Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - DoBoY

#1
I am guessing this will probably do nothing to help VLAN crashes on my i226-V Nics? Nice to see some advancement though
#2
Quote from: johndchch on February 25, 2023, 07:54:05 PM
in my experience the best way to deal with freeBSDs intel driver issues ( which are beyond opnsense and zenarmour's control - issue is mainly with Intel themselves ) is simply to virtualise opnsense using esxi and use the vmx drivers - opnsense/zenarmour is solid using vmx ( vmx supports netmap native )

The esxi ix/ixl drivers are super reliable ( as you'd expect ) - i225/i226 is supported by the community driver

Yeah maybe so, but I fell like my little FW appliance wold not have enough juice to run esxi and opnsense properly? I have not tested it yet, but its just N5105 system with 16Gb Ram.
#3
Thank you for your reply.

yes I tried emulated, hard crash within a few hours.

Native mode last anywhere from 4-7 days ish before it crashes only my vlans. I can still access my default Vlan1 to reboot firewall or even vpn in for that matter, anythgin on VLAN1 is fine and dandy, in emulated it all went down.

so might be a while to incorporate driver support so for those of us with those NIC's thinks like suricate and zenarmor are not feasible. That's unfortunate as i believe those NIC's are becoming very popular with the home firewall userbase. I specifically went with intel this time because I had to many issue with my realtec NIC's and support in freebsd last time :)
#4
I am one of the ones that even with the new netmap loaded still have random crashes of my vlans when using zenarmor, only way it works is in passive mode. Is sunny valley actively looking into this? is there something we can do to help?

Guess I will need to cancel my service with them for now, no use paying for something I can't use.

I am on latest Opnsense + latest NETMAP Fix, using i226-V intel Nics
#5
I have the exact same issue and my hardware offloading has been disabled from the start. even with new netmap my Vlan's stop responding after a few days and require a reboot. Zenarmor only works in passive mode for me as well..

I also have intel Nics i-226V
#6
Unfortunately I am also still having interface crashes ( VLANs) with the new Netmap.. Thought I was ok after applying the fix but it popped again today. So we are saying I should disabled ZenArmor?

If Zenarmor is the issue I guess I should ask for a refund since I cannot use the services I am paying for?
#7
As the title say, all my vlan's other than Native (on it's own interface alone) crash every 5-10 days. Only way to fix is to reboot firewall. Interface 1 (Vlan1) keeps working fine.  I read the other post about this but his symptoms were more instant, mine build up over time it seems.

igc0 = WAN
igc1 = Lan (Vlan1)
igc2 = WIFI (Vlan xx and xx) <-- crashes then no one can do anything till a reboot.

Where should I start looking? See attached pic of current interface settings.

Thanks
#8
Quote from: sy on January 05, 2023, 08:02:56 PM
Hi,

You can set the DNS server in the Configuration - Reporting & Data - DNS Enrichment for Reports. But hostname Infos are used for the source machines.

I have that feature enabled already and does not help. My guess is that when it does a reverse lookup since it's a dynamic dns it does not resolve to the url that is located in the alias, as in it does not check it's own DNS/PTR table  even it even has one. it goes outside and those ip's do not have a public PTR since they are dynamic
#9
Quote from: sy on January 04, 2023, 01:07:35 PM
Hi,

The test process needs a bit more time. It will be shipped by the end of this week. Please contact the team by using the upper right corner of Zenarmor GUI to extend the trial time.

Ok So i have upgraded to latest version and it seems better now, maybe you can answer a quick question?

I have multiple alias's created from dynamic dns urls that get resolved to ip addresses in order to use in incoming firewall rules.

All I see is the external IP in the various reports, which then on hover gets resolved to an external generic url/dns name from the web. Can i not get it to use the internal DNS cache to populate ?

ie.. should they not get resolved to

A) My internal alias name's?
B) The dynamic URL that I defined in the alias?

Thanks

#10
Quote from: mb on January 01, 2023, 06:35:01 PM
Hi @DoBoY,

Happy New Year!

We're aware of this problem. This affects Top Local and Top Remote Hosts charts. We're testing the fix in pilot environments.

We'll ship the fix with 1.12.3 tomorrow / Tuesday.

I guess there was more bugs to squash before releasing the fix? Any new ETA, I am running out of time on my 15 day trial.
#11
Well that's terrific news. Happy i was not crazy :)

Thanks.

So I  guess in the future I should wait a bit before upgrading to see if there any known issues, is there a good ressource we can access to verify that the latest versions have not included some unknown bugs/misbehaviors?

#12
I have docker running multiple apps/services I would like to create custom apps separating them all for reporting purposes but seems like I can only configure the custom app is using an IP as a criteria?

Since the IP is the same for multiple dockers apps(different ports) the reports would be flawed.

Is it possible to separate apps by port and not just destination IP?

Also is it possible to create a custom App without having to register it to the Cloud and for internal network use only? ie.. not a public internet app
#13
I can't seem to find any good info regarding an issue I have found(if it even is one)

My Top local hosts report includes external addresses? A mix of both actually, and some are not resolving to proper alias's that are defined internally.

Now good the mix out of outside and inside IP's be due to a config on the opnsense? I am not sure where zenarmor pulls the data for "local hosts" All my internal hosts are non routable ip's of course.

ie.. I have a docker server running rtorrent and other apps, most of those rtorrent ip's are being recorded in local hosts even though they are external routable user's ?

I am not sure i am explaining this correctly but I expected Top local hosts to include only internal network objects?