"
Yes, I know that there is a specific problem - yet I think it would be better working towards a solution in OpnSense than to use external scripts.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#2
General Discussion / Re: Intermittent Packet Loss on PPPoE (OPNsense 26.1 VM on Proxmox)
Today at 09:58:15 AM
Did you enable multiqueue on the VM's network interfaces?
#3
General Discussion / Re: DynDNS client for deSEC.io
February 13, 2026, 10:58:14 PM
Are you aware that ddclient is on its way out as discussed here and that it has long be superseded by the native backend for os-ddclient?
This native backend already supports deSEC.
This native backend already supports deSEC.
#4
General Discussion / Re: ddclient and deSEC
February 13, 2026, 10:56:38 PM
Are you aware that ddclient is on its way out as discussed here and that it has long be superseded by the native backend for os-ddclient?
This native backend already supports deSEC.
This native backend already supports deSEC.
#5
General Discussion / Re: Intermittent Packet Loss on PPPoE (OPNsense 26.1 VM on Proxmox)
February 13, 2026, 06:38:53 PM
Try "bridge-mcsnoop 0".
#6
Hardware and Performance / Re: Warning about RealTek adapters - again!
February 13, 2026, 09:53:08 AM
I had an older Acquantia when their 10 Gbps specimens came out, it never worked right. AFAIK, driver support under FreeBSD lacks, too. I would take the Intel X550.
#7
Hardware and Performance / Re: Warning about RealTek adapters - again!
February 12, 2026, 08:00:04 PM
Correct. But problems with Intel chipset have been reported earlier:
https://www.hwcooling.net/en/realtek-rtl8126-suffers-from-instability-no-5-0gb-s-ethernet-this-year/
It is also clear that the cards have a problem with ASPM:
https://forums.servethehome.com/index.php?threads/realtek-10-gbe-usb-adapters-might-be-on-the-way.47683/post-489414
Wanna buy my adapters?
https://www.hwcooling.net/en/realtek-rtl8126-suffers-from-instability-no-5-0gb-s-ethernet-this-year/
It is also clear that the cards have a problem with ASPM:
https://forums.servethehome.com/index.php?threads/realtek-10-gbe-usb-adapters-might-be-on-the-way.47683/post-489414
Wanna buy my adapters?
#8
26.1 Series / Re: IPv6: OPNSense can ping, clients cannot. RA Identity association works.
February 12, 2026, 02:46:30 PM
Correct: RA mode must be unmanaged for SLAAC. I only saw "RA is not selected either", so you use RADVD.
#9
26.1 Series / Re: IPv6: OPNSense can ping, clients cannot. RA Identity association works.
February 12, 2026, 10:14:05 AM
It does not work like that (you already noticed, didn't you?).
Like with IPv4, there is two sides:
- WAN
- LAN
On WAN, you have to use whatever means it takes to get a WAN IP, often DHCPv4 and DHCPv6 as a client.
On LAN, you use DHCPv4 and (probably DHCPv6) as server. ALternatively, you can use SLAAC (RA) instead for IPv6.
You did neither: ISC DHCPv6, DNSmasq, RAdvd, all disabled. So how would clients get what they need. You must have IPv6 supplied to your LAN, otherwise it will not work.
There is a guide on how to do this via DNSmasq only in the official docs, instead, I prefer to do it like this.
Like with IPv4, there is two sides:
- WAN
- LAN
On WAN, you have to use whatever means it takes to get a WAN IP, often DHCPv4 and DHCPv6 as a client.
On LAN, you use DHCPv4 and (probably DHCPv6) as server. ALternatively, you can use SLAAC (RA) instead for IPv6.
You did neither: ISC DHCPv6, DNSmasq, RAdvd, all disabled. So how would clients get what they need. You must have IPv6 supplied to your LAN, otherwise it will not work.
There is a guide on how to do this via DNSmasq only in the official docs, instead, I prefer to do it like this.
#10
Hardware and Performance / Re: Warning about RealTek adapters - again!
February 12, 2026, 12:12:05 AM
No, but the reports on the internet were all over the place and some were Intel boards, too, like this:
https://www.reddit.com/r/Fedora/comments/1p1syhw/realtek_rtl8127_dropping_out/
https://www.reddit.com/r/Fedora/comments/1p1syhw/realtek_rtl8127_dropping_out/
#11
Hardware and Performance / Re: Warning about RealTek adapters - again!
February 11, 2026, 11:16:30 PM
Nope. In that BIOS, I can only set the PCIe speed for the CPU lanes and the chipset lanes separately, not per slot. And since the CPU lanes are solely used for the graphics card, I can only set all of the chipset lanes together, crippling my NVME drives.
Apart from that, I suspect that these problems are with the NICs - when you skim through the reports, you will find newer affected chipsets like X870. I doubt that my Asrock board is the culprit here and maybe even going back to PCIe 3.0 would not cut it.
After having seen these corruption problems and all my time invested chasing ghosts, I won't place any more bets on these things, either.
P.S.: I have an Aquantia here, as well. Never worked right. I even had a conversation with their CEO on that back in the day...
Apart from that, I suspect that these problems are with the NICs - when you skim through the reports, you will find newer affected chipsets like X870. I doubt that my Asrock board is the culprit here and maybe even going back to PCIe 3.0 would not cut it.
After having seen these corruption problems and all my time invested chasing ghosts, I won't place any more bets on these things, either.
P.S.: I have an Aquantia here, as well. Never worked right. I even had a conversation with their CEO on that back in the day...
#12
Hardware and Performance / Warning about RealTek adapters - again!
February 11, 2026, 10:10:11 PM
Well, you could say I should have known better - yet, I tried:
Recently, I saw an article about the new RealTek RTL8127 NIC. On paper, it looks fine: 10/5/2.5/1 Gbps, low power draw and PCIe 4.0 x1 interface, which makes it easy to fit into any mainboard - or so it seems.
Main main reason to use it were the shortcomings of other high speed RJ45 adapters, like the X550-T1. That one:
- uses much more power
- needs a PCIe 3.0 x4 slot
- cannot handle autonegotiation on some OSes
Because I have not-so-good CAT.5E cabling, I like to use 5 Gbps, but with newer Windows drivers, you cannot even fix speeds at NBase-T (5 or 2.5 Gobs), so you are mostly stuck with 1 or 10 Gbps only. Linux is a prominent example where the driver allows intermediate speeds, see this for details.
I already had a Realtek RTL8126, which can do 5 Gbps at most, but that one had a quirk: On cold boots, it was sometimes not detected at all. Only a power-cycle would help. The internet is full of discussions about that. So, I went for it and bought the RTL8127...
...only to find that it had the same quirk.
But now comes the hard part: My Windows 11 installation has gone awry in the last few weeks. Basically, I could not start Steam and Ollama any more. Nothing I did could repair it.
On I went with a new installation from scratch and restoration of my user files afterwards. Then, I had to install every application again.
System worked fine for ~24 hours, then I noticed strange things happening: My desktop icons flashed ever 0.5 seconds and I could no longer set the default browser. No repairs worked here, either.
Since I still had the profile backup, I decided to repeat the whole process. While I was doing that, I tried to relocate the RTL8127 into another PCIe slot. This time, the restoration of my user profile showed 3 CRC errors. I was quite sure there were no problems on the source.
So, the plot thickened: Obviously, in my X570 board, the PCIe 4.0 slots attached to the chipset have problems. The X570 chipset was the first to use PCIe 4.0, so the implementation may be flaky. At the time, nobody would have noticed, because most PCIe cards only supported PCIe 3.0 anyway.
Now, the problem manifests in two ways:
1. The NICs may sometimes go undetected during cold start PCIe training.
2. The data that is transferred to the mainboard can get corrupted. This became very obvious when I installed some 500 GByte of software and data over the network.
I am quite sure that this caused all the other problems, too.
TL;DR: The newer Realtek chips RTL8126 and RTL8127 do not run reliably on older hardware that "supports" PCIe 4.0.
Of course, this is independent of OS. You might also say that is not Realtek's fault, but at least, it does not happen with the Intel X550-T1, which only uses PCIe 3.0. BTW: It only works with either PCIe x4 or x1, so my x2 slot was a waste.
Recently, I saw an article about the new RealTek RTL8127 NIC. On paper, it looks fine: 10/5/2.5/1 Gbps, low power draw and PCIe 4.0 x1 interface, which makes it easy to fit into any mainboard - or so it seems.
Main main reason to use it were the shortcomings of other high speed RJ45 adapters, like the X550-T1. That one:
- uses much more power
- needs a PCIe 3.0 x4 slot
- cannot handle autonegotiation on some OSes
Because I have not-so-good CAT.5E cabling, I like to use 5 Gbps, but with newer Windows drivers, you cannot even fix speeds at NBase-T (5 or 2.5 Gobs), so you are mostly stuck with 1 or 10 Gbps only. Linux is a prominent example where the driver allows intermediate speeds, see this for details.
I already had a Realtek RTL8126, which can do 5 Gbps at most, but that one had a quirk: On cold boots, it was sometimes not detected at all. Only a power-cycle would help. The internet is full of discussions about that. So, I went for it and bought the RTL8127...
...only to find that it had the same quirk.
But now comes the hard part: My Windows 11 installation has gone awry in the last few weeks. Basically, I could not start Steam and Ollama any more. Nothing I did could repair it.
On I went with a new installation from scratch and restoration of my user files afterwards. Then, I had to install every application again.
System worked fine for ~24 hours, then I noticed strange things happening: My desktop icons flashed ever 0.5 seconds and I could no longer set the default browser. No repairs worked here, either.
Since I still had the profile backup, I decided to repeat the whole process. While I was doing that, I tried to relocate the RTL8127 into another PCIe slot. This time, the restoration of my user profile showed 3 CRC errors. I was quite sure there were no problems on the source.
So, the plot thickened: Obviously, in my X570 board, the PCIe 4.0 slots attached to the chipset have problems. The X570 chipset was the first to use PCIe 4.0, so the implementation may be flaky. At the time, nobody would have noticed, because most PCIe cards only supported PCIe 3.0 anyway.
Now, the problem manifests in two ways:
1. The NICs may sometimes go undetected during cold start PCIe training.
2. The data that is transferred to the mainboard can get corrupted. This became very obvious when I installed some 500 GByte of software and data over the network.
I am quite sure that this caused all the other problems, too.
TL;DR: The newer Realtek chips RTL8126 and RTL8127 do not run reliably on older hardware that "supports" PCIe 4.0.
Of course, this is independent of OS. You might also say that is not Realtek's fault, but at least, it does not happen with the Intel X550-T1, which only uses PCIe 3.0. BTW: It only works with either PCIe x4 or x1, so my x2 slot was a waste.
#13
German - Deutsch / Re: Upgrade auf 26.1
February 11, 2026, 06:08:59 PM
OpnSense, wenn es auf ZFS installiert ist, hat ein eingebautes Snapshot-Feature - dazu braucht es keine VM.
#14
Hardware and Performance / Re: DEC750: can I mix 2.5/5Gbps and 1Gbps link speeds over the SFP ports?
February 11, 2026, 12:44:45 AM
SFP+ slots support at least 1 and 10 Gbps speeds. Only some support 2.5 and 5 Gbps with a mode called HSGMII, which needs different frequencies.
Thus, the dual-slot AX adapter may support SGMII frequency / mode, just not mixed with another module that uses frequencies for 1 or 10 GBps (not withstanding that some SFP+ ethernet modules work with 10 Gbps on the SFP+ side and can adapt to 1/2.5/5/10 Gbps on the ethernet side).
That being said, I think 1000 Mbps SGMII mode is different from "normal" 1000 Mbps mode like what is used in an SFP slot - at least I think I remember to have seen something in the speed and duplex settings of my DEC750 ax interfaces, but I am not sure.
The Luleey modules is known to not work with a Mellanox Connect-X3 and maybe others. Because of the problems with HSGMII speeds, I have switched to external GPON ONTs with 2.5 Gbps ethernet - those work just fine.
At this time, I would probably go directly to an XGS-PON SFP+ stick - it should work with 10 Gbps right away and you can still use it when you ISP makes the switch.
Thus, the dual-slot AX adapter may support SGMII frequency / mode, just not mixed with another module that uses frequencies for 1 or 10 GBps (not withstanding that some SFP+ ethernet modules work with 10 Gbps on the SFP+ side and can adapt to 1/2.5/5/10 Gbps on the ethernet side).
That being said, I think 1000 Mbps SGMII mode is different from "normal" 1000 Mbps mode like what is used in an SFP slot - at least I think I remember to have seen something in the speed and duplex settings of my DEC750 ax interfaces, but I am not sure.
The Luleey modules is known to not work with a Mellanox Connect-X3 and maybe others. Because of the problems with HSGMII speeds, I have switched to external GPON ONTs with 2.5 Gbps ethernet - those work just fine.
At this time, I would probably go directly to an XGS-PON SFP+ stick - it should work with 10 Gbps right away and you can still use it when you ISP makes the switch.
#15
26.1 Series / Re: 26.1.1 MTU Issues on PPPoE
February 10, 2026, 10:13:08 PMDid you also use traffic shaping? Maybe the old ISP had lower speeds and you shape it to fit? Happened before...
Just saw that you disabled all shaping...
No idea what could be wrong.
