Messages

Is this still a known issue? I'm on 25.1.8 and have the same problem.
I get a static IPv4 address and IPv6 prefix from my provider.

My WAN settings:
IPv4 Configuration Type: PPPoE
IPv6 Configuration Type: DHCPv6
Request prefix only & Send prefix hint are both checked

Clients are able to connect to websites via IPv6 and my servers are reachable via IPv6 from the internet. Also IPv6 Ping via Interfaces > Diagnotics is working.

But if I want to Enable Gateway Monitoring the gateway is "Offline" and the Gateway monitor isn't starting with this error in the log:

Code Select Expand

/usr/local/etc/rc.syshook.d/monitor/20-recover: The required WAN_DHCP6 IPv6 interface address could not be found, skipping.

Routes are there:

Code Select Expand

ipv6 default fe80::ded2:fcff:fe24:dd60%pppoe0 UGS NaN 1492 pppoe0 WAN
ipv6 2606:4700:4700::1111 fe80::ded2:fcff:fe24:dd60%pppoe0 UGHS NaN 1492 pppoe0 WAN
I also tried the give the gateway an IPv6 address from within my prefix without luck. If I uncheck "Request prefix only" the gateway still gets an fe80 address.

I was able to get this working with a static route to 192.168.1.0/24 via the gateway.

I have a similar issue: I have a Multi WAN setup with a PPPoE DSL connection and a 5G connection.
The ISP disconnects the PPPoE connection after 24h so I've added a Cron job for a periodic interface reset which worked perfectly fine. But after adding the 5G WAN this doesn't work anymore. After the interface reset the dpinger shows a 100% package loss and the gateway is down even though it got a new IP and would work fine. The dpinger service is still running and doesn't crash or anything. After a manual restart of the Gateway monitor it works again.

Here is the debug log of the gateway. Cron job at 4:00 and manual restart of the gateway monitor at 7:50.

Code Select Expand


2024-08-20T07:50:50 Notice dpinger ALERT: WAN_GW (Addr: 8.8.8.8 Alarm: down -> none RTT: 14.5 ms RTTd: 0.1 ms Loss: 0.0 %)
2024-08-20T07:50:47 Notice dpinger Reloaded gateway watcher configuration on SIGHUP
2024-08-20T07:50:47 Warning dpinger send_interval 1000ms loss_interval 4000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 0ms loss_alarm 0% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 2.241.65.39 identifier "WAN_GW "
2024-08-20T07:50:47 Warning dpinger exiting on signal 15
2024-08-20T04:00:07 Notice dpinger ALERT: WAN_GW (Addr: 8.8.8.8 Alarm: none -> down RTT: 0.0 ms RTTd: 0.0 ms Loss: 100.0 %)
2024-08-20T04:00:03 Notice dpinger Reloaded gateway watcher configuration on SIGHUP
2024-08-20T04:00:03 Warning dpinger send_interval 1000ms loss_interval 4000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 0ms loss_alarm 0% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 2.241.65.39 identifier "WAN_GW "
2024-08-20T04:00:02 Notice dpinger Reloaded gateway watcher configuration on SIGHUP
2024-08-20T04:00:02 Warning dpinger exiting on signal 15
2024-08-20T04:00:02 Warning dpinger WAN_GW 8.8.8.8: sendto error: 65
2024-08-20T04:00:01 Warning dpinger WAN_GW 8.8.8.8: sendto error: 65


8.8.8.8 is only used as a monitor IP not as a DNS server.
There are many similar posts here in the forum regarding this issue. I was hoping that 24.7 might fix this but it didn't.

Anyway, downloaded it locally, that doesn't look correct. Destination should be the subnet where the router is, not *.

Got that from here: https://forum.opnsense.org/index.php?topic=12094.msg55483#msg55483
But changed it now without a difference.

But * should not make a difference. Outbound NAT with an explicit interface set is limited to packets leaving via that interface. Which they supposedly do. I'd use tcpdump to debug this.

I have a Packet Capture if that helps. I have no experience with tcpdump.

Code Select Expand

ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 128, id 12208, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.178.11.65529 > 192.168.1.1.443: Flags [S], cksum 0xf38d (correct), seq 3800393721, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0

Hello,
I have a Multi WAN setup with a DSL connection and a Zyxel FWA710 5G Router.
I would like to be able to reach the GUI of the 5G router from my LAN. The Router is in IP Passthrough mode so I see the public IP in OPNsense.
I've read some other forum posts about this topic and added an outbound NAT rule + disabled the "Block private networks" option on WAN_5G without success.
Maybe you can point me in the right direction. I've included screenshots of the interfaces, my outbound NAT rules and the Zyxel router.

I'm about to set up my first OPNsense instance as a virtual Proxmox machine.
For the WAN interface I'll use a PCIe passthrough NIC.

My question regards the LAN interface. I want to use LAGG with 2 NICs and I have two ideas how to set it up:

1. I set up the LAGG and bridge in Proxmox and use the virtual interface in OPNsense.

2. I create a bridge without NIC in Proxmox, passthrough both NICs to OPNsense, create the LAGG interface in OPNsense and create a bridge with the LAGG interface and the virtual Proxmox interface.

The connection to Proxmox isn't heavily used. The connection from Proxmox LAN to the switch has priority.

Which option would result in better performance and less CPU usage?