Messages

Where did you see its capable of 2.5G? Per the official specs it doesn't support it.

Various sellers advertising the units, but perhaps there is some confusion (on their part and/or mine) between a T4 and T4L.

I have a (genuine) Intel X710-T4 which I believe is supposed to work at 2.5Gb. It is working at 10Gb with two devices, but it doesn't auto-negotiate 2.5Gb with another NIC, and forcing that NIC to 2.5Gb doesn't work. In the "Speed and duplex" pull down for the Interface settings, there is no option to force 2.5Gb, only 100, 1000 and 10000. Ideas?

Is there a way I can see logs just for this service?

I have:

Enable X
Allow UPnP IGD X
Allow PCP/NAT-PMP X
External interface WAN
Interfaces LAN2
Interface subnet default
STUN server ____
STUN port 3478
Maximum download speed ____
Maximum upload speed ____
Override WAN address ____
Log packets O
Use system time O
Default deny X

Entry 1 allow port address/32 port
Entry 2 allow port address/32 port

I have tried turning off default deny.

LAN2 is normally blocked from speaking to the firewall other than DNS so I have tried adding firewall rules for LAN2 to allow port 1900 TCP/UDP to the firewall, to 255.255.255.250, and to any address at all, none have worked. Nothing shows up in the UPnP service status.

Swapping the cables physically between my first and second lans then reassigning the lans to the other ports seems to have worked. Is there any reason this would be the case? Maybe I should try assigning then back to the original ports and see if the process of assigning/linking them is what solved it?

I'm getting flapping on the first port of my i350-T4 which is connected directly to a Mac Mini. The other ports are not flapping nor is the WAN (which is onboard Intel on the motherboard).

Code Select Expand

2023-09-07T19:41:11 Notice opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for lan(igb0)
2023-09-07T19:41:11 Notice kernel <6>igb0: link state changed to UP
2023-09-07T19:41:08 Notice opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for lan(igb0)
2023-09-07T19:41:08 Notice kernel <6>igb0: link state changed to DOWN

Nothing in the log before it detaches. I think this has been happening for a while but it's gotten worse with the latest releases. What's the proper troubleshooting procedure in this scenario?

For security reasons PCI passthrough is not recommended.

Then it seems to be virtualization is not recommended. I'm not inclined to run my NVMe ZFS mirror and Intel ethernet adapters through virtualization on a router, just doesn't seem right to me. It's more of a bare metal scenario. That's why I went with a dedicated host. Thought about using it for a NAS as well but decided I didn't want to mess with it.

Maybe my hardware choices are the issue. VM performance is not great compared to Linux, driver issues abound.

Dedicated HW like the link you provided I can understand.

Yeah it seems to me your choices are not suited for the product, and you come here seriously asking them to change the operating system and packet filtering used just to suit your scenario, rather than build a dedicated router that will run right?

Our electricity price has tripled so no I don't want to proliferate multiple systems when I have a perfectly capable server to virtualize in!

And if xBSD would invest some time in fixing the drivers we would have parity performance.

My dedicated OPNsense router uses very little electricity and that is part of why it is dedicated. I want it to be one of the last things running if and when I'm on back up power. I don't need some giant (possibly outdated?) server running 30 different things to keep going just to keep my router alive. It uses basically no CPU or RAM or disk on the machine, even with Suricata and such running, and that's how I like it.

Maybe I'm mistaken and virtualization is the way to run this kind of router. To me, for my home network, it did not make sense.

It's a FOSS product right? Fork it if you want I guess. And then maybe you'd realize you'd be starting all over from the ground up to change the operating system. Don't like the drivers? Fix them. Don't know what it would take to fix them or how to do it? Maybe don't dictate to other people what they do with their skills and time.

I have to manually renew the DHCP lease on the WAN connection after a reboot of the router, the WAN link will not work until I do so. This did not originally happen when I installed OPNsense earlier this year, but it has persisted through a few updates.

I don't remember the precise changes that I made or updates I applied when this started happening. I vaguely remember doing something with the interfaces but not exactly what it was, or if that was actually when it happened.

Is there anything that might cause this, or any setting I can use to force it to get a new DHCP lease periodically if there is no valid one existing?

22.7.4-amd64

OpenDNS doesn't seem to be working. I have checked Services>OpenDNS>Enable and provided my login information. Test/Update confirms the login working. My stats on OpenDNS.org are not showing any requests and the ones I asked to be blocked don't seem to be blocked. If I subsequently disable both Dnsmasq and Unbound I get no DNS server (I only tried that after OpenDNS wasn't working). Any ideas? Thanks.

edit: Disabling Unbound, enabling Dnsmasq, then re-saving the OpenDNS page looks like it made it work.