Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Georges

Pages: [1] 2 3 4

General Discussion / Re: CrowdSec IP Blocklist

« on: June 05, 2022, 08:26:05 am »

Quote from: andrewoliv on June 01, 2022, 04:15:03 pm

I have CrowdSec up and running on my OpnSense instance. My understanding is that CrowdSec is protecting my WebGUi service from Brute Force Attacks.

I had heard CrowdSec was going to release an IP blocklist of their own that OpnSense users could build an Alias for (ie Spamhaus). Ran into this on the CrowdSec website:

sudo apt install crowdsec-blocklist-mirror

Was wondering if I could Somehow build an alias? Any suggestions? It appears CrowdSec is maintaining a blocklist.

Hello

https://github.com/crowdsecurity/opnsense-plugin-crowdsec

v0.0.6

crowdsec update 1.3.1.r1
bouncer update to 0.0.23.r1
automated creation of Alias and Rule objects

They already have alias.

General Discussion / unknown dhcp option error

« on: June 05, 2022, 08:23:29 am »

Hello,
I'm on a DECISO Appliance ( AMD GX-420MC SOC (4 cores, 4 threads))
OPNsense 22.4_2-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1o 3 May 2022

Since the FreeBSD 13, each day, my internet connection is lost and i found on the log "unknown dhcp option error"
I just need to reboot to fix it.
I'm using my OPNsense to replace my ISP Box.

Any idea?

Hardware and Performance / ONT 82599ES GPON-ONU-34-20BI

« on: March 04, 2022, 04:32:00 pm »

Hello,

i'm on 21.10.3 with a Deciso Appliance with AMD GX-420MC SOC
I order a ONT GPON-ONU-34-20BI https://www.fs.com/fr/products/133619.html
But it is not working.
My SPF+ are
vendor = 'Intel Corporation'
device = '82599ES 10-Gigabit SFI/SFP+ Network Connection'

How can i make it work?

Thank you!

Hardware and Performance / Re: OPNsense 21.10.2-amd64 lost packet randomly

« on: February 04, 2022, 09:43:57 am »

Hi Franco,

Thank you to answer me.

For the basic test i'm doing just a ping 8.8.8.8 for around 100 request.
Not during speedtest, no load.

This is my interface connect to the internet
igb1@pci0:3:0:0: class=0x020000 card=0x00008086 chip=0x157b8086 rev=0x03 hdr=0x00
vendor = 'Intel Corporation'
device = 'I210 Gigabit Network Connection'
class = network
subclass = ethernet

My deciso is in RJ45 cat6a into brocade CAT6A into RJ45 into https://www.fs.com/fr/products/101477.html into the ISP ONT and fiber.
I think i upgrade 2 or 3 versions. Maybe i can found this in the logs?
I can't test directly now, maybe the problem is the brocade. I will test tonight or this weekend. (I have rebuild all my Server Rack, sounds like a match with the start of the drop)
I will answer once i test it. Thank you for the tips.

Just test it now and no drop for 200 requests.

Hardware and Performance / OPNsense 21.10.2-amd64 lost packet randomly

« on: February 03, 2022, 07:32:37 pm »

Hello,

This is my DECISO Appliance

Versions OPNsense 21.10.2-amd64
FreeBSD 12.1-RELEASE-p21-HBSD
OpenSSL 1.1.1l 24 Aug 2021
Updates Click to check for updates.
CPU type AMD GX-420MC SOC (4 cores)
I got 8Go RAM.

Since the 21.10.2 i got some strange issue.
Some packet drop. This is random.
I test using my old ISP box and no drop.
When testing speedtest i found something strange. During download no problem. But since i go to upload mode, sometimes i got the test block for secs, a pic of Opnsense CPU and then the test continue sometime increase sometime reduce do 0 Mega and error.
Exemple using the speedtest cli on the Appliance :

Speedtest by Ookla

Server: ISP
ISP: ISP
Latency: 1.70 ms (0.32 ms jitter)
Download: FAILED
[error] Cannot open socket: Timeout occurred in connect.

And other test is

Speedtest by Ookla

Server: ISP
ISP: ISP
Latency: 1.70 ms (0.07 ms jitter)
Download: 935.26 Mbps (data used: 422.5 MB)
Upload: 601.08 Mbps (data used: 271.5 MB)
Packet Loss: 0.0%

I test from the speedtest on my Computer, same behavior.

Is anyone got this lost packet and drop issue?

I didn't activate IDS and Zenarmor for the test.

Thank you for your time

Hardware and Performance / Re: ESXI/vSphere: Slow iPerf3 performance with more than 1 core

« on: February 01, 2022, 07:10:08 pm »

I have done the test with ipfire i got 750Mbps/s and opnsense 350 Mbps/s

same Esxi 6.7
ram 8go
vCPU 4
NVMe

Hardware and Performance / Re: VM performance issue 21.10.2 Business edition esxi

« on: February 01, 2022, 07:08:47 pm »

Hello, i've done new test.
esxi 6.7
firewall on nvme
4 vcpu 8go ram.
E1000 network
passing throught ipfire i got 750 Mbps/s and OPNsense 21.10.2 ... 350 Mbps/s
Any idea how to improve this?

Thank you

Hardware and Performance / Re: VM performance issue 21.10.2 Business edition esxi

« on: January 30, 2022, 07:08:22 pm »

I try with pfsense around 120Mbps/s
I try IpFire i got 300-400 0.0... compare to 30-50Mbps/s for OpnSense... it's huge.

Same vCPU 4 and 8Go RAM on the Same SSD. :/ Strange...

Hardware and Performance / Re: VM performance issue 21.10.2 Business edition esxi

« on: January 30, 2022, 05:28:00 pm »

I switch all the network adapter from vmxnet3 to e1000, i got on speed test only around 50 Mbps...

...
I really don't get it...
I test 1vCPU and 4 vCPU... same...

Hardware and Performance / Re: VM performance issue 21.10.2 Business edition esxi

« on: January 30, 2022, 04:58:47 pm »

Ok thank you.

Yes but i got more problem with the Firewall VM i got.

Hardware and Performance / Re: VM performance issue 21.10.2 Business edition esxi

« on: January 30, 2022, 10:22:58 am »

i rename the post because i think this is more a problem on the VM.

Hardware and Performance / Re: DECISO Appliance performance issue 21.10.2

« on: January 30, 2022, 10:17:35 am »

In addition

Speedtest through FirewallVM -> Appliance -> Internet around 50 Mbps
Speedtest through Appliance 940Mbps

So i can accept a little bit less, no problem... but not this difference 0.0. So i need to found why.

Thank you for your help.

My FirewallVM also run the business version.

Hardware and Performance / Re: DECISO Appliance performance issue 21.10.2

« on: January 30, 2022, 09:55:34 am »

Hello,

Yes like this :

server : iperf3 -s
client : iperf3 -c ServerIPAddress -i 1 -t 20
Windows = Physical PC
Firewall to Windows = 922Mbits/sec (so it's good)
Windows to Firewall = 765Mbits/sec (not so bad but still)

Before i test iperf3 from a VM on my esxi and my PC and i get 933Mbits/sec
And the same with my VM OPNsense
FirewallVM to Windows = 208Mbits/sec
Windows to FirewallVM = Mbits/sec (cannot make it work)

and last
Firewall to FirewallVM = bits/sec (cannot make it work)
FirewallVM to Firewall = 284Mbits/sec (not so bad but still)

So the problem is more on the VM but i they are something with the last update where i lost speed on the Appliance and even more on the VM.

The VM is on NVMe 4vCPUs 12GB RAM

Hardware and Performance / [SOLVED] VM performance issue 21.10.2 Business edition esxi

« on: January 29, 2022, 08:24:27 pm »

Hello,

This is my DECISO Appliance

Versions    OPNsense 21.10.2-amd64
FreeBSD 12.1-RELEASE-p21-HBSD
OpenSSL 1.1.1l 24 Aug 2021
Updates    Click to check for updates.
CPU type    AMD GX-420MC SOC (4 cores)
I got 8Go RAM.

When i'm doing a iperf3 between my computer i get only around 750 Mbits/sec.
When i test it between 2 computer i got around 930 Mbits/sec.

Does anyone get some issue on the 21.10.2-amd64?
And i have stop all services like zenarmor before doing this test.

I got the same kind of issue on my esxi 6.5 with OPNsense, same version where this is 35.8 Mbits...
Where my test from another VM to my PC is around 442 Mbits/sec.

Hardware and Performance / Re: ESXI/vSphere: Slow iPerf3 performance with more than 1 core

« on: January 29, 2022, 05:17:22 pm »

Hello,

I found some performance issue too.
I'm on OPNsense 21.10.2-amd64

Results with 1 core: 0.365 Gbit's
Results with 4 cores: 0.327 Gbit's

And without the modification

Results with 1 core: 0.142 Gbit's
Results with 4 cores: 0.125 Gbit's

Pages: [1] 2 3 4