"
Yep! Much better. I can still hear the cpu fan and see higher CPU usage when on the dashboard, but it doesn't freeze anymore and dashboard performance are good. Thank you kindly!!
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
24.7, 24.10 Legacy Series / Re: OPNSense 24.10 Business - Dashboard Performance
October 22, 2024, 12:10:41 PM #2
24.7, 24.10 Legacy Series / OPNSense 24.10 Business - Dashboard Performance
October 18, 2024, 02:17:00 PM
Hi,
Just wanted to point out that the dashboard after the upgrade, looks really good.
That said, one of the widget (Firewall) ends up crashing the browser tab after a few minutes. I was able to see from the debugging console that a lot of calls to a function took 89% of the rendering performance. Removing the widget fixes the issue. My guess is that it's polling real-time all firewall events, and when you have moderate traffic, it starts causing freezes and the tab eventually crash with a SIGTerm. The same behaviour on both, main and ha appliance.
Not a huge issue, but still a bit annoying.
Thanks for all the work on opnsense!
Just wanted to point out that the dashboard after the upgrade, looks really good.
That said, one of the widget (Firewall) ends up crashing the browser tab after a few minutes. I was able to see from the debugging console that a lot of calls to a function took 89% of the rendering performance. Removing the widget fixes the issue. My guess is that it's polling real-time all firewall events, and when you have moderate traffic, it starts causing freezes and the tab eventually crash with a SIGTerm. The same behaviour on both, main and ha appliance.
Not a huge issue, but still a bit annoying.
Thanks for all the work on opnsense!
#3
24.1, 24.4 Legacy Series / Kea DHCP - High Availability/HA Setup/Migration
May 21, 2024, 06:12:14 PM
Hey All,
I went ahead and did the transition from ISC to Full HA Kea on 24, and it was a pretty smooth transition. As I find the current documentation for HA between 2 OPNSense/CARP a bit lacking, I tought I was going to create a post that might help someone in the future.
Here are the steps I took (all actions were done on the Primary - no configuration needed on the Secondary other than config sync) :
1) Created the subnets - UNCHECK Auto collect option data - As we need to configure our CARP IPs here.
2) I created 1 reservation and exported to CSV - So I could use the CSV to import my ISC reservations - and it was much faster. I opened a new window and looked at all the leases in ISC - then it's a copy-paste game.
3) Import reservations
4) Enabled the Control Agent (Be sure not to use a port that already is used. I used 8101 for agent, and 8111 for Peers configuration - they need to be different)
5) Enable HA in Kea -> Settings -> High Availability, take note of the hostname there.
6) Add The Peers in the Peers tab - I used both of the PFSYNC interface IPs for my primary and secondary OPNSense. I am not sure this is the best practice, but I tough it was going to be ideal as other than PFSYNC - there is no other traffic on that network.
a.
- Primary: Hostname (as showed in the HA section of Settings - basically your OPNSense hostname)
- URL: PFSYNC Interface IP (http://x.x.x.1:8111/) - make sure whatever port you use is free - it cannot be the same as the agent.
b.
- Standby: Hostname: Your Secondary OPNSense Hostname
- URL: Your secondary OPNSense PFSYNC interface IP (http://x.x.x.2:8111/) make sure whatever port you use is free - it cannot be the same as the agent.
6) In System - HA - Settings, I checked the "Kea DHCP" service - Save
7) System - HA - Status - Trigger a full Sync
8) Check that the HA peer received the Kea Configuration after the Sync
9) Go in ISC DHCP, and disable all interfaces 1 by 1 - you should then see the "dhcpd" service disapear from the services in the dashboard. Once all interfaces are disabled, dhcpd should be completly stopped.
10) Kea -> Settings -> Check "Enabled" - Save. This should start the Kea Service - you can check at the logs if it doesn't start (I made a typo in one of the pool, and it prevents the service from starting but it does tell you where the issue is).
11) Resync HA Unit from System -> HA
12) Checked the logs to make sure that communication is working between both Kea Peers - check the logs and you should see stuff like "INFO [kea-dhcp4.commands.0x835f1ed00] COMMAND_RECEIVED Received command 'ha-heartbeat'"
13) Test your new DHCP.
It's now up and running, and everything runs smoothly for my needs with the current feature set.
Feel free to point out any areas of improvement or potential issues - as there might be stuff I neglected/didn't know...
Regards
I went ahead and did the transition from ISC to Full HA Kea on 24, and it was a pretty smooth transition. As I find the current documentation for HA between 2 OPNSense/CARP a bit lacking, I tought I was going to create a post that might help someone in the future.
Here are the steps I took (all actions were done on the Primary - no configuration needed on the Secondary other than config sync) :
1) Created the subnets - UNCHECK Auto collect option data - As we need to configure our CARP IPs here.
2) I created 1 reservation and exported to CSV - So I could use the CSV to import my ISC reservations - and it was much faster. I opened a new window and looked at all the leases in ISC - then it's a copy-paste game.
3) Import reservations
4) Enabled the Control Agent (Be sure not to use a port that already is used. I used 8101 for agent, and 8111 for Peers configuration - they need to be different)
5) Enable HA in Kea -> Settings -> High Availability, take note of the hostname there.
6) Add The Peers in the Peers tab - I used both of the PFSYNC interface IPs for my primary and secondary OPNSense. I am not sure this is the best practice, but I tough it was going to be ideal as other than PFSYNC - there is no other traffic on that network.
a.
- Primary: Hostname (as showed in the HA section of Settings - basically your OPNSense hostname)
- URL: PFSYNC Interface IP (http://x.x.x.1:8111/) - make sure whatever port you use is free - it cannot be the same as the agent.
b.
- Standby: Hostname: Your Secondary OPNSense Hostname
- URL: Your secondary OPNSense PFSYNC interface IP (http://x.x.x.2:8111/) make sure whatever port you use is free - it cannot be the same as the agent.
6) In System - HA - Settings, I checked the "Kea DHCP" service - Save
7) System - HA - Status - Trigger a full Sync
8) Check that the HA peer received the Kea Configuration after the Sync
9) Go in ISC DHCP, and disable all interfaces 1 by 1 - you should then see the "dhcpd" service disapear from the services in the dashboard. Once all interfaces are disabled, dhcpd should be completly stopped.
10) Kea -> Settings -> Check "Enabled" - Save. This should start the Kea Service - you can check at the logs if it doesn't start (I made a typo in one of the pool, and it prevents the service from starting but it does tell you where the issue is).
11) Resync HA Unit from System -> HA
12) Checked the logs to make sure that communication is working between both Kea Peers - check the logs and you should see stuff like "INFO [kea-dhcp4.commands.0x835f1ed00] COMMAND_RECEIVED Received command 'ha-heartbeat'"
13) Test your new DHCP.
It's now up and running, and everything runs smoothly for my needs with the current feature set.
Feel free to point out any areas of improvement or potential issues - as there might be stuff I neglected/didn't know...
Regards
Pages1
