Messages

1

General Discussion / UPnP service doesn't seem to work

« on: August 27, 2024, 08:13:05 am »

Is there a way I can see logs just for this service?

I have:

Enable X
Allow UPnP IGD X
Allow PCP/NAT-PMP X
External interface WAN
Interfaces LAN2
Interface subnet default
STUN server ____
STUN port 3478
Maximum download speed ____
Maximum upload speed ____
Override WAN address ____
Log packets O
Use system time O
Default deny X

Entry 1 allow port address/32 port
Entry 2 allow port address/32 port

I have tried turning off default deny.

LAN2 is normally blocked from speaking to the firewall other than DNS so I have tried adding firewall rules for LAN2 to allow port 1900 TCP/UDP to the firewall, to 255.255.255.250, and to any address at all, none have worked. Nothing shows up in the UPnP service status.

2

General Discussion / Re: Flapping on single LAN/NIC on i350-T4

« on: September 08, 2023, 07:20:22 pm »

Swapping the cables physically between my first and second lans then reassigning the lans to the other ports seems to have worked. Is there any reason this would be the case? Maybe I should try assigning then back to the original ports and see if the process of assigning/linking them is what solved it?

3

General Discussion / Flapping on single LAN/NIC on i350-T4

« on: September 07, 2023, 09:44:44 pm »

I'm getting flapping on the first port of my i350-T4 which is connected directly to a Mac Mini. The other ports are not flapping nor is the WAN (which is onboard Intel on the motherboard).

Code: [Select]

2023-09-07T19:41:11 Notice opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for lan(igb0)
2023-09-07T19:41:11 Notice kernel <6>igb0: link state changed to UP
2023-09-07T19:41:08 Notice opnsense /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for lan(igb0)
2023-09-07T19:41:08 Notice kernel <6>igb0: link state changed to DOWN
Nothing in the log before it detaches. I think this has been happening for a while but it's gotten worse with the latest releases. What's the proper troubleshooting procedure in this scenario?

4

General Discussion / Re: Why BSD base. Why not Linux base?

« on: November 28, 2022, 02:14:04 am »

For security reasons PCI passthrough is not recommended.

Then it seems to be virtualization is not recommended. I'm not inclined to run my NVMe ZFS mirror and Intel ethernet adapters through virtualization on a router, just doesn't seem right to me. It's more of a bare metal scenario. That's why I went with a dedicated host. Thought about using it for a NAS as well but decided I didn't want to mess with it.

Maybe my hardware choices are the issue. VM performance is not great compared to Linux, driver issues abound.

Dedicated HW like the link you provided I can understand.

Yeah it seems to me your choices are not suited for the product, and you come here seriously asking them to change the operating system and packet filtering used just to suit your scenario, rather than build a dedicated router that will run right?

Our electricity price has tripled so no I don't want to proliferate multiple systems when I have a perfectly capable server to virtualize in!

And if xBSD would invest some time in fixing the drivers we would have parity performance.

My dedicated OPNsense router uses very little electricity and that is part of why it is dedicated. I want it to be one of the last things running if and when I'm on back up power. I don't need some giant (possibly outdated?) server running 30 different things to keep going just to keep my router alive. It uses basically no CPU or RAM or disk on the machine, even with Suricata and such running, and that's how I like it.

Maybe I'm mistaken and virtualization is the way to run this kind of router. To me, for my home network, it did not make sense.

It's a FOSS product right? Fork it if you want I guess. And then maybe you'd realize you'd be starting all over from the ground up to change the operating system. Don't like the drivers? Fix them. Don't know what it would take to fix them or how to do it? Maybe don't dictate to other people what they do with their skills and time.

5

General Discussion / WAN DHCP client doesn't work properly after reboot but it used to

« on: November 22, 2022, 08:46:40 pm »

I have to manually renew the DHCP lease on the WAN connection after a reboot of the router, the WAN link will not work until I do so. This did not originally happen when I installed OPNsense earlier this year, but it has persisted through a few updates.

I don't remember the precise changes that I made or updates I applied when this started happening. I vaguely remember doing something with the interfaces but not exactly what it was, or if that was actually when it happened.

Is there anything that might cause this, or any setting I can use to force it to get a new DHCP lease periodically if there is no valid one existing?

6

General Discussion / OpenDNS doesn't seem to be working

« on: September 12, 2022, 10:11:13 pm »

22.7.4-amd64

OpenDNS doesn't seem to be working. I have checked Services>OpenDNS>Enable and provided my login information. Test/Update confirms the login working. My stats on OpenDNS.org are not showing any requests and the ones I asked to be blocked don't seem to be blocked. If I subsequently disable both Dnsmasq and Unbound I get no DNS server (I only tried that after OpenDNS wasn't working). Any ideas? Thanks.

edit: Disabling Unbound, enabling Dnsmasq, then re-saving the OpenDNS page looks like it made it work.