctly: Install a dev/build environment by following https://github.com/opnsense/tools , then build & test a suitable package myself, and finally submit a Pull Request?

Is /ports the suitable place for that PR?

Is the port of editors/nano a good example to follow which has a binary package but not plugin in OPNsense?

Thanks.

5

Development and Code Review / dns/powerdns-recursor as binary package

« on: November 17, 2019, 09:26:27 am »

Dear all,

What does it take to get binary packages of the port of dns/powerdns-recursor which OPNsense has already in its ports tree [1], built and distributed to mirrors so that I can install it manually "pkg install dns/powerdns-recursor"  from within a shell?

It is perfectly fine for me to edit its configuration files from the command line, as I use very specific features, such as DNS Reverse Policy Zones (RPZ) with associated Protobuf log exports. Which also implies that these options need to be turned on at build-time of the port/package.

Thus a WebUI, and as I understand a "Plug-in" specific to OPNsense, is not necessary as long the Recursor daemon gets started (and monitored), reads its config from a suitable location (/etc), and writes its logs and temporary files where they belong.

Will the port with the options for RPZ and Protobuf support actually build in OPNsense/HardenedBSD using protoc and LibreSSL instead of OpenSSL?

Please bear with my question, but I am new to OPNsense, and my background is rather OpenBSD. Currently, I consider migrating a mildly complex pfSense setup to OPNsense. It runs on an APU4 from PC Engines at a coworking-space with about 100 simultaneous clients, a single Internet transit over 1/1 GE fiber, IPv4/IPv6 dual-stack, a couple of VLAN segments with specific firewall rules, various services such as HAproxy or validating DNS Firewall, and a Captive Portal which is mainly used during Hackathons.

Thank you,
Rolf

[1] OPNsense ports tree has already the current version 4.2.0 of powerdns-recursor.
 https://github.com/opnsense/ports/tree/master/dns/powerdns-recursor