Messages

Am I right in thinking that I need to set the OPNSense WAN interface to use VLAN101, and DHCP for it's IP config?  because (assuming I`m doing it right!), it doesn't seem to work.

VLAN tag must be set in the Draytek modem (as per the guide you linked), and the WAN in OPNsense must be set as DHCP, that's it!

And like OPNenthu, I never changed the default settings... anyways, it's now fixed, but frankly I don't know if it's because of the few times I did reboot the appliance or the crowdsec plugin which I had to remove and to reinstall or something else, thanks.

Not sure, do you see something wrong?

Code Select Expand

root@hush:/var/etc # cat ntpd.conf

#
# Autogenerated configuration file
#

tinker panic 0
# Orphan mode stratum
tos orphan 12
# Max number of associations
tos maxclock 10


# Upstream Servers
pool 0.opnsense.pool.ntp.org maxpoll 9
pool 1.opnsense.pool.ntp.org maxpoll 9
pool 2.opnsense.pool.ntp.org maxpoll 9
pool 3.opnsense.pool.ntp.org maxpoll 9


statsdir /var/log/ntp
logconfig =syncall +clockall
driftfile /var/db/ntpd.drift
restrict source  kod limited nomodify noquery notrap
restrict default  kod limited nomodify noquery notrap nopeer
restrict -6 default  kod limited nomodify noquery notrap nopeer
restrict 127.0.0.1  kod limited nomodify notrap nopeer
restrict ::1  kod limited nomodify notrap nopeer


I've just updated to 25.1.5_4 and after the reboot the NTP service doesn't start, anybody's seeing a similar behaviour?

I've attached some errors from the log, if it can help.

Tia.

and one more question: could you explain what the Virtual IPs are for ?

Tia.

Thanks both, turns out I had three faulty cables :-) and when tried the forth one (and the newest one), it now negotiates at 1000 Mb/s

@_Dave_
That's a great guide, many thanks. QQ: to whom the 4.2.2.1 & 4.2.2.2 IP addresses belong to?

[doktornotor]

I've followed the instructions by doktornotor here and that seems to work.

The issue I have (and I don't know what the root cause is) is that the modem GUI interface I created negotiates at 100 Mb/s rather than 1000 Mb/s: why on earth this is happening?

Tia.

Okey dokey, thanks for the responses

Lastly, would it make any difference whether before I'd backup my current configuration, I'd enable back the root user?

I'm not really sure, but I recall a post where the OP, while trying to import the backup file, went into troubles because the root user was disable.

I read the official article of how to import an existing configuration, and it seems quite straight forward.

I also came across with this post where the OP stated the importer doesn't work as expected and he used a workaround - has anybody used the  importer and in case can confirm whether or not it works as in the guide?

Tia.

Just follow the instructions:

Go to System -> Settings -> Tunables and add:

1) Enable multi threads

Code Select Expand

net.isr.maxthreads=-1
2) Enable bind threads

Code Select Expand

net.isr.bindthreads=1
3) Enable RSS

Code Select Expand

net.inet.rss.enabled=1
4) Set the value of net.inet.rss.bits
       

Code Select Expand

- for 4-core systems, use '2'
- for 8-core systems, use '3'
- for 16-core systems, use '4'
- etc.

The N100 should suffice.

Thank you, it worked :-)

I've set up two wireguard instances, one for ProtonVPN and one for Mullvad (and they both work), what I don't understand why on the dashoboard under gatewaus I can't see the Mullvad entry, any suggestions?

Tia.

[/var/log RAM disk]

I have upgraded my device to 16GB of RAM, and considering my OPNsense uses around 1.5GB (give or take), I was thinking to enable both /var/log RAM disk & /tmp RAM disk options (so I can avoid some writes to the SSD) - apart from the fact I will lose the logs on reboot, any drawback I have to be aware of?

Tia.