Messages

To add some more info:

I have a LAN for wired devices and about 5 VLANs for wireless devices.

After rebooting a few times, each time the outcome is slightly different, I experienced the following with no obvious reason or pattern:

LAN works but none of the WLAN VLANs
WLAN VLANs all work but not the LAN
Nothing works
LAN and a couple of WLAN VLANs work, but not some of the others.

Every time, it is the same - normal internal access, able to access OpnSense but unable to access the Internet - it seems to be that traffic is not forwarded back to the device trying to access.

Just clicking save then apply on any interface then causes everything to work normally again every single time, after it refreshes all the interfaces.

There doesn't appear to be any difference to the routing table when it is working or not.

IPv6 is completely disabled (as Ziggo is unreliable).
There is only one Gateway and WAN interface.

I have a similar issue I just raised here - https://forum.opnsense.org/index.php?topic=38050.0

In my case however, it is occuring after the Opnsense has rebooted. So I have to just cycle any interface and then it all works again.

Hi all,

I am running the following:

OPNsense 23.7.11-amd64
FreeBSD 13.2-RELEASE-p7

On an i5 with 4 port Intel NIC, connected to a Ziggo Giga box in bridge mode.

This has been running reliably for the last couple of years with regular updates. However the last week or so I noticed that after a reboot devices on the LAN or VLANs are able to communicate with each other and the Opnsense box but not the Internet.
When I check the firewall logs I can see the traffic is being allowed out, it is like nothing is being returned to the device. The routing table appears to be normal.

I can still connect to the Opensense box over the WAN using my VPN as normal when this happens as well.

What does resolve the issue, is to just go to any interface and hit save and then apply, without changing anything, and after it reloads all of the interfaces everything works as normal.

I cannot see anything unusual anywhere, does anyone else experience this with a recent update?

Thanks!

Yes these are people having issues with getting any connectivity at all, my issues does appear to be quite different.
The exception I found was someone who has their connection drop after several minutes, however in my case the packetloss will randomly start and increase, then it will rectify itself. There is nothing in my own logs that I can find.

Also I found the following:

- Sometimes the gateway shows as down because dpinger can no longer reach the target, if I ssh into Opnsense then I cannot ping out either. However devices on the LAN can reach out over IPv6.

- Sometimes it is as above but all connectivity is completely lost, including from the LAN

- It will always resolve itself eventually, but there is no apparent pattern.

- It does not seem to occur during the very early hours of the morning.

- Rebooting everything sometimes solves and sometimes does not (it could be it just resolves itself anyway if it is external).

- Nothing is shown being blocked in the firewall

- I took screenshots of the routing tables during the issue and when everything is OK and they are identical.

- I did a traffic sniff on the WAN port during one of the instances where the LAN had connectivity but not the firewall itself, you could see the ping requests and responses from the LAN, and the ping requests but no response on the WAN.

I also did a clean install and reimported my configuration and the issue persists.

So I'm starting to think it is Ziggo, but is there anything else I can check or some logs I have overlooked anyone is aware of? Thanks!  :)

Hi all,

I recently set up IPv6 on my Opnsense box going through the Ziggo Connectbox in bridge mode, however are am seeing a lot of random packetloss for extended periods of time.



Meanwhile IPv4 is not showing this at all, apart from the usual 'blips' now and then.

When this happens, IPv6 external connections become unstable and then impossible as it fluctuates around and reaches 100% loss.

Has anyone else experienced this? Is this just Ziggo, or is there something I should check on my end? The fact IPv4 is working fine makes me think it is likely a Ziggo issue but I want to be certain.

Thanks!

It states this - pkg: No package(s) matching elasticsearch

It has not done it again since the last time. In top it said it was java running with the elasticsearch user as per the screenshot. So either it was not actually elasticsearch just another process using that user, or after the last reboot since then something else changed and the package was fully removed?

The issue with dropped interfaces happened again btw, so I sent the bug report as requested.

As soon as it happens again I will send the bug report, thanks Sy.

Regarding ElasticSearch, no not that I am aware of. And if I am monitoring processes via the Top command and remove Zenarmor then the Elastic process is terminated, even though I am using the external server, which implies to me it is responsible. When I reinstall and start Zenarmor, a minute or two after it is complete it starts again.

Hi all,

OPNsense 22.1-amd64
Zenarmor - 1.10.1

I have a couple of issues with Zenarmor since upgrading to 22.1
Randomly, Zenarmor seems to cause a reset of the ports. The dmesg log shows the same type of entry as if the packet engine is restarted and the Zenarmor logs show the service terminates and restarts. I have performed a clean install and again just now so I will send a bug report when it happens again.

The second issue has come about while I try to mitigate the first. In case there was a resource issue I completely removed Zenarmor and reinstalled it completely clean (i.e. not using a config backup) but attached to my external ELK stack on a separate bare metal box.
However, after the service has been running a few minutes I see the Java Elastic Search process start which consumes several GB of memory and is the reason I offloaded it in the first place. If I kill the process, it stays gone and Zenarmor and the reports seem to work from what I can see.

Can anyone assist with either of these? Thanks!  ;D