1
23.7 Legacy Series / Re: Only getting 1/3 internet speed after upate to firmware 23.7.10_1
« on: December 18, 2023, 11:24:26 am »
Glad you're sorted!
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
2
23.7 Legacy Series / Re: Only getting 1/3 internet speed after upate to firmware 23.7.10_1
« on: December 18, 2023, 12:04:13 am »
Is that a wired link or W-Fi? Is this IPv4 or v6?
I have just upgraded to 23.7.10_1 and will test speed tomorrow on my wired PC to see if my very basic setup with 1 WAN, 1 LAN (albeit on a software bridge) is affected. I report back so you have something to compare against.
I have just upgraded to 23.7.10_1 and will test speed tomorrow on my wired PC to see if my very basic setup with 1 WAN, 1 LAN (albeit on a software bridge) is affected. I report back so you have something to compare against.
3
23.7 Legacy Series / Re: Traffic-Monitor on Dashboard is empty with Firefox
« on: November 22, 2023, 05:48:58 pm »
That's really useful. Thanks.
4
23.7 Legacy Series / Re: Traffic-Monitor on Dashboard is empty with Firefox
« on: November 21, 2023, 08:25:56 pm »I have reinstalled Firefox and now the traffic monitor works fine.Glad it's working
5
23.7 Legacy Series / Re: Webgui on WAN
« on: November 21, 2023, 08:19:11 pm »
Well, at least you know what the issue is.
Perhaps you can work round it with a VPN - which is probably safer too
Perhaps you can work round it with a VPN - which is probably safer too
6
23.7 Legacy Series / Re: Webgui on WAN
« on: November 21, 2023, 11:11:33 am »
Just to check the obvious - your ISP isn't blocking https traffic?
7
23.7 Legacy Series / Re: Traffic-Monitor on Dashboard is empty with Firefox
« on: November 21, 2023, 12:57:59 am »
Very odd. I just tried it in Firefox 119.0.1 on Windows 10 64bit. It was fine.
If it is OK in Chrome, then it suggest something about Firefox. Update / reinstall?
If it is OK in Chrome, then it suggest something about Firefox. Update / reinstall?
8
23.7 Legacy Series / Re: Webgui on WAN
« on: November 21, 2023, 12:15:14 am »
These links may be useful:
https://forum.opnsense.org/index.php?topic=3876.0
https://forum.opnsense.org/index.php?topic=573.0
The obvious dangers are discussed, but they should help.
A useful suggestion seems to be to try disabling reply-to on WAN rules (Firewall > Settings > Advanced)
BTW pfctl -d disables the firewall completely (and maybe NAT too, I am not sure). pfctl -e enables it.
https://forum.opnsense.org/index.php?topic=3876.0
https://forum.opnsense.org/index.php?topic=573.0
The obvious dangers are discussed, but they should help.
A useful suggestion seems to be to try disabling reply-to on WAN rules (Firewall > Settings > Advanced)
BTW pfctl -d disables the firewall completely (and maybe NAT too, I am not sure). pfctl -e enables it.
9
23.7 Legacy Series / Re: DNS Priority, IPv4, IPv6
« on: November 19, 2023, 02:39:18 pm »
Thanks both
Good to know Ubiquiti haven't sorted that yet. I am using one of their PoE switches too, so it’s a double whammy.
There is definitely an MS Windows thing going on too - even with stateless DHCP. The DHCPv6 assigned DNS server addresses don't always appear - and last night found to be on wired (via an unmanaged Netgear switch) as well as wireless.
I may play further during the week.
Good to know Ubiquiti haven't sorted that yet. I am using one of their PoE switches too, so it’s a double whammy.
There is definitely an MS Windows thing going on too - even with stateless DHCP. The DHCPv6 assigned DNS server addresses don't always appear - and last night found to be on wired (via an unmanaged Netgear switch) as well as wireless.
I may play further during the week.
10
23.7 Legacy Series / Re: DNS Priority, IPv4, IPv6
« on: November 19, 2023, 12:41:54 am »
I've just been reading about UniFi access point issues with IPv6 multicast. It's a 3 year old post that pretty much describes the issue. I am trying to find if it was ever resolved.
https://community.ui.com/questions/Bug-IPv6-Multicast-Traffic-is-dropped-by-AccessPoints-on-5GHz-WiFi-Clients-loose-IPv6-address/2541cb8f-efd9-41ed-82bd-42145956fddb?page=1
Also wondering if some of the known issues with Windows 10 IPv6 haven't been solved. I have exactly 'Issue 1' (paragraph 4) of this post https://www.reddit.com/r/ipv6/comments/j9j4j2/windows_10_2004_19041_has_multiple_rdnss_issues/
Interestingly my son has just had this issue on his PC, which is wired, not Wi-Fi. That may make the whole UniFi thing moot, apart from the iPhone losing DNS IPv6 addresses after a while.
It's very convoluted, and part of me says 'enough': just let DNS servers be contacted on IPv4. It won't stop IPv6 traffic working.
https://community.ui.com/questions/Bug-IPv6-Multicast-Traffic-is-dropped-by-AccessPoints-on-5GHz-WiFi-Clients-loose-IPv6-address/2541cb8f-efd9-41ed-82bd-42145956fddb?page=1
Also wondering if some of the known issues with Windows 10 IPv6 haven't been solved. I have exactly 'Issue 1' (paragraph 4) of this post https://www.reddit.com/r/ipv6/comments/j9j4j2/windows_10_2004_19041_has_multiple_rdnss_issues/
Interestingly my son has just had this issue on his PC, which is wired, not Wi-Fi. That may make the whole UniFi thing moot, apart from the iPhone losing DNS IPv6 addresses after a while.
It's very convoluted, and part of me says 'enough': just let DNS servers be contacted on IPv4. It won't stop IPv6 traffic working.
11
23.7 Legacy Series / Re: DNS Priority, IPv4, IPv6
« on: November 18, 2023, 07:05:19 pm »
Yes, IPv6 works well. At the start of the day, only IPv4 DNS server addresses were listed, but of course DNS lookups still received IPv6 addresses info and all worked.
Since doing the stateless DHCPv6 with the IPv6 addresses, I know get DNS server IPv6 addresses on Wi-Fi devices as well. It's just the one's created from SLAAC info that are hit and miss. Sometimes they appear, sometimes not. Hence my thinking that somethings going on with multicast.
One for another day!
Since doing the stateless DHCPv6 with the IPv6 addresses, I know get DNS server IPv6 addresses on Wi-Fi devices as well. It's just the one's created from SLAAC info that are hit and miss. Sometimes they appear, sometimes not. Hence my thinking that somethings going on with multicast.
One for another day!
12
23.7 Legacy Series / Re: DNS Priority, IPv4, IPv6
« on: November 18, 2023, 06:05:55 pm »
QUICK UPDATE
I set:
Interfaces>LAN to 'Allow manual adjustment of DHCPv6 and Router Advertisements' (checked);
Services>Router Advertisements>LAN Router Advertisements to 'Stateless';
Services>DHCPv6>LAN to enabled; no range entered; and DNS servers of fe80::5a9c:fcff:fe10:6d75 (link-local of my OPNsense) and 2606:4700:4700::1111 (Cloudflare).
On Windows on wired LAN I get DNS servers listed as follows:
On Windows on WiFi, I get the same but without the 2a02:xxxx:xxxx:xxxx:xxxx:fcff:fe10:6d75 which I think is via SLAAC / RA.
iPhones give the same but IPv4 first. I.e.
192.168.0.1;
1.1.1.1;
fe80::5a9c:fcff:fe10:6d75 and
2606:4700:4700::1111.
No 2a02 global address.
I can't face turning on my wife's Mac but I suspect similar to Windows on Wi-Fi.
It looks very much as if my UniFi Access Points or Controller aren't passing through DNS server addresses from Router Advertisements. I wonder if its a multicast thing? (Does client router solicitation use multicast??)
Anyway, wine and food are calling. Thanks for listening, and I hope it's of use to someone, sometime.
I set:
Interfaces>LAN to 'Allow manual adjustment of DHCPv6 and Router Advertisements' (checked);
Services>Router Advertisements>LAN Router Advertisements to 'Stateless';
Services>DHCPv6>LAN to enabled; no range entered; and DNS servers of fe80::5a9c:fcff:fe10:6d75 (link-local of my OPNsense) and 2606:4700:4700::1111 (Cloudflare).
On Windows on wired LAN I get DNS servers listed as follows:
Code: [Select]
DNS Servers . . . . . . . . . . . : fe80::5a9c:fcff:fe10:6d75%9
2606:4700:4700::1111
192.168.0.1
1.1.1.1
2a02:xxxx:xxxx:xxxx:xxxx:fcff:fe10:6d75 (note: global address of OPNsense LAN interface)
On Windows on WiFi, I get the same but without the 2a02:xxxx:xxxx:xxxx:xxxx:fcff:fe10:6d75 which I think is via SLAAC / RA.
iPhones give the same but IPv4 first. I.e.
192.168.0.1;
1.1.1.1;
fe80::5a9c:fcff:fe10:6d75 and
2606:4700:4700::1111.
No 2a02 global address.
I can't face turning on my wife's Mac but I suspect similar to Windows on Wi-Fi.
It looks very much as if my UniFi Access Points or Controller aren't passing through DNS server addresses from Router Advertisements. I wonder if its a multicast thing? (Does client router solicitation use multicast??)
Anyway, wine and food are calling. Thanks for listening, and I hope it's of use to someone, sometime.
13
23.7 Legacy Series / Re: DNS Priority, IPv4, IPv6
« on: November 18, 2023, 05:48:59 pm »
Thanks @Maurice
I suspect the UniFi Access points and controller aren't playing too nicely with SLAAC DNS server addresses. The update below shows that the SLAAC / RA advertised 2a02:xxxx:xxxx:xxxx:xxxx:fcff:fe10:6d75 address doesn't reliably get though to any Wi-Fi clients. The ones entered in DHCPv6 settings do get through, so all is good.
For maximum compatibility I won't let anyone with an Android device enter the house.
Thanks again - it's appreciated.
I suspect the UniFi Access points and controller aren't playing too nicely with SLAAC DNS server addresses. The update below shows that the SLAAC / RA advertised 2a02:xxxx:xxxx:xxxx:xxxx:fcff:fe10:6d75 address doesn't reliably get though to any Wi-Fi clients. The ones entered in DHCPv6 settings do get through, so all is good.
For maximum compatibility I won't let anyone with an Android device enter the house.
Thanks again - it's appreciated.
14
23.7 Legacy Series / Re: DNS Priority, IPv4, IPv6
« on: November 18, 2023, 05:09:28 pm »For stateless DHCPv6, set the Router Advertisements to "Stateless" and enable the DHCPv6 server, but don't specify an address range there.
Perfect - thank you. I had, as a test, reverted to "Allow manual adjustment of DHCPv6 and Router Advertisements" disabled". It corrected the IPv6/IPv4 order thing, but I was getting additional IPv6 addresses - presumably one from DHCPv6, and Windows generated ones from SLAAC.
I have just tried your suggested stateless setting. It gets rid of the extra permanent IPv6. On wired LAN windows client it's good, albeit it with repeated IPv6 DNS server addresses. On a Wi-Fi windows clients, ipconfig /all doesn't show any IPv6 DNS server addresses at all!
I'll play a little longer, but suspect I will eventually give up on this one!
Thanks again
15
23.7 Legacy Series / Re: DNS Priority, IPv4, IPv6
« on: November 18, 2023, 04:19:21 pm »
@maurice
Sorry - I feel a bit dumb, but a search isn't really helping. How do you enable DHCPv6 in stateless mode?
Thanks
Sorry - I feel a bit dumb, but a search isn't really helping. How do you enable DHCPv6 in stateless mode?
Thanks
Pages: [1] 2