Messages

1

20.7 Legacy Series / Re: ipv6 wan dhcp stops working after a while

« on: November 10, 2020, 12:20:40 am »

I've seen mine lose their IPv6 address and delegated prefix, but usually can't get it back without turning everything off, and then waiting a while before turning it back on.


Sent from my iPad using Tapatalk

2

20.7 Legacy Series / NPTv6 with multi-wan that uses DHCPv6 possible?

« on: November 05, 2020, 07:34:30 am »

Is it possible to use network prefix translation for IPv6 when multi-wan failover is configured, and both ISPs are delivering IPv6 addresses (and delegated prefixes) via DHCP? The config page for NPTv6 appears to want a static WAN prefix, which may change depending on the wan failover gateway.

3

20.7 Legacy Series / Re: AT&T WiFi calling on iOS drops outbound audio

« on: September 17, 2020, 07:19:11 pm »

I am also having problems with Zoom dropping my outbound audio. I'm starting to suspect some UDP session or NAT mapping problems are causing both issues. Did NAT mapping change in a big way in this newest release?

4

20.7 Legacy Series / AT&T WiFi calling on iOS drops outbound audio

« on: September 02, 2020, 04:37:36 am »

On 20.7 (and perhaps prior release) I am unable to reliably use AT&T WiFi calling on iOS. I've attempted to set up static NAT rules for ports 500/4500, but outbound audio drops after a few seconds regardless of settings used. I'm also on AT&T uverse/fiber behind their residential gateway, but OPNsense has the public IP address.

Does anyone have AT&T WiFi calling working behind OPNsense, especially if they're also on AT&T u-verse or fiber? Can someone explain how one gets this working?

5

20.7 Legacy Series / Re: Unbound returns no result for public dns with private IP address ranges.

« on: August 23, 2020, 05:03:59 pm »

Yes, this worked on 20.1 without any workarounds.

I was looking for a non-prod example, but the domain

Code: [Select]

build.shipstation.com is in a 10.0.0.0/16 subnet, and the latest unbound on OPNsense returns an empty answer. Other entries in the domain, such as

Code: [Select]

ss.shipstation.com work fine via unbound.

I know mixing public and private entries on a zone is not a great practice, and hosting private entries on a public zone isn't either, but this mess has been in place for too many years to start changing...

Is there any way, via the interface, to disable rebinding protection, maybe for specific domains?

6

20.7 Legacy Series / Re: Unbound returns no result for public dns with private IP address ranges.

« on: August 11, 2020, 01:09:50 pm »

Let me explain better... for example, if I have two hostnames:

public.example.com A 1.1.1.1
private.example.com A 10.0.0.42

Unbound returns the proper response for public.example.com, but returns an _empty_ response for private.example.com.

7

20.7 Legacy Series / Unbound returns no result for public dns with private IP address ranges.

« on: August 08, 2020, 03:50:58 am »

Prior to 20.7, I was running Unbound, and it would properly resolve and return _public_ DNS entries that pointed to _private_ IP address ranges (in a 10.0.0.0/8 subnet). After upgrading to 20.7, public IPs resolve fine, but any dns entry containing an address in a private address space returns no result. It does _not_ return nxdomain, just an empty response.

8

20.1 Legacy Series / Re: multiple ipv6 PDs on AT&T U-Verse

« on: June 18, 2020, 05:44:36 am »

Yes, I've tried that. That appears to work. However, when I go to set the other interfaces to track the wan interface, OPNsense complains that the prefix is already in use. I can't assign the prefixes to other interfaces.

9

20.1 Legacy Series / multiple ipv6 PDs on AT&T U-Verse

« on: June 17, 2020, 07:18:00 am »

AT&T U-Verse has an odd habit of only handing out /64 IPv6 prefix delegations, but I can request 8 of them. I am trying to follow the advice of this article, but cannot get additional interfaces working. I get an error in the UI that the PD prefix is already in use. Is there any way to manually bypass this check?

https://forums.att.com/conversations/att-fiber-equipment/ipv6-prefix-delegation-to-3rd-party-router-not-working-2020-edition/5e98da19fd08354359ccd447?commentId=5e9b3ea5758fed7722fd4361&replyId=5eb1a6b372a09d7a3fc8f1fb

10

20.7 Legacy Series / Raspberry Pi 4 a target for this release?

« on: June 12, 2020, 08:28:22 am »

I read some trials and tribulations getting the prior version on a RPI 3, but has there been any effort to get this on a Pi 4? Is that desirable for this release?