Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - FSeidinger

Pages1
#1
24.7, 24.10 Series / Re: Dashboard shows wrong gateway for PPPOE
December 27, 2024, 07:08:52 PM
Quote from: dseven on December 27, 2024, 05:23:17 PM
Quote from: FSeidinger on December 27, 2024, 04:52:31 PMSo to be more precisely, the dashboard shows not the ip addresses of the PPPOE interface but its the default gateways.
Which widget are you talking about? "Gateways" or "Interfaces"?

This one:



It says gateways, but I expected that is shows the external ip addresses of my router. Also it shows a package loss of 100% for the ipv6 part because  it is no real interface.
#2
24.7, 24.10 Series / Re: Dashboard shows wrong gateway for PPPOE
December 27, 2024, 04:52:31 PM
Quote from: Patrick M. Hausen on December 26, 2024, 07:19:26 PMWhat makes you think these addresses are not external?

The WAN interface has two assigned addresses. Both are ipv6. One is a link local address with
Code Select
fe80::aab8:e0ff:fe02:53c3%igc0. The  second one is the address that it got from the providers static address pool starting with
Code Select
2001:4dd0. The WAN interface has no assigned ipv4 addresses.

The PPPOE interface has one ipv4 address and three ipv6 addresses. The ipv4 address is the one assigned from the providers static ipv4 address pool starting with
Code Select
87.79. The first two ipv6 addresses are also ipv6 link local addresses
Code Select
fe80::aab8:e0ff:fe02:53c3%pppoe0 and
Code Select
fe80::aab8:e0ff:fe02:53c4%pppoe0. The third ipv6 address is the address it got from the providers static pool starting with
Code Select
2001:4dd0
The address shown in the dashboard
Code Select
195.14.226.161 and fe80::200:ff:fe00:0 are the default gateways and are not assigned to any interface of my router. The ipv4 gateway points to a router in the providers network.

So to be more precisely, the dashboard shows not the ip addresses of the PPPOE interface but its the default gateways.
#3
24.7, 24.10 Series / Dashboard shows wrong gateway for PPPOE
December 26, 2024, 03:54:41 PM
Hey Forum,

I'm using OPNsense with a PPPOE connection. The connection works fine so far, but the dashboard widget does not show the external IP addresses assigned to the interface but the internal ones.

So in my case the widget shows the following addresses:

WAN_DHCP6: fe80::200:ff:fe00:0
WAN_PPPOE: 195.14.226.161

Is there any way to configure that the external addresses are displayed?
#4
24.7, 24.10 Series / Re: WAN Connection Drop on renew or new DHCP IP address
December 25, 2024, 05:26:52 PM
It turned out to be a hardware problem. I had also reported the connection interruptions to my provider, and they send a technician. He brought a device to measure my DSL line and saw some disconnections.

He tested the line from the handover point in the house up to my VDSL modem. He found a connection socket where the wires were only twisted together and already corroded. He fixed that with a new cable connector and after that the dropouts were gone.
#5
24.7, 24.10 Series / Re: WAN Connection Drop on renew or new DHCP IP address
November 09, 2024, 11:00:51 PM
I have similar problems. About 3 to ten times a day my IP renewal on the WAN interface via PPPOE gives an error and the whole IP connection is dropped and build up again leading to around 1 to five minutes of internet disconnect.

This is most annoying if in a call and my citrix session to the customers network breaks down. My log looks similar to yours. If searching the forum I found around three other posts haven the same problem but go not answer so far.

Here is my log in the hope that it draws some attention to the experts for answers.

Code Select

2024-11-09T16:58:52+01:00 dhcp6c 57687    - [meta sequenceId="1"] dhcp6c_script: RENEW on pppoe0 executing
2024-11-09T20:53:52+01:00 opnsense 36180  - [meta sequenceId="1"] /usr/local/etc/rc.newwanip: Failed to detect IP for interface wan
2024-11-09T20:56:03+01:00 dhcp6c 85458    - [meta sequenceId="1"] RTSOLD script - Sending SIGHUP to dhcp6c
2024-11-09T20:56:03+01:00 dhcp6c 44185    - [meta sequenceId="2"] transmit failed: Can't assign requested address
2024-11-09T20:56:03+01:00 dhcp6c 87980    - [meta sequenceId="3"] RTSOLD script - Sending SIGHUP to dhcp6c
2024-11-09T20:56:04+01:00 dhcp6c 21       - [meta sequenceId="4"] RTSOLD script - Sending SIGHUP to dhcp6c
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="5"] /usr/local/etc/rc.newwanip: IP renewal starting (new: 87.79.80.156, old: 87.79.80.156, interface: wan, device: pppoe0, force: yes)
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="6"] /usr/local/etc/rc.newwanip: ROUTING: entering configure using wan
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="7"] /usr/local/etc/rc.newwanip: ROUTING: treating '195.14.226.161' as far gateway for '87.79.80.156/32'
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="8"] /usr/local/etc/rc.newwanip: ROUTING: configuring inet default gateway on wan
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="9"] /usr/local/etc/rc.newwanip: ROUTING: setting inet default route to 195.14.226.161
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="10"] /usr/local/etc/rc.newwanip: plugins_configure monitor (,[WAN_PPPOE])
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="11"] /usr/local/etc/rc.newwanip: plugins_configure monitor (execute task : dpinger_configure_do(,[WAN_PPPOE]))
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="12"] /usr/local/etc/rc.newwanip: plugins_configure vpn_map (,wan,inet)
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="13"] /usr/local/etc/rc.newwanip: plugins_configure vpn_map (execute task : ipsec_configure_do(,wan))
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="14"] /usr/local/etc/rc.newwanip: plugins_configure vpn_map (execute task : openvpn_configure_do(,wan))
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="15"] /usr/local/etc/rc.newwanip: plugins_configure vpn_map (execute task : wireguard_configure_do())
2024-11-09T20:56:04+01:00 dhcp6c 44185    - [meta sequenceId="16"] transmit failed: Can't assign requested address
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="17"] /usr/local/etc/rc.newwanip: plugins_configure vpn (,wan)
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="18"] /usr/local/etc/rc.newwanip: plugins_configure newwanip (,wan)
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="19"] /usr/local/etc/rc.newwanip: plugins_configure newwanip_map (,wan,inet)
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="20"] /usr/local/etc/rc.newwanip: plugins_configure newwanip_map (execute task : dhcrelay_configure_if(,wan,inet))
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="21"] /usr/local/etc/rc.newwanip: plugins_configure newwanip_map (execute task : dnsmasq_configure_do())
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="22"] /usr/local/etc/rc.newwanip: plugins_configure newwanip_map (execute task : ntpd_configure_do())
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="23"] /usr/local/etc/rc.newwanip: plugins_configure newwanip_map (execute task : opendns_configure_do())
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="24"] /usr/local/etc/rc.newwanip: plugins_configure newwanip_map (execute task : openssh_configure_do(,wan))
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="25"] /usr/local/etc/rc.newwanip: plugins_configure newwanip_map (execute task : unbound_configure_do(,wan))
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="26"] /usr/local/etc/rc.newwanip: plugins_configure newwanip_map (execute task : vxlan_configure_do())
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="27"] /usr/local/etc/rc.newwanip: plugins_configure newwanip_map (execute task : webgui_configure_do(,wan))
2024-11-09T20:56:04+01:00 opnsense 89117  - [meta sequenceId="28"] /usr/local/etc/rc.newwanip: plugins_configure newwanip_map (execute task : wireguard_sync())
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="29"] /usr/local/etc/rc.newwanipv6: IP renewal starting (address: fe80::aab8:e0ff:fe02:53c3%pppoe0, interface: wan, device: pppoe0)
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="30"] /usr/local/etc/rc.newwanipv6: plugins_configure dhcp (,inet6)
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="31"] /usr/local/etc/rc.newwanipv6: plugins_configure dhcp (execute task : dhcpd_dhcp_configure(,inet6))
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="32"] /usr/local/etc/rc.newwanipv6: dhcpd_dhcp6_configure() found no suitable IPv6 address on opt2(igc4)
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="33"] /usr/local/etc/rc.newwanipv6: dhcpd_dhcp6_configure() found no suitable IPv6 address on opt1(igc3)
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="34"] /usr/local/etc/rc.newwanipv6: dhcpd_dhcp6_configure() found no suitable IPv6 address on opt3(igc2)
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="35"] /usr/local/etc/rc.newwanipv6: dhcpd_dhcp6_configure() found no suitable IPv6 address on lan(igc1)
2024-11-09T20:56:07+01:00 dhcp6c 35713    - [meta sequenceId="36"] dhcp6c_script: REQUEST on pppoe0 executing
2024-11-09T20:56:07+01:00 dhcp6c 39757    - [meta sequenceId="37"] dhcp6c_script: REQUEST on pppoe0 renewal
2024-11-09T20:56:07+01:00 radvd 58723     - [meta sequenceId="38"] exiting, 1 sigterm(s) received
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="39"] /usr/local/etc/rc.newwanipv6: ROUTING: entering configure using wan, opt3, opt1, lan, opt2
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="40"] /usr/local/etc/rc.newwanipv6: ROUTING: configuring inet6 default gateway on wan
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="41"] /usr/local/etc/rc.newwanipv6: ROUTING: keeping inet6 default route to fe80::200:ff:fe00:0%pppoe0
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="42"] /usr/local/etc/rc.newwanipv6: plugins_configure monitor (,[WAN_DHCP6])
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="43"] /usr/local/etc/rc.newwanipv6: plugins_configure monitor (execute task : dpinger_configure_do(,[WAN_DHCP6]))
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="44"] /usr/local/etc/rc.newwanipv6: plugins_configure vpn_map (,wan,opt3,opt1,lan,opt2,inet6)
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="45"] /usr/local/etc/rc.newwanipv6: plugins_configure vpn_map (execute task : ipsec_configure_do(,wan,opt3,opt1,lan,opt2))
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="46"] /usr/local/etc/rc.newwanipv6: plugins_configure vpn_map (execute task : openvpn_configure_do(,wan,opt3,opt1,lan,opt2))
2024-11-09T20:56:07+01:00 opnsense 96788  - [meta sequenceId="47"] /usr/local/etc/rc.newwanipv6: plugins_configure vpn_map (execute task : wireguard_configure_do())
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="48"] /usr/local/etc/rc.newwanipv6: plugins_configure vpn (,wan)
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="49"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (,wan)
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="50"] /usr/local/etc/rc.newwanipv6: plugins_configure vpn (,opt3)
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="51"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (,opt3)
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="52"] /usr/local/etc/rc.newwanipv6: plugins_configure vpn (,opt1)
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="53"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (,opt1)
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="54"] /usr/local/etc/rc.newwanipv6: plugins_configure vpn (,lan)
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="55"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (,lan)
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="56"] /usr/local/etc/rc.newwanipv6: plugins_configure vpn (,opt2)
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="57"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (,opt2)
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="58"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip_map (,wan,opt3,opt1,lan,opt2,inet6)
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="59"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip_map (execute task : dhcrelay_configure_if(,wan,opt3,opt1,lan,opt2,inet6))
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="60"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip_map (execute task : dnsmasq_configure_do())
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="61"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip_map (execute task : ntpd_configure_do())
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="62"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip_map (execute task : opendns_configure_do())
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="63"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip_map (execute task : openssh_configure_do(,wan,opt3,opt1,lan,opt2))
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="64"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip_map (execute task : unbound_configure_do(,wan,opt3,opt1,lan,opt2))
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="65"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip_map (execute task : vxlan_configure_do())
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="66"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip_map (execute task : webgui_configure_do(,wan,opt3,opt1,lan,opt2))
2024-11-09T20:56:08+01:00 opnsense 96788  - [meta sequenceId="67"] /usr/local/etc/rc.newwanipv6: plugins_configure newwanip_map (execute task : wireguard_sync())
2024-11-09T20:56:11+01:00 opnsense 43135  - [meta sequenceId="68"] /usr/local/etc/rc.newwanipv6: IP renewal starting (address: fe80::aab8:e0ff:fe02:53c3%pppoe0, interface: wan, device: pppoe0)
2024-11-09T20:56:11+01:00 opnsense 43135  - [meta sequenceId="69"] /usr/local/etc/rc.newwanipv6: plugins_configure dhcp (,inet6)
2024-11-09T20:56:11+01:00 opnsense 43135  - [meta sequenceId="70"] /usr/local/etc/rc.newwanipv6: plugins_configure dhcp (execute task : dhcpd_dhcp_configure(,inet6))
2024-11-09T20:56:11+01:00 opnsense 43135  - [meta sequenceId="71"] /usr/local/etc/rc.newwanipv6: The command '/bin/kill -'TERM' '52836''(pid:/var/dhcpd/var/run/dhcpdv6.pid)  returned exit code '1', the output was 'kill: 52836: No such process'
2024-11-09T20:56:11+01:00 radvd 42140     - [meta sequenceId="72"] exiting, 1 sigterm(s) received
2024-11-09T20:56:11+01:00 opnsense 43135  - [meta sequenceId="73"] /usr/local/etc/rc.newwanipv6: ROUTING: entering configure using wan, opt3, opt1, lan, opt2
2024-11-09T20:56:11+01:00 opnsense 43135  - [meta sequenceId="74"] /usr/local/etc/rc.newwanipv6: ROUTING: configuring inet6 default gateway on wan
2024-11-09T20:56:11+01:00 opnsense 43135  - [meta sequenceId="75"] /usr/local/etc/rc.newwanipv6: ROUTING: keeping inet6 default route to fe80::200:ff:fe00:0%pppoe0
2024-11-09T20:56:11+01:00 opnsense 43135  - [meta sequenceId="76"] /usr/local/etc/rc.newwanipv6: plugins_configure monitor (,[WAN_DHCP6])
#6
24.7, 24.10 Series / Re: Hand out of IPv6 DNS server fails and leads to total cut off from internt
October 15, 2024, 01:35:37 PM
Quote from: Patrick M. Hausen on October 14, 2024, 10:42:12 PM
Then did you configure the DNS server(s) in Services > ISC DHCPv6 > LAN (or whatever you named your internal interface)?

Thanks for the advise. That did the trick. I now have configured each interface it with the corresponding IPv6 address listed in the overview.
#7
24.7, 24.10 Series / Re: Hand out of IPv6 DNS server fails and leads to total cut off from internt
October 14, 2024, 06:40:01 PM
Quote from: Patrick M. Hausen on October 14, 2024, 06:25:58 PM
BIND will refuse recursive queries unless you explicitly create ACLs permitting them. Did you?

No, I didn't. But this is not the problem here. If I configure a client with the fixed IP address of the OPNSense node either with its IPv4 or its IPv6 address, DNS resolving is working as expected.

And maybe my description of the problem was kinda buggy. When I said that the clients got an invalid DNS address, I meant that they configure themself to a DNS address of fec0:0:0:ffff::1%1, fec0:0:0:ffff::2%1 and fec0:0:0:ffff::3%1. This was in the past a Microsoft infrastructure to fallback if no DNS was given out by DHCPv6.

In the article below is described, that this infrastructure is long past, but my Windows clients seem to still use it, if they get no valid DNS address by DHCPv6.

QuoteThose are default IPv6 "site local anycast" addresses for DNS that Microsoft configures automatically if no other IPv6 DNS addresses are configured. They are obsolete (site local was deprecated in 2004, see Wikipedia). See also the IETF draft IPv6 Stateless DNS Discovery.

https://superuser.com/questions/638566/strange-value-in-dns-shown-in-ipconfig

So the root cause here is that DHCPv6 does not hand out a DNS server at all and the clients use some obscure fallback shutting themself of.
#8
24.7, 24.10 Series / Hand out of IPv6 DNS server fails and leads to total cut off from internt
October 14, 2024, 06:18:33 PM
Dear Forum,

I tried my best to describe my problem and deliver the relevant information to my best knowledge.

The problem

I have a problem concerning the hand out of an IPv6 DNS Server to my network clients. They simply get an invalid IPv6 address from OPNSense and therefore cannot resolve any DNS name leading to a cut off from the internet. Although they also get an IPv4 DNS server, they to not fall back to use it.

My environment

1. I'm using the latest OPNSense version 24.7.6 on an arm based barebone with a four core Alder Lake-N 12th Gen N100 and six ethernet ports.
2. Internet access is via PPPOE using a Draytek Vigor 165 VDSL Modem.
3. Provider gives me one static IP address and a /48 static IPv6 network.
4. Using ISC bind as DNS server in a split horizon configuration, serving 4 layer 3 networks (lan, opt1, opt2 and opt3) with configured forward and reverse zones.
5. Each network has a private IPv4 /24 network and an IPv6 /64 network.

Configuration

It's a pretty basic configuration following the official OPNSense documentation regarding IPv6 bind, DHCP and RADV.

The non standard part is to configure bind to be the only DNS server on the box by disabling unbound and set the bind listening port to :53. The reason for this decision was, that I can delegate the forward zones from unbound to bind, but the reverse zones did no work. Also the resolving of the forward zones was buggy, because in about 60% of all queries, unbound did not use the ISC bind answer but fell back on the providers DNS servers and thus gave out wrong answers leading to an unreliable DNS service.

Can you think of the cause for the described problem and help me solving it?

Kind regards
Frank
Pages1