1
General Discussion / Re: Outgoing LAN ip blocked
« on: January 13, 2024, 04:04:24 pm »
Maybe its related to me having Tailscale installed on that 10.1.1.105 machine, and thus it and/or remote devices can cause this behaviour?
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
General Discussion / Outgoing LAN ip blocked
« on: January 13, 2024, 01:53:54 pm »
Hi,
So I have 1 machine behind my OPNSense, and that machine is working great.
But when looking in the firewall logs, I do see that sometimes , outgoing traffic is blocked.
I thought maybe it has to do that Opsense LAN was set to /24 and my machine uses /32 , but both have /24
For me everything I use that machine for works, I'm just curious why some traffic is denied (that I don't notice in functionality)
So I have 1 machine behind my OPNSense, and that machine is working great.
But when looking in the firewall logs, I do see that sometimes , outgoing traffic is blocked.
I thought maybe it has to do that Opsense LAN was set to /24 and my machine uses /32 , but both have /24
For me everything I use that machine for works, I'm just curious why some traffic is denied (that I don't notice in functionality)
3
Hardware and Performance / Re: Saturating 1Gbit NIC creates packet loss
« on: August 10, 2023, 07:47:02 pm »Look into setting up the Shaper, probably FQ (Fair Queue) Codel.I'll read up a bit on it, I'm fairly new to Opnsense. I had a Ubiquiti UDM-PRO before on same WAN connection without packetloss when saturating it, so I was wondering why.
Set an up/down pipe limit of 900Mbps - maximum throughput of gigabit ethernet is 940Mbps, so this gives it some wiggle room.
... and possibly RSS.
But your explanation makes sense, I'll try out setting Shaper.
Concerning the other questions, Opnsense runs on a standalone (dedicated) machine.
NIC1 = WAN
NIC2 = LAN
NIC2 is connected to another machine that runs Proxmox where I run multiple VM and LXC's on
4
Hardware and Performance / Saturating 1Gbit NIC creates packet loss
« on: August 07, 2023, 05:51:54 pm »
Hi,
Im not sure if this is just normal behaviour, but when I saturate my 1Gbit NIC, it creates 3-12% packetloss whilst CPU is average 30% and never above 50% (see screenshots)
Is this due to the NIC (hardware/driver) itself, or something else? Would changing to a 2.5 or 10Gbit NIC solve the problem if my internet speed is maximum 1Gbit anyway?
Some more info:
I tried the optimisations mentioned here as well:
https://kb.protectli.com/kb/pppoe-and-opnsense/
Anyone else has the same experience of a solution to it?
Im not sure if this is just normal behaviour, but when I saturate my 1Gbit NIC, it creates 3-12% packetloss whilst CPU is average 30% and never above 50% (see screenshots)
Is this due to the NIC (hardware/driver) itself, or something else? Would changing to a 2.5 or 10Gbit NIC solve the problem if my internet speed is maximum 1Gbit anyway?
Some more info:
- Hardware: Supermicro A2SDi-4C-HLN4F with 4x 1Gbit/s LAN onBoard (Intel C3000 SoC) and Intel Atom C3558 4-Core 2,20GHz
Intrusion Detection & IPS disabled
Services installed: Crowdsec, Telegraf, ACME client
I tried the optimisations mentioned here as well:
https://kb.protectli.com/kb/pppoe-and-opnsense/
Anyone else has the same experience of a solution to it?
Pages: [1]