Messages

Does not work. I'm with DynDNS, and the old plugin worked fine. The new plugin has no indication whatsoever if it ran successfully or not, and the logs remain empty in my setup. Checking the update logs on the DynDNS side show zero activity from the new plugin... I'm 'reachable' by the grace if the last dynamic DNS update from the old plugin and the fact that my 4G did not reboot yet.... Same multi-wan setup here... Going to revert back to the old plugin until ddclient runs reliable...

I'm relatively sure that I'm not the only one that applied the following fine-tuning to my set-up to improve Intel I210-AT NIC performance on APU boards.

https://teklager.se/en/knowledge-base/apu2-1-gigabit-throughput-pfsense

The last upgrade contained apparently new Intel drivers. Performance on all Intel nic's was severely impacted and I needed to revert all changes proposed in the article from Teklager back to the original values / remove before I had a normal working system again. If you have performance issue's it's worth having a look at System -> Settings -> Tunables and remove / adapt non-standard settings there.

Hi,

I have a device on my network (still trying to find the port where the MAC goes through) that announces itself at random intervals, but always with sharp 60 minutes intervals at my DHCP with the fake MAC 88:88:88:88:87:88. It receives always the same IP, hence it's something that 'respects' leases and DHCP', or my OPNSense will always give it the same IP regardless of being a 'good DHCP client or not'.

The device always uses the hostname 'spare'. When I check the logs of my firewall for this internal IP I see one outgoing connection to an Azure IP at Microsoft in Paris (20.199.120.85) on port 443.

Whois does not tell me a lot, nor trying an HTTPS Connection to the mentioned IP on port 443.

Has anyone seen something similar ? Knows what this is ?
Can I 'program' a packet capture once it shows up again ? E.g. when this internal IP is given out by the DHCP for a next 'call home' ?

It seems to 'sleep' during the day, but will 'wake up' at night and do it's hourly polls....

Suggestions ? Tips ? Idea's ?

Much appreciated...

Willem

Worked a dream, many thanks for your help !

Issue with the only shortly working alias IP's was that I migrated from a virtual machine to a physical device and as always the problem was between the keyboard and the screen, using the same IP on two devices on the same VLAN is never a good idea if it's not governed by CARP or something else ;-)

Thx !

Ah, so I actually don't need the VIP if I just want an inbound NAT to e.g. propose a web-server or mail-server and just citing 'an IP' will do in the rule as long as ISP-wise I have that IP / subnet ?

Hi,

I have a fixed public IP I receive from my ISP over DHCP. They have me 'linked' to a given MAC that I set as
hardware address and I receive w/o any problem my single fixed-IP address.

I asked them for a small subnet (/29) for 5 extra public IP's. I added these 5 additional IP's as aliases to the same DHCP - WAN interface. I tried both 'IP Alias' (as per the doc of OPNsense) and also CARP with a single node.

When I use 'IP Alias' everything works fine and with good performance for appox. 5 minutes, then it's like the IP address becomes 'unknown' and it stops working. When I open a shell on the box and type a ifconfig -a the aliases are still visible.

When I use CARP as virtual IP protocol the connection remains accessible, but with very bad performance and a lot of packet loss.

Any suggestions ?