Messages

OK, I think I have found documentation explaining how to do what I'm looking for.

https://docs.opnsense.org/manual/how-tos/shaper_prioritize_using_queues.html

I didn't recognise on first look because example is a bit confusing. In example weight 9 means 9MBit which suggest that weight is specified in megabytes, but in fact weight is stated as percentage of the pipe bandwidth.

So now I have pipes, I made the queues, but stucked on rules.
Thing is, that I'm afraid I'm confusing what is source what is destination.
What is source port and what is destination?

I'm very new in OPNsense, but test installation had on 20.1 and when decided to install for real, 20.7 was released and I installed it.
As I'm new in that topic I wasnt speeding in installation, but in current situation machine didn't take its place and I'm considering to install something else - but can I install 20.1 and not upgrade to 20.7?
For me errors are:

1. If I leave Lobby/Dashboard page open (or any other page with graphs) it is very likely page will crash and will stop refreshing.
2. Two times I experiencet total freez with kernel panic- had to manually restart machine.
3. Quiet often while visiting web interface I'm getting information that there was an problem and I should send crash raport. Which mean machine did crash and restart in meantime.

I'm not using anything specific of plugins, not even Shaping configured yet - just OpenVPN and ZeroTier, and actually just through OpenVPN some data are being transfered. Installation on AMD64 architecture.

Hi,
I saw lots of tutorials about QOS with pipes and rules, but none of them explained how the pipes will act in certain situations.

In FreshTomato QOS is also based on kind of pipes, but there its clear how it works.
In there pipes are set for each service. You can set minimal guaranteed bandwidth for each service, but maximum is not set, so if other services are not using their bandwidth, other services can use even 100%.

I wonder how it works in OPNsense? I can set proportions between pipes, but how it is when one pipe is empty - not in use ... is its bandwidth still reserved or can be used by other service temporarily?

Thanks
Al

Thimg is that for now my box is still in test phase. I'm still setting it up, and I'm not sure what I gonna use.
USB WiFi would be good if it would have more TX power. I'm a bit afraid that 200mW is not enough for my needs, and anyway I need also 2.4GHz because still have some devices that can't do 5GHz.
Now I'm using Linksys EA6900 (Router) which has 400mW transmit power - this is big difference.
I have also Linksys RA6500 (AP) but its TX power is probably similar to Ralink USB device, so I'm not sure if I gonna use it.

Thing is that RT6500 has 4 port switch built in - which I need anyway. If I will stay with USB dongle, I will have to buy another switch + second USB dongle for 2.4 GHz.

But external AP is managed externally, so it means I wont have control over in OPNsense.
I heared that there are Ubiquiti APs that can be managed with special scripts, but I don't believe they are in my price range :D

I'm still not sure how to resolve that WiFi/Switch issue :)

As vsible on attached screenshots it's not exactly true, what you say.
Speed indeed is limited to 54MBps (I must check if there is no other reason), but 5GHz definetely works with RT5572.
And I can confirm that my mobile did connect on that frequency.

Spikerguy, so you say that in Manjaro ARM there is hardware cursor experience? Because on RespberyOS it behave like software rendered which means it's laggy when you move it quickly.

I apologize that I forgot to mention some Raspberry Pi features that makes it usable for geeks and tinkers (camera and display slot etc). It is great thing for teenagers, students or for unique projects, but using it as PC is like driving with small excavator.

That's about RPi.
In case of OPNsense 20.7 - it is great. I found that USB WiFi adapter by Mediatec/Ralink RT5572 works perfectly, also gigabit ethernet adapters TP-Link UE300 and ANKER A7611 works as well.

Gigabit adapters are not so perfectly working as WiFi - if they go into powersaving mode, they wont be automatically reinitiated after plugging cable in.
Also for boot I had to add init script into /usr/local/etc/rc.syshook.d/early/

Code Select Expand

#!/bin/sh
usbconfig -d `usbconfig list | grep "Realtek USB 10/100/1000 LAN" | cut -c5-7` set_config 1

Ubiquity is not in my price range :D
Luckyli I found that Mediatek/Ralink RT5572 works pretty well with OPNsense.
Unluckyli it can't manage two bands, a time - so I will need another device to get both 2.4GHz and 5GHz.

Thanks :) This solved my problem :)

OK, so in that case how to remove that plugin from the list?
It's there and it's red.

After reinstallation and import of config.xml I can't install "os-unbound-plus".
It is red on plugins list, no any information available.
When I try to install it I get following message:

Code Select Expand

***GOT REQUEST TO INSTALL: os-unbound-plus***
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
All repositories are up to date.
pkg: No packages available to install matching 'os-unbound-plus' have been found in the repositories
Checking integrity... done (0 conflicting)
Nothing to do.
***DONE***

I did try to change repository mirror, flavour etc. Nothing helped.
Any idea?

Sorry, but I don't care about packet inspection. I installed OPNsense because I was looking for x86_64 router OS that will handle OpenVPN, Zerotier and some other tasks.
I used Fresh Tomato, and was happy with it, but OpenVPN client was not perfectly stable on Tomato, and Zerotier didn't work very well.
Apart of that OpenVPN needs lots of CPU power and there is not many broadband routers that could handle higher transfers trough VPN. My Linksys EA6900 could achieve just around 20Mbps - just 10% of my actual bandwidth.
That's why I googled for "x86 router OS" and OPNsense is indeed best of that what I found.
Actually OpenWRT is not bad as well, but ideally would be to have something like Ubuntu-Server just with webUI to manage Interfaces, NAT, firewall, WiFi.

I am the reader, and sorry to say that, but it was you who let my motivation down telling in public that OPNsense can't handle torrents traffic because of too many connections.

I still don't understand how to set QOS on OPNsense, and idea of pipes sounds strange to me. When I read about need of throttling, I started to think that OPNsense may not be worth using, and started to consider other options.
Unfortunately there is not big choice. PFsense is not much different and only real competitioner is OpenWRT which is better here, worse there.

I need to find out how to set QOS up, and if throttling will be only way to prevent unwanted situations I will switch to other software.
For now I'm going to look for some tutorials, guides etc.

Regards,
Oscarr

You didn't understood what I wrote.

You are saying that BitTorrent is opening to many connections that OPNsense can't manage and thats the reason of problems.
I'm saying that if cheap ADSL routers with manufacturers firmware can handle BitTorrents, than much better hardware with OPNsense installed should have no problems at all. If it does have problem with Torrents we all should go and find another OS.

Single core router with 256MB RAM for 50 bucks can handle torrent clients and number of PCs, but much more powerful machine with OPNsense can't?
IMHO it is question of settings... or we all should find another firewall software.

OK, I understand - it's better to not bother.

But, your answers confused me, a bit.
If I use external AP, why I need any scripts for OPNsense if I can simply use WEBUI of AP?
Is there any benefit of using these scripts?

And after all, why OPNsense is not based on Linux? What has freeBSD that Linux hasn't ?