Messages

Interesting, I don't run IDS/IPS.

Maybe I should tag the parent interface?

I have split my wifi network into Guest (no VLAN) and Private (vlan2). When my laptop is connected to Private, I have an intermittent problem with git and https://dev.azure.com/. About 80% of the time I get this error:

Code Select Expand

git pull

OpenSSL SSL_connect: Connection was reset in connection to dev.azure.com:443

On my laptop, if I switch to the Guest network it works fine, and never fails. Any ideas?

Since the problem is already (for now) fixed, it's hard to find out anything. Only the logs remain, no idea what to look for, as the problem can be manifold...
Did you check if clients still had (public) v6 addresses? If it occurs again I would first check this, then looking at the sense´s WAN and LAN interface: is there a public v6 assigned? If so, start a traceroute from sense (or client if it still has a v6 address) to somewhere in WAN (eg google.com). Also try to ping or traceroute v6 IPs on WAN (and sense itself), to see if it is just a DNS problem.

I didn't think to check if the clients had an IPv6 address, the WAN interface did have one though. I will get more logs next time. Thanks for replying.

You can check logs for the time where the problem occured, but did you also check v6 connectivity on other devices?

Yes I checked other devices and they showed the same issue. All devices worked fine after router was rebooted... I get a bit lost in the diagnostics section of OPNsense as I'm a long time pfSense user. Could you suggest a good place to look for this problem?

I've been using IPv6 for a few months now with no problem. However, today it stopped working for some reason. I got 0/10 on the test-ipv6.com site. I rebooted the OPNsense router and it's all fine now. There were no stopped services in OPNsense, radvd and the WAN interfaces were fine, as was IPv4.

Any ideas on what I could check to find a cause for this?

I "solved this" by setting rules for the Upload to TCP and UDP only. Seems to work.

I have IPv6 switched on at home and have a mediocre internet connection 50mbit down, 6 Mbit up. For this reason, I have implemented traffic shaping according to this article.

However when testing this it works fine for IPv4 traffic, but IPv6 traffic gets high packet loss according to the gateway pinger, so much so that it gets reported as offline. I pinged my gateway manually and it seems to happen only during the upload part. When the upload saturates the pipe, ping requests do not get a response.



Is this fixable in OPNsense? For now, I've disabled shaping for IPv6 by setting the rule to IPv4 only.

I'm trying to build a Grafana dashboard for the first time using prometheus as a scaper but wondering why some figures don't match up.

Here are my thermal sensors using OPNsense bare metal install on a Protectli VP4630.


These are quite different to the data in prometheus from the node_exporter plugin. Why is that?

Thanks, all I had to do was add the virtual IP as a /64 without doing anything else and then it worked. Not intuitive but working fine :)

Thanks but I'm not using DHCPv6, only SLAAC. Any way to do it with SLAAC?

I want each of my IPv6 subnets in OPNsense to have a GUA subnet configured and ULA. GUA is working fine, but I can't find where to configure ULAs.

I've just moved over from pfSense and in there I added the ULA subnet in Services -> DHCPv6 Server and RA -> LAN -> Router Advertisements and then the Subnets section.

I can't seem to find that in OPNsense. Anyone know?

I have configured backups on OPNsense to go to Google drive and it works fine when I click Setup/Test Google Drive.

How often are backups sent there? I'm a long-time netgate pfSense+ user and trying out OPNsense as I have new hardware. In pfSense, backups can get done after every configuration change, is it the same with OPNsense? I made a configuration change, and saved it, but notice that a new backup file doesn't appear in Google Drive.

Or is it on a schedule? If so, where's the schedule and can I change it to every configuration change?

Great thanks, all sorted now, makes sense

Thanks, but how do I allow manual adjustments for the interface? Can't see that anywhere either...

I use IPv6 and have a new router on order and considering migrating from pfSense to OPNsense. I'm struggling to find where Router Advertisements are configured despite spending considerable time trying...