"
Didn't check for changes but the recommendation is to update root hints every 6 months.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
25.7, 25.10 Series / Re: [25.7] unbound as recursive dns server doesn't seem to work
July 26, 2025, 04:16:56 PM #2
25.7, 25.10 Series / [25.7] unbound as recursive dns server doesn't seem to work
July 26, 2025, 09:49:45 AM
UPDATE: never mind, network configuration error (upstream firewall still had DNS redirects)
Only valid comment is that the root.hints could use an update. Hints delivered with 25.7 are from 2023.
I'm very excited about installing the new OPNsense 25.7 on my new firewall, so I decided to start from scratch. I think I have found a bug.
After a clean install I run the setup wizard, disable the Override DNS setting and DO NOT configure a DNS server. I am expecting unbound to go out and contact root servers configured in /var/unbound/root.hints but instead unbound is throwing a SERVFAIL:
root@opntest:~ # drill . ns
;; ->>HEADER<<- opcode: QUERY, rcode: SERVFAIL, id: 43209
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; . IN NS
;; ANSWER SECTION:
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
;; Query time: 3 msec
;; SERVER: 127.0.0.1
;; WHEN: Sat Jul 26 09:33:57 2025
;; MSG SIZE rcvd: 17
What am I missing?
Btw; unrelated, the root.hints could use an update. Hints delivered with 25.7 are from 2023.
Only valid comment is that the root.hints could use an update. Hints delivered with 25.7 are from 2023.
I'm very excited about installing the new OPNsense 25.7 on my new firewall, so I decided to start from scratch. I think I have found a bug.
After a clean install I run the setup wizard, disable the Override DNS setting and DO NOT configure a DNS server. I am expecting unbound to go out and contact root servers configured in /var/unbound/root.hints but instead unbound is throwing a SERVFAIL:
root@opntest:~ # drill . ns
;; ->>HEADER<<- opcode: QUERY, rcode: SERVFAIL, id: 43209
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; . IN NS
;; ANSWER SECTION:
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
;; Query time: 3 msec
;; SERVER: 127.0.0.1
;; WHEN: Sat Jul 26 09:33:57 2025
;; MSG SIZE rcvd: 17
What am I missing?
Btw; unrelated, the root.hints could use an update. Hints delivered with 25.7 are from 2023.
#3
23.7 Legacy Series / Re: Telegram Notifications
November 11, 2023, 09:54:08 AM
I would like to +1 this request. Recently migrated from pfSense to OPNsense and really like OPNsense a lot. But Monitoring is one of the features that works much easier and more intuitive in pfSense.
An easy way to setup e-mail and Telegram notifications would be very much appreciated. Monit seems extremely versatile, but it is difficult to understand as a new user. E.g. I would like to be notified if someone succesfully connects to Wireguard. Can't figure it out (yet).
An easy way to setup e-mail and Telegram notifications would be very much appreciated. Monit seems extremely versatile, but it is difficult to understand as a new user. E.g. I would like to be notified if someone succesfully connects to Wireguard. Can't figure it out (yet).
#4
Virtual private networks / Wireguard multiple VPN server endpoints - round robin?
October 10, 2020, 10:08:05 AM
Hi, I've successfully setup my OPNsense firewall as a wireguard client. My VPN provider provides many servers, so I have configured multiple under "endpoints". OPNsense allows me to enable multiple, but it will always send traffic to the first enabled in the list.
Is there any way to periodically switch automatically between VPN servers?
Is there any way to periodically switch automatically between VPN servers?
Pages1
