Messages

1

24.7 Production Series / Re: Registering ipv6 lan addresses in DNS?

« on: September 12, 2024, 10:09:40 pm »

Hmmz. Ofcourse, this means that it'll be using your public ipv6 prefix, which is not guaranteed.
Does dhcpd6 update the ip addresses, or will it keep using the old ones?

Or should I just like hand out specific ula's..?

2

24.7 Production Series / Re: Registering ipv6 lan addresses in DNS?

« on: September 12, 2024, 04:25:30 pm »

That is so straightforward it hurts. Thx!

3

24.7 Production Series / Re: Registering ipv6 lan addresses in DNS?

« on: September 12, 2024, 04:08:41 pm »

Ah. That works too, just have to figure out how to get the DUIDs. Thanks.

4

24.7 Production Series / Re: Registering ipv6 lan addresses in DNS?

« on: September 12, 2024, 01:06:52 pm »

I was hoping there was someone with a cool idea.

When working with dhcpv6, how does one need to configure isc dhcp to do the registration?
I have the impression it also doesn't work out of the box.

5

24.7 Production Series / Registering ipv6 lan addresses in DNS?

« on: September 12, 2024, 10:16:22 am »

Hi,

I was wondering if there's a way to get ipv6 addresses registered in unbound for resolving in the local lan, without having to do this manually?

I'm in the process of reconfiguring my internal network to also fully support IPv6 using SLAAC. I've also added an ULA so ideally I'd like to have that be automatically registered in unbound - but sofar the solution is eluding me.

The only way I see forward is to use dhcpv6, but if I can avoid an extra service (also android devices don't do dhcpv6), it'd be fantastic.

6

24.7 Production Series / Re: N100 Box - update from 24.7.1 to 24.7.2 results in much higher power draw

« on: August 26, 2024, 03:56:28 pm »

Have you checked if there is any process that is using a lot of cpu?

7

General Discussion / Re: Option to Opnsense?

« on: August 25, 2024, 12:40:19 pm »

I've moved from the unifi usg to opnsense, because of the lack of options and control.

I do miss the unified pane of glass where you see and control it all, but I'd never go back.

8

24.1 Legacy Series / Re: Update my opensense from 22.7 to 24.2 no internet.

« on: April 16, 2024, 11:24:44 am »

You'll really have to post more information - all setups are individual, there's no way to know what might be blocking your traffic.

Screenshots of your configuration might help. It's a big jump (which was probably never tested).

9

Hardware and Performance / Re: PCENGINES APU[1-7] Coreboot SeaBIOS Open Source Firmware

« on: April 16, 2024, 07:45:28 am »

Awesome news! Thank you!

How usable is the UEFI build at this point?

10

24.1 Legacy Series / Re: DNS aliases for WAN hostnames

« on: March 01, 2024, 12:55:37 pm »

Wouldn't there be a possibility to use some form of dyndns system (eg. Gandi has their own) to register the different hostnames, which are all CNAMES pointing at a haproxy setup, which then listens on port 161 and forwards the traffic based on the hostname? SNMP can use TCP, so this should work, I think.

Per server required you just have to register the necessary CNAME record.

11

23.7 Legacy Series / Unbound blocklists - slow loading/slow statistics

« on: August 08, 2023, 07:57:41 am »

Hi,

I've been trying to use the unbound blocklists now for +- 6 months from the previous release into this one), and while they work, it's

• exceedingly slow to load, blocking DNS entirely during the load for 5-10 minutes
• activating the statistics dashboard takes quite some cpu load
• opening the stats dashboard is also exceedingly slow - getting any data in it takes an actual minute

Is this 'normal' for the unbound blacklist implementation? I've reverted to using Adguardhome which does not suffer from this, even when running next to Opnsense on the same box.

The hardware I'm running on is not the most powerful - an APU2E4, and I'd love to go back to just using unbound, but the fact that every time I change something in the block list or whitelist a domain it takes forever to settle has caused some ruffled feathers at home.

12

23.1 Legacy Series / Re: 23.1.5_4 Unbound Whitelist Domains Broken

« on: June 16, 2023, 03:09:44 pm »

You just need to add the domain (so giphy.com), not the domain/*

13

22.7 Legacy Series / Opnsense web interface unreacheable - listen queue overflow

« on: October 25, 2022, 05:05:42 pm »

I've been having this problem from when I started with Opnsense (20.1 series): after a while the web interface stops responding, and the logs are flooded with

Code: [Select]

sonewconn: pcb 0xfffff800840e5ba0 (192.168.20.1:443 (proto 6)): Listen queue overflow: 193 already in queue awaiting acceptance (6 occurrences)
sonewconn: pcb 0xfffff800840e5ba0 (192.168.20.1:443 (proto 6)): Listen queue overflow: 193 already in queue awaiting acceptance (6 occurrences)
sonewconn: pcb 0xfffff800840e5ba0 (192.168.20.1:443 (proto 6)): Listen queue overflow: 193 already in queue awaiting acceptance (6 occurrences)

Restarting the web interface using

Code: [Select]

/usr/local/etc/rc.restart_webgui
helps, but I'm curious as to what actually causes this and how to fix it?

14

20.7 Legacy Series / Re: arp timeouts on VLAN cause connection interruptions

« on: April 13, 2021, 08:27:49 am »

If you're using Ubiquity gear, checkout this post:

https://www.reddit.com/r/Ubiquiti/comments/mlit54/problems_with_broadcastmulticast_traffic_on_uap/

15

20.7 Legacy Series / Re: arp timeouts on VLAN cause connection interruptions

« on: March 02, 2021, 07:37:26 pm »

In the end it was the access point causing corruption.

Since I'm running the latest beta 5.53 on my APs, the problems seem to have vanished...

Sent from my SM-T970 using Tapatalk