Messages

1

24.7 Production Series / Re: snapshot auto recovery

« on: October 17, 2024, 02:25:09 pm »

> There is no other automatism, it will just revert automatically when the admin doesn't confirm within the timeframe.
> I do like the manual confirm, but not the timer. People forget, systems revert for the wrong reasons.

Maybe the timer thing could be an option that defaults to off and can be manually activated for certain use cases.

2

24.7 Production Series / Re: snapshot auto recovery

« on: October 17, 2024, 10:24:50 am »

There could be problems with the WAN (PPPoE) connection after an update but the system could still be "active". For such cases some kind of auto-reboot would be nice.

3

24.7 Production Series / Re: snapshot auto recovery

« on: October 17, 2024, 10:09:51 am »

@Patrick:
You may not always be in a position to power cycle the system easily.
I guess the whole point of this feature is about systems that are only available remote?
So maybe one could enhance your proposal with some kind of cron based success-check. E.g. reboot if the BE is not persisted after a certain amount of time?

4

German - Deutsch / Re: OPNsense am Glasfaser Netztrenner mit HTP

« on: September 17, 2024, 09:32:03 pm »

Hallo!

Ich bin auch bei HTP. Allerdings ohne Business-Tarif.
Mein Anschluss ist ebenfalls auf Dual-Stack eingestellt.

Bei mir läuft IPv6 mit DHCPv6 (Use IPv4 connectivity, Request prefix only, Send prefix hint, Prefix size 56).
Die IPv6-Adressen sieht man in der Shell  auf dem pppoe0-Interface (ssh zur OpnSense; 8 Shell; und dann "ifconfig").

5

24.7 Production Series / Re: Power Management with AMI (standard) vs Coreboot BIOS on Protectli devices

« on: September 15, 2024, 09:24:51 am »

Correct, I forgot to mention yesterday, I am also using the Tunable dev.hwpstate_intel.x.epp = 90 (x = 0...5), on top of the dev.cpu.y.cx_lowest = C3 (y = 0...11)

Please could you share the link to the site with the information on what CPUs are compatible with the PowerD daemon, thank you

Sorry. I don't have a link i could provide. I just tried different settings of PowerD and saw no effect on frequencies or temperature. Afterwards i searched the forum and found some discussions about the topic that confirmed my suspicions.

In general, i guess, all CPUs that support Intel Speedshift have to use hwp instead of PowerD. Maybe you can find some information in the official FreeBSD documentation (https://docs.freebsd.org/en/books/handbook/config/#hwpstate_intel).

6

24.7 Production Series / Re: Power Management with AMI (standard) vs Coreboot BIOS on Protectli devices

« on: September 13, 2024, 08:59:39 am »

I also own a VP2420 flashed with Corebios.

After the installation of Opnsense i was a little bit concerned about the CPU temperature because it was running hotter than my previous system (APU4).
I don't have the option to use lots of fans in this environment and therefore sensitive to heat dissipation.
After some time i realized that the powerd-setting has no effect on this system. The CPU is not supported by the daemon. After using the tunables "dev.hwpstate_intel.*.epp" and setting them to "90" the CPU was running cooler and used lower frequencies most of the time.

After setting "dev.cpu.*.cx_lowest" to "C3" i am back at the level of the APU or evevn better.

7

General Discussion / Re: Debian 12 DHCPv6 issues

« on: September 08, 2024, 08:10:49 pm »

Hi!

I don't think that i completely understood you problem. But i also struggle with IPV6 connectivity in Debian 12.

In my case i try to get a working SLAAC setup as this is what my mobiles seem to like. On the other hand my linux notebook with Debian 12 at first had only a link local IPv6 address. I tried to tweak it with several sysctl settings until i realised that it was using NetworkManager. Because that is new territory for me i disabled the IPv6 handling of NetworkManagerit for that connection (nmcli c m <WLAN Connection> ipv6.method ignore).

Now i have at least several IPv6 addresses. I still have connection problems which may be related to a missing default gateway... .

Long story short. I think the combination of NetworkManager and Ipv6 is a little bit special and may need some trial and error to get right.

8

24.7 Production Series / Re: 24.7 CPU Temps

« on: September 04, 2024, 07:59:30 pm »

For me the following somehow works:

Setting the tunable "dev.hwpstate_intel.*.epp" to 80 seems to avoid too much spiking of the CPU and results in a sane behaviour of the temperature widget.

I missed the fact that for newer CPUs the powerd daemon does not work.
As i don't need very much processing power for my setup there is no need for higher frequencies.

Hardware: J6412 Protectli VP2420

9

24.7 Production Series / Re: 24.7 CPU Temps

« on: July 29, 2024, 07:57:15 pm »

Hi Franco,

i guess i could try harder to explain myself.

> Guessing problems into open source is a bit taxing from a dev point of view because now it's not enough to be open it needs to be explained constantly

First of all i understand that it is sometimes tiring to explain things over and over. In my case i actually think you have a point because i *could* look into the sources and get some insights or be more precise with my statements. But you can't really expect this from every random person.

> RRD is not even using sysctl so not understood. It's actually using a tool that really really needs to be removed for the same reason that RRD backend needs a full rewrite.

Now what i tried to express was that it is probably a good idea to use one common source of truth for such data in general (because it is irritating having different vaues inside the GUI). And because i didn't knew that RRD was in need of a refactoring i thought that source of truth could be the RRD. But you can abstract that away if you like.

Similar to your idea

> We may have to write a small tool to fetch the temperatures in the background away from the GUI so when the GUI query comes in it reads the actual value, not the one while the CPU is busy processing the user request

The important thing being that there shouldn't be several ways to gather the data (tool and RRD) but only one way (tool) and the other consumer (widget, RRD) should ask the tool service for the values (to avoid different results and to avoid unnecessary load).

The second part about the means on how to read the actual values (sysctl dev.cpu) was meant to illustrate that it would be nice if one would use a more lightweight method for the central data crawler.
I compared that to "sysctl -a" in this context because i compared the RRD values to the output of the command line calls and "sysctl -a" was close to the RRD values in my case. Threrefore i asumed that it is using this command or at least something similar.


Greetings,
Stefan

10

24.7 Production Series / Re: 24.7 CPU Temps

« on: July 27, 2024, 07:44:04 pm »

We may have to write a small tool to fetch the temperatures in the background away from the GUI so when the GUI query comes in it reads the actual value, not the one while the CPU is busy processing the user request..?

Cheers,
Franco

Maybe you could just use the RRD data if it is available.

And if i understood your problem description it might be a good idea to use "sysctl dev.cpu" instead of "sysctl -a" for the RRD data.

11

24.7 Production Series / Re: [SOLVED] DHCP6 Gateway is shown as disconnected in 24.7

« on: July 27, 2024, 12:04:21 am »

I have a setup with a Fritzbox (german internet+wlan router) in front of a OPNsense box.

I also use an ULA.

And here the gateway monitor is working. So i guess there is no general problem with 2 routers.

12

24.7 Production Series / Re: 24.7 CPU Temps

« on: July 26, 2024, 11:06:47 pm »

I see the following:

- The widget shows 63°C
- The RRD health data shows an average of ~53°C
- "sysctl -a | grep temperature" shows 50°C
- "sysctl dev.cpu | grep temparature" shows 43°C

Not all executed at the exact same point in time but after several tries the trend is stable.

If i compare the visualization of the CPU-Widget with the output of "top" it looks also quite different. But maybe this is just the sampling intervall.

System: Celeron J6412 and thermal sensor configuration set to use the on-die thermal sensors.

13

24.7 Production Series / Re: DHCP6 Gateway is shown as disconnected in 24.7

« on: July 26, 2024, 12:57:11 pm »

It seems that the behaviour i was seeing was produced by a configuration failure that surfaced with the new version.

I was preparing the switch to a different primary WAN interface (WAN0; a Vlan on the same interface as my current primary WAN) which is about to replace my current primary WAN (WAN1).
After the configuration i deactivated the interface to ensure that it does not interfere with my current setup.
My only IPv6 capable interface WLAN is configured to use "track interface". And as a tracking target i use the current WAN interface.  At that time it was WAN0. After the deactivation of WAN0 the WLAN tracking interface was not changed to WAN1.

Long story short. After changing the tracking interface in the WLAN configuration the gateway check seems to work even after a reboot.

This bug in my configuration did not show up in the previous OPNsense version. I really like this improvement and feel even more confident using OPNsense 24.7 .

14

24.7 Production Series / Re: DHCP6 Gateway is shown as disconnected in 24.7

« on: July 26, 2024, 11:37:56 am »

It looks like there is a behaviour change in regard to DHCPv6 handling with version 24.7 .
In my case it seems to be timing related (a few minutes after a reboot i can manually start the gateway monitor).
I don't exactly know the role of the "gateway monitor watcher" but if i go by the name the manual start should not be necessary.

Update: At least i *think* that it is timing related. I also edited the gateway configuration between several tries to start the gateway service (i tried to manually enter the gateway IP6 and than removed it again). I did not check if my editing somehow created the route. I guess i will see it on the next reboot... .

15

24.7 Production Series / Re: DHCP6 Gateway is shown as disconnected in 24.7

« on: July 26, 2024, 10:51:28 am »

Well. The DHCP6 gateway has a internet monitor IP (2606:4700:4700::1111).
Currently it is working and the routing table contains the following:

ipv6   default   <IP6 of my fritzbox as gateway address>   UG   NaN   1500   igc3   WAN1
ipv6   2606:4700:4700::1111   <IP6 of my fritzbox as gateway address>   UGHS   NaN   1500   igc3   WAN1

The IPv4 route is also available.

I am a little bit hesitant to reboot the router at the moment. Therefore i can not check the table in case of a problem.