Messages

The time-to-live for the ASN file is 1 day, but that depends on how often the update is called.

I use the cron job for that called "Update and reload firewall aliases". The timestamp for /usr/local/share/bgp/asn.csv shows Dec 8, 10:32 am, so this seems to work.

Thanks for the response. That was the cron job I was using to try and force it to re-download, but it did not seem to work. Note that I didn't know where that file was located, so it may have been something further down the line failing (I was just checking the logs, which weren't showing anything related to the BGP/ASN stuff, and the contents of the aliases). I'll keep an eye on that file and make sure it's updating successfully at this point.

Hello, all,

I had a situation where my BGP ASN aliases would not update. I'd replaced a failing SSD, reinstalled (got 23.7.9 on there now), and imported the configuration. Unfortunately, my ISP had decided that would be a good time to bring our internet connection down for maintenance, so OPNSense was unable to download the asn.gz file (the logs showed a DNS resolution error when trying to do so).

When the internet came back up, I couldn't get my BGP-based aliases to update. I tried rebooting, I tried deleting and manually re-creating the aliases, I tried setting up a Cron job to update aliases, and I tried flushing the aliases under Diagnostics>Aliases. Nothing would get it to update. Finally, since I knew that it would re-download the asn.gz file after a configuration restore, I just restored to the configuration again - and success.

My question now is how does one manually trigger the update for this file? (re-downloading https://rulesets.opnsense.org/alias/asn.gz) And does it do it automatically periodically download an updated version? I suspect that the alias updates don't actually tie into the mechanism for downloading the asn.gz file, so they're just looking at the old (or in my case, non-existent) asn.gz file. Given I couldn't manually trigger an update, I'm concerned that it may not be automatically updating either.

Thank you

Currently have an issue with upgrading from OPNsense 23.1.5 series to later versions (including 23.1.6 and 21.1.7).

My rules rely heavily on BGP aliases (e.g., to limit SMTP and IMAP to locally valid addresses).  On upgrades, and possibly other configuration/setup change events (e.g., possibly restoring configuration backups?), the configured BGP alias lists are empty.  This has immediate consequences on email as well as push notifications (e.g., Apple, WhatsApp, etc.) among others.

Am I correct that BGP alias lists are flushed on these type of events?  How long does it take to refresh these aliases?  Can I manually force the BGP alias lists to be refreshed?  (Or, has the BGP alias system broke since 23.1.5?)

I have not filed a bug report until I hear back from the community here in the forums as per the guidelines for contributing.

Did you ever find a fix for this? I'm running into the same issue after restoring a configuration to a new drive. BGP aliases no longer work at all, even after manually re-creating them.

EDIT: Just restored from backup again, and that got it working.

What had happened in my case, was my SSD was failing, so I replaced it, reinstalled, and imported the backup. It just so happened that our ISP decided that this was the perfect time to bring down our internet connection for maintenance, so it was unable to download the asn.gz file. It would sure be nice if there was a way to have it re-download of the asn.gz file without restoring from a backup...

Hmm... Didn't have notifications turned on for the thread.

There are two gateway settings that you can assign, the one on the client's static mapping tab and the one on the default interface tab. Have you tried to set "none" on both?

Just tried setting on both - that works. Looks like it's just broken on a per-device basis (which should override the value of any more broad a context). I need it to happen for only one device.

you want your gateway to be empty?
and just blank?

when you enter "none" opnsense still assigns a gateway to your client machine?

Correct on all counts.



Looks like this is just broken. Submitted an issue on Github: https://github.com/opnsense/core/issues/6343

Any ideas?

Hello, all,

How does one get the "Gateway" field of a Static DHCP Mapping to not assign a gateway? The description says it's as simple as entering "none" into the field, but it looks to be ignoring this entry.

I was under some version of OPNSense 22 before, and just upgraded to 23.1, hoping it would fix this. Unfortunately, no joy.

Am I misunderstanding the use of this field? Should I not be able to enter "none," pull a DHCP address, and have no "gateway" address present for that NIC? For reference, the client is a Windows 11 PC.

Thank you