Messages

1

General Discussion / Re: Firewall blocking strange local IP on port 68

« on: June 09, 2022, 09:36:53 am »

Sorry for super late response.

I was monitoring my network and cleaning up some forgotten devices (to reconfigure them to my new network settings).
I did tcpdump like pmhausen suggested and now I'm 100% sure this request comes from within OPNsense

tcpdump -e -nn -i bridge0 > tcp3.dump

09:14:21.790999 24:f5:a2:a6:72:2c > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 420: vlan 4, p 0, ethertype IPv4, 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 24:f5:a2:a6:72:2c, length 374
09:14:21.791968 24:f5:a2:a6:70:60 > 24:f5:a2:a6:72:2c, ethertype 802.1Q (0x8100), length 346: vlan 4, p 0, ethertype IPv4, 192.168.20.1.67 > 192.168.20.107.68: BOOTP/DHCP, Reply, length 300

I'm not using vlans anywhere in my network. What can I do with it? Why this is happening?

2

General Discussion / Firewall blocking strange local IP on port 68

« on: April 29, 2022, 12:55:35 pm »

Hi,
Recently configured my first OPNsense router and from my point everything works. Yesterday I looked into Firewall logs and I saw strange IP being blocked. I tried to capture this IP on all interfaces to get some more info but it is not showing in captured packets. I guess that it not showing there because it gets filtered by firewall before packets being captured OR it is something internal to OPNsense making this requests (i think this one is true).
So IP mentioned is 192.168.20.1:67 (source) and 192.168.20.107:68 (destination) UDP.
Problem is, my network has 192.160.96/20 IP range, my previous network configuration (before OPNSense) was typical 192.168.1.0/24 (so 192.168.20.1 is also not from some device that I forgot to reconfigure).

Any idea what is it? Should I allow it in my Firewall rules?
More info on screenshots.

3

22.1 Legacy Series / "Errors in" when jumbo frames are enabled

« on: April 10, 2022, 03:21:55 pm »

Hi,
First of all I like to clarify that I'm quite inexperience in networking, I recently bought and configured Celeron J4125 with 4xIntel i225-V (2.5 gig) with OPNsense (v22.1.5).
Of course as always there was ton of problems but I figured out most of it.
There is one thing that is strange and I have no explanation for it, so maybe here on forum someone will be able to help me with it.

Problem:
I have 4x ports, 3 of them are in bridge mode (switch), and last one is separate WAN port.  I have two machines connected to "Switch" ports, 1-server, 2-PC (through another switch or directly, tested few configurations).
Every time I enable Jumbo frames on my PC (4k or 9k) I'm start getting "Errors In" on that port when I run iperf3 between PC and server. Thing is that everything seems to work fine, jumbo frames are working (tested with ping and also iperf3 bitrate increase). Tested with different PC with different cable. Same thing on 1 and 2.5 speed.
Tested witch laptop using USB network card and same thing happens (even after enabling 3k jumbo).
When jumbo is off then I can run iper3 test without single "Error in" (with lower bitrate result).
Disabling offloading on router or on PC did not change anything.

In network capture (done on OPNsense router) I see 2x "Dup ACK" in 10000 packets captured.