"
I understand the new "experimental" section in the firewall rules can replace the "rules" in the shaper setting, nothing more.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#2
25.1, 25.4 Production Series / Re: Default pagination setting
February 09, 2025, 02:49:33 PM
I'd LOVE that, too :-)
#3
25.1, 25.4 Production Series / Re: firewall: add experimental inline shaper support to filter rules
January 26, 2025, 07:25:39 PMQuote from: dMopp on January 26, 2025, 04:50:10 PMBut I wanna use Bandwith priorisation based on source / target / protocol (whatever) in place, too. So my IPTV is working WHILE steam is downloading big blobs.You should not need this -- FQ_codel should automatically handle this (i.e., prioritising bursty IPTV and putting steam in the background).
#4
25.1, 25.4 Production Series / Re: After RC2 - Dashboard shows view pending updates without any updates to install
January 24, 2025, 09:40:16 PMQuote from: AhnHEL on January 24, 2025, 07:43:41 PMI see this as well but it happened when upgrading from r_6 to r1 and r2 did not make it go away.Same here.
#5
24.7, 24.10 Legacy Series / Re: ZFS trim and scrub
January 21, 2025, 01:19:13 PMQuote from: meyergru on January 19, 2025, 04:37:14 PMFor the default zroot pool, autotrim is on. While you could scrub, it would only be useful if you had multiple disks.I tend to disagree: a scrub will check the checksums and therefore
show if the file system is corrupted.
It won't be able to self-heal with just one disk, but it will be able to tell you that you need to pay attention to that pool (e.g. replace the disk and restore from backup).
#6
24.7, 24.10 Legacy Series / Re: IPv6 gateway high packet loss on WAN upload with shaping
January 16, 2025, 10:34:47 AM
Traffic shaping breaks some IPv6 functionality (esp. DHCPv6 / ICMPv6).
"Real" traffic, though, is not affected I think.
See https://github.com/opnsense/core/issues/7342
So it _might_ be that the packet loss shown is real, as it is packet loss of ICMPv6 only, but your speeds are fine, as those are unaffected TCP/IP(v6) traffic.
"Real" traffic, though, is not affected I think.
See https://github.com/opnsense/core/issues/7342
So it _might_ be that the packet loss shown is real, as it is packet loss of ICMPv6 only, but your speeds are fine, as those are unaffected TCP/IP(v6) traffic.
#7
25.1, 25.4 Production Series / Re: OPNsense 25.1-BETA | feedback
January 15, 2025, 09:45:56 PM
Been running 25.1 since December. No issues encountered. Thanks for all the work on OPNsense!
#8
German - Deutsch / Re: IPv6: Verliere Verbindung bei M-Net (renew/rebind geht ins Leere)
January 03, 2025, 02:58:26 PM
Habe gerade etwas Zeit zum testen gehabt. Derzeit unter 25.1-beta (das Verhalten unterscheidet sich aber nicht von 24.7.x).
Vermutlich habe ich die Ursache gefunden: Shaping.
Sobald ich traffic shaping (FQ-Codel) für "ip" verwende, tritt o.g. Fehler auf (der DHCPv6 renew request geht nicht über das WAN-Interface raus).
Schalte ich upstream shaping aus oder beschränke es auf "ipv4", funktioniert es problemlos:
Shaping von "ip" oder "ipv6" im upload führt zum o.g. Fehler. Download-shaping macht keinen Unterschied.
Es handelt sich also möglicherweise um das gleiche Fehlerbild wie https://forum.opnsense.org/index.php?topic=39624.0 / https://github.com/opnsense/core/issues/7342
Edit: Ja, gleicher Fehler -- sobald ICMPv6 vom shaping erfasst wird, geht es schief. Alles andere (TCP, UDP, ...) über IPv6 kann geshaped werden.
FYI @franco / @meyerguru
Vermutlich habe ich die Ursache gefunden: Shaping.
Sobald ich traffic shaping (FQ-Codel) für "ip" verwende, tritt o.g. Fehler auf (der DHCPv6 renew request geht nicht über das WAN-Interface raus).
Schalte ich upstream shaping aus oder beschränke es auf "ipv4", funktioniert es problemlos:
Code Select
2025-01-03T14:11:37 Notice dhcp6c receive reply from fe80::46ec:ceff:xxxx:xxx%pppoe0 on pppoe0
2025-01-03T14:11:37 Notice dhcp6c send renew to ff02::1:2%pppoe0Shaping von "ip" oder "ipv6" im upload führt zum o.g. Fehler. Download-shaping macht keinen Unterschied.
Es handelt sich also möglicherweise um das gleiche Fehlerbild wie https://forum.opnsense.org/index.php?topic=39624.0 / https://github.com/opnsense/core/issues/7342
Edit: Ja, gleicher Fehler -- sobald ICMPv6 vom shaping erfasst wird, geht es schief. Alles andere (TCP, UDP, ...) über IPv6 kann geshaped werden.
FYI @franco / @meyerguru
#9
Hardware and Performance / Re: Performance guide question
October 28, 2024, 11:32:11 AMQuote from: fadern on October 23, 2024, 10:34:13 PM1, obviously :-) (2^1=2)
What to set for a 2 core system?
#10
Hardware and Performance / Re: Performance guide question
October 23, 2024, 12:04:29 AM
Use 2. Four cores is plenty enough.
#11
German - Deutsch / Re: IPv6: Verliere Verbindung bei M-Net (renew/rebind geht ins Leere)
October 21, 2024, 08:37:33 AM
Opnsense 23.1 bare Metal: PPPoE und IPv6 funktionieren problemlos:
Ich teste mich die nächsten Nächte grob durch 23.7, 24.1 und 24.7 durch ...
Code Select
2024-10-21T08:11:23 Notice dhcp6c got an expected reply, sleeping.
2024-10-21T08:11:23 Notice dhcp6c removing an event on pppoe0, state=RENEW
2024-10-21T08:11:23 Notice dhcp6c script "/var/etc/dhcp6c_wan_script.sh" terminated
2024-10-21T08:11:23 Notice dhcp6c dhcp6c RENEW on pppoe0
2024-10-21T08:11:23 Notice dhcp6c executes /var/etc/dhcp6c_wan_script.sh
2024-10-21T08:11:23 Notice dhcp6c update a prefix 2001:a61:XXXx:8000::/56 pltime=3600, vltime=7200
2024-10-21T08:11:23 Notice dhcp6c update an IA: PD-0
2024-10-21T08:11:23 Notice dhcp6c nameserver[1] 2001:a60::53:2
2024-10-21T08:11:23 Notice dhcp6c nameserver[0] 2001:a60::53:1
2024-10-21T08:11:23 Notice dhcp6c get DHCP option DNS, len 32
2024-10-21T08:11:23 Notice dhcp6c IA_PD prefix: 2001:a61:XXXX:8000::/56 pltime=3600 vltime=7200
2024-10-21T08:11:23 Notice dhcp6c get DHCP option IA_PD prefix, len 25
2024-10-21T08:11:23 Notice dhcp6c IA_PD: ID=0, T1=1800, T2=2880
2024-10-21T08:11:23 Notice dhcp6c get DHCP option IA_PD, len 41
2024-10-21T08:11:23 Notice dhcp6c DUID: XXXX
2024-10-21T08:11:23 Notice dhcp6c get DHCP option server ID, len 26
2024-10-21T08:11:23 Notice dhcp6c DUID: XXXX
2024-10-21T08:11:23 Notice dhcp6c get DHCP option client ID, len 14
2024-10-21T08:11:23 Notice dhcp6c receive reply from fe80::ee7c:5cff:fe0c:8625%pppoe0 on pppoe0
2024-10-21T08:11:23 Notice dhcp6c send renew to ff02::1:2%pppoe0Ich teste mich die nächsten Nächte grob durch 23.7, 24.1 und 24.7 durch ...
#12
German - Deutsch / Re: IPv6: Verliere Verbindung bei M-Net (renew/rebind geht ins Leere)
October 18, 2024, 07:23:19 PM
Da ich die NICs per PCI passthrough verwende, nahm ich an, dass die Virtualisierung keine Rolle spielt.
Ich setze am WE mal eine ""bare Metal" Box auf und teste es da, inkl. der tweams aus dem englischen thread.
Ich setze am WE mal eine ""bare Metal" Box auf und teste es da, inkl. der tweams aus dem englischen thread.
#13
24.7, 24.10 Legacy Series / Re: IPv6 delegation from FritzBox doesn´t work anymore
October 18, 2024, 04:48:23 PM
Not enough information.
#14
German - Deutsch / Re: IPv6: Verliere Verbindung bei M-Net (renew/rebind geht ins Leere)
October 18, 2024, 04:47:06 PM
Cross-referencing the English thread (not mine!): https://forum.opnsense.org/index.php?topic=41743.msg205110#msg205110
Es liegt ziemlich sicher an OPNsense; sowohl die FritzBox als auch eine testweise aufgesetzte Openwrt-Installation hatten dauerhaft stabiles IPv6.
Es liegt ziemlich sicher an OPNsense; sowohl die FritzBox als auch eine testweise aufgesetzte Openwrt-Installation hatten dauerhaft stabiles IPv6.
#15
24.7, 24.10 Legacy Series / Re: No public ipv6 address after upgraded to 24.7
October 18, 2024, 04:45:19 PM
This starts to sound like my problem: https://forum.opnsense.org/index.php?topic=43322.0
To summarise the German discussion:
0. Dual stack FTTH with M-Net as ISP. Connection is established via IPv4 PPPoE, IPv6 via DHCPv6 using the IPv4 link.
1. Initially, an IPv6 prefix delegation is received (over PPPoE). Everything is nice.
2. After the initial timeout, DHCPv6 tries to renew/rebind but fails.
3. IPv6 connection is lost. Only a reboot helps.
It seems from my limited investigation that the renew/rebind packets never actually are sent via WAN to my ISP and therefore cannot renew/rebind the IPv6 PD.
Alternative Routers have no issues and keep their IPv6 connection (FritzBox, Openwrt).
EDIT & UPDATE: The issue (or at least one issue) in my case was upstream traffic shaping (FQ-Codel). Turning that off enables DHCPv6 lease renew.
To summarise the German discussion:
0. Dual stack FTTH with M-Net as ISP. Connection is established via IPv4 PPPoE, IPv6 via DHCPv6 using the IPv4 link.
1. Initially, an IPv6 prefix delegation is received (over PPPoE). Everything is nice.
2. After the initial timeout, DHCPv6 tries to renew/rebind but fails.
3. IPv6 connection is lost. Only a reboot helps.
It seems from my limited investigation that the renew/rebind packets never actually are sent via WAN to my ISP and therefore cannot renew/rebind the IPv6 PD.
Alternative Routers have no issues and keep their IPv6 connection (FritzBox, Openwrt).
EDIT & UPDATE: The issue (or at least one issue) in my case was upstream traffic shaping (FQ-Codel). Turning that off enables DHCPv6 lease renew.
