Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - stich86

Pages: [1]

22.7 Legacy Series / PPPoE optimization for 10GbE

« on: December 17, 2022, 10:38:12 pm »

Hi guys,

I know the title can be funny, but here in Italy our ISP TIM has launched XGS-PON 10/2 with legacy PPPoE access.
At the moment I’ve a VM with OPNSense running into a Proxmox 7.2 host (i5 12600k as CPU), this one has 4 vCPU (that I’ve upgraded to 6) and make a speedtest using PPPoE not directly from the itself (so doing NAT) gives me only 6.3/6.5Gbps of throughput.

I’ve switched usual tunables: net.isr.dispatch to “deferred”, bind threads to 1 and max threads to -1, but looks like that cannot surpass that speed. Line obviously will never reach 10Gbps, max speed (with overhead and ISP configuration) is about 8.5Gbps and most of other users that has this type of line can reach a maximum speed of 7.9/8.0Gbps.

In meanwhile i’ve attempted a test (on the same PVE host) using an OpenWRT VM in this two scenarios:

- first test: 8 vCPU, PPPoE and NAT, I can reach without any problem 7.3Gbps (that looks like the maximum that my OLT can reach) from a VM behind.
- second test: 4 vCPU, Double NAT (PPPoE done by ISP router), in this way same speed can be achived from the VM

all tests above were done with stock configuration on the OS (no optimization done)

Any suggestion how to improve situation with PPPoE on OPNSense VM? I want to have public IP directly on the box and avoid double NAT, and in the next few days remove the ISP router and use an XGSPON SFP ONT.

Thanks in advance

22.7 Legacy Series / Monitor Multi-WAN Status

« on: November 21, 2022, 10:32:16 am »

Hi guys,

i've currently three WAN (2x GPON and 1x LTE) on my OPNSense VM.
I want to monitoring when one of the goes down, but also with Net-SNMP there are no OID to check this one.

Do you have an hints or solution to achive this monitoring?
May be a custom script?

Thx in advance

22.1 Legacy Series / Re: Missing PPP logs from GUI

« on: April 27, 2022, 04:29:40 pm »

Quote from: QuisaZaderak on April 27, 2022, 01:01:50 pm

I have the same issue after. (pppoe)

it was my fault. On top right the log level was "Warning".
Moving back to "Informational" prints the content of ppps logs

22.1 Legacy Series / Missing PPP logs from GUI

« on: April 27, 2022, 11:26:28 am »

hi guys,

i've updated from OPNSense 21.X to latest 22.1.6, and now logs from PPP (in my case PPPoE connection) cannot be shown on the WebUI.

Logs are correctly created under /var/log/ppps

Anyone has my same issue?

Thanks

General Discussion / Re: UDP Broadcast Relay

« on: March 29, 2021, 09:49:46 am »

ok fixed!
i've put a rule to allow OPNSense and my iPhone to multicast on IoT SSID, and now I can reach my Sky Q Platium

Thanks for the hits

General Discussion / Re: UDP Broadcast Relay

« on: March 29, 2021, 09:45:59 am »

ok.. may be i've found the problem.

The Multicast traffic is passed over ethernet, but when reach the AP (Unifi AC HD), the packet is not broadcasted over WLAN

I think this is related to the block broadcast on IoT WLAN that i've put in place for a problem with Shelly devices.

Now i'll try to see if I can put an exception..

General Discussion / Re: UDP Broadcast Relay

« on: March 29, 2021, 09:36:21 am »

the problem is that i'm seeing multicast packet on both interface, but anything else.
Looks like that the client doesn't know where is the SkyQ, so it doesn't start the TCP communication

General Discussion / Re: UDP Broadcast Relay

« on: March 29, 2021, 09:32:29 am »

ok, so also other firmware have the same behaviour

i'll try to find why this damn app cannot find the Q

General Discussion / Re: UDP Broadcast Relay

« on: March 29, 2021, 09:21:02 am »

Quote from: marjohn56 on March 28, 2021, 03:49:22 pm

It definitely works, many of us are using it right now. So let's see what settings you have. It should look like below...

and the firewall rule.

Hi,

i've the same rules.
Just a question: Are your Sky Q boxes replies to ping?
Mine not, but i'm in Italy and we don't have the same firmware..

Looks like that after some time, the OPNSense lost ARP entries and the box reply only if the traffic start from it

Thanks

General Discussion / Re: UDP Broadcast Relay

« on: March 27, 2021, 07:41:50 pm »

it's not working

this is a TCPDUMP on the LAN side, I can see the packet with multicast and 1900 port:

19:39:50.925776 IP 10.0.1.122.58010 > 239.255.255.250.1900: UDP, length 132
19:39:51.400938 IP 10.0.1.122.58010 > 239.255.255.250.1900: UDP, length 132
19:39:51.974473 IP 10.0.1.122.58010 > 239.255.255.250.1900: UDP, length 132
19:39:52.409893 IP 10.0.1.122.58010 > 239.255.255.250.1900: UDP, length 132
19:39:53.021373 IP 10.0.1.122.58010 > 239.255.255.250.1900: UDP, length 132
19:39:54.575089 IP 10.0.2.102.33820 > 239.255.255.250.1900: UDP, length 391
19:39:54.585951 IP 10.0.2.102.33820 > 239.255.255.250.1900: UDP, length 400
19:39:54.586837 IP 10.0.2.102.33820 > 239.255.255.250.1900: UDP, length 443
19:39:54.595408 IP 10.0.2.102.56461 > 239.255.255.250.1900: UDP, length 435
19:39:54.608613 IP 10.0.2.102.35998 > 239.255.255.250.1900: UDP, length 431
19:39:54.611086 IP 10.0.2.102.55354 > 239.255.255.250.1900: UDP, length 431
19:39:54.675932 IP 10.0.2.102.52893 > 239.255.255.250.1900: UDP, length 391
19:39:54.699198 IP 10.0.2.102.52893 > 239.255.255.250.1900: UDP, length 400
19:39:54.700161 IP 10.0.2.102.52893 > 239.255.255.250.1900: UDP, length 443
19:39:54.700186 IP 10.0.2.102.45252 > 239.255.255.250.1900: UDP, length 435
19:39:54.700205 IP 10.0.2.102.44194 > 239.255.255.250.1900: UDP, length 431
19:39:54.700222 IP 10.0.2.102.50255 > 239.255.255.250.1900: UDP, length 431
19:39:54.852066 IP 10.0.2.102.47141 > 239.255.255.250.1900: UDP, length 391
19:39:54.864000 IP 10.0.2.102.47141 > 239.255.255.250.1900: UDP, length 400
19:39:54.865469 IP 10.0.2.102.47141 > 239.255.255.250.1900: UDP, length 441
19:39:54.877949 IP 10.0.2.102.45838 > 239.255.255.250.1900: UDP, length 439
19:39:54.964780 IP 10.0.2.102.35901 > 239.255.255.250.1900: UDP, length 391
19:39:54.970416 IP 10.0.2.102.35901 > 239.255.255.250.1900: UDP, length 400
19:39:54.970432 IP 10.0.2.102.35901 > 239.255.255.250.1900: UDP, length 441
19:39:54.971131 IP 10.0.2.102.42460 > 239.255.255.250.1900: UDP, length 439
19:39:54.978979 IP 10.0.1.100.36914 > 239.255.255.250.1900: UDP, length 101
19:39:57.402953 IP 10.0.2.103.46812 > 239.255.255.250.1900: UDP, length 391
19:39:57.403721 IP 10.0.2.103.50473 > 239.255.255.250.1900: UDP, length 439
19:39:57.403739 IP 10.0.2.103.46812 > 239.255.255.250.1900: UDP, length 400
19:39:57.403749 IP 10.0.2.103.46812 > 239.255.255.250.1900: UDP, length 441
19:39:57.501526 IP 10.0.2.103.45625 > 239.255.255.250.1900: UDP, length 391
19:39:57.502320 IP 10.0.2.103.45625 > 239.255.255.250.1900: UDP, length 400
19:39:57.502338 IP 10.0.2.103.45625 > 239.255.255.250.1900: UDP, length 441
19:39:57.512406 IP 10.0.2.103.59306 > 239.255.255.250.1900: UDP, length 439
19:39:58.609947 IP 10.0.2.101.50033 > 239.255.255.250.1900: UDP, length 391
19:39:58.616509 IP 10.0.2.101.50033 > 239.255.255.250.1900: UDP, length 400
19:39:58.617198 IP 10.0.2.101.50033 > 239.255.255.250.1900: UDP, length 449
19:39:58.623296 IP 10.0.2.101.57373 > 239.255.255.250.1900: UDP, length 431
19:39:58.651478 IP 10.0.2.101.40230 > 239.255.255.250.1900: UDP, length 435
19:39:58.651497 IP 10.0.2.101.41778 > 239.255.255.250.1900: UDP, length 435
19:39:58.651512 IP 10.0.2.101.34482 > 239.255.255.250.1900: UDP, length 453
19:39:58.651526 IP 10.0.2.101.52958 > 239.255.255.250.1900: UDP, length 439
19:39:58.712615 IP 10.0.2.101.52922 > 239.255.255.250.1900: UDP, length 391
19:39:58.713300 IP 10.0.2.101.52922 > 239.255.255.250.1900: UDP, length 400
19:39:58.725730 IP 10.0.2.101.52922 > 239.255.255.250.1900: UDP, length 449
19:39:58.736272 IP 10.0.2.101.51055 > 239.255.255.250.1900: UDP, length 435
19:39:58.736290 IP 10.0.2.101.53165 > 239.255.255.250.1900: UDP, length 453
19:39:58.736307 IP 10.0.2.101.38655 > 239.255.255.250.1900: UDP, length 431
19:39:58.736349 IP 10.0.2.101.46696 > 239.255.255.250.1900: UDP, length 435
19:39:58.736371 IP 10.0.2.101.55974 > 239.255.255.250.1900: UDP, length 439
19:39:59.671583 IP 10.0.2.103.55595 > 239.255.255.250.1900: UDP, length 391
19:39:59.680952 IP 10.0.2.103.55595 > 239.255.255.250.1900: UDP, length 400
19:39:59.687785 IP 10.0.2.103.55595 > 239.255.255.250.1900: UDP, length 443
19:39:59.687811 IP 10.0.2.103.53717 > 239.255.255.250.1900: UDP, length 435
19:39:59.698524 IP 10.0.2.103.36531 > 239.255.255.250.1900: UDP, length 431
19:39:59.698542 IP 10.0.2.103.33524 > 239.255.255.250.1900: UDP, length 431
19:39:59.776345 IP 10.0.2.103.45391 > 239.255.255.250.1900: UDP, length 391
19:39:59.777213 IP 10.0.2.103.45391 > 239.255.255.250.1900: UDP, length 400
19:39:59.777242 IP 10.0.2.103.45391 > 239.255.255.250.1900: UDP, length 443
19:39:59.780551 IP 10.0.2.103.51321 > 239.255.255.250.1900: UDP, length 435
19:39:59.796703 IP 10.0.2.103.42519 > 239.255.255.250.1900: UDP, length 431
19:39:59.797466 IP 10.0.2.103.36201 > 239.255.255.250.1900: UDP, length 431

10.0.1.122 is my iPhone where SkyGo is running
10.0.2.101 is Sky Q Platinum
10.0.2.102-103 are the two Sky Minis

I don't see any other traffic than the SSDP, it looks like the app cannot really find where is the Platinum

General Discussion / Re: UDP Broadcast Relay

« on: March 27, 2021, 06:18:06 pm »

yes, currently my LAN zone has just a rule with anything open
in the attachment this is my current IoT rule set

General Discussion / Re: UDP Broadcast Relay

« on: March 27, 2021, 05:53:46 pm »

hello guys,

i cannot make it works with Sky Go App and Sky Q boxes.
I've setup the entry with multicast address 239.255.255.250 and port 1900, doing a TCPDUMP i can see traffic forwaded from my IoT VLAN to main LAN, but the app doesn't find the Sky Q Platinum

Any hints?

Before OPNSense I was using UniFi and i should force TTL to 4 when using IGMP Proxy

Thanks in advance!

Pages: [1]