Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Mechanix

Pages1

25.7, 25.10 Series / Re: Telegraf plugin: set source inteface

September 08, 2025, 11:24:16 AM

Thanks for your reply. Need to figure out why I can' t bind the address tough:

Code Select

E! [agent] Error writing to outputs.influxdb_v2: Post "http://xxxx.2:8086/api/v2/write?bucket=opnsense&org=Proxmox": dial tcp yyy.1:0->xxx.2:8086: bind: can't assign requested address

Edit: got it working . Thanks

25.7, 25.10 Series / Telegraf plugin: set source inteface

September 06, 2025, 10:16:41 AM

I have a Opnsense instance running behind a WireGuard Tunnel. The issue is, that telegraf binds automatically to WG0 interface which is not part of the encrypted traffic and gets dropped.
Is there a way to set the local_address mentioned in the release notes: https://docs.influxdata.com/telegraf/v1/release-notes/

Thanks

P.S.

I'm using:
os-telegraf (installed) 1.12.13

https://github.com/influxdata/telegraf/tree/master/plugins/outputs/influxdb_v2
---

25.1, 25.4 Series / Re: NPTv6 not working as expected

February 16, 2025, 04:42:29 PM

Thanks for you reply. That bi-net log entry comes because I've enable logging on the NPTv4 sequence.
How did you configure the loopback to track your WAN?

Edit: I've found it and its working! Thanks for the hint.

Wonder why this has changed from 25.1 to 25.1.1 though

25.1, 25.4 Series / NPTv6 not working as expected

February 16, 2025, 03:01:34 PM

So here a little background:
My Opnsense is configured behind a FritzBox (doing PPPoE Passthrough). From my ISP I get a /56 prefix so plenty of room to delegate to VLANs.The Fritzbox is configured to assign IPv6 prefixes (IA_PD)
So far, the Opnsense gets prefix

Code Select

cat /tmp/pppoe0_prefixv6
2001:xxx:xxx:9300::/56

The LAN interfaces, which track the PPPoE interface, all get a /64 address assigned. Since I'm using many Android devices in my network, I configured the Route Advertisements to "Assisted" to have both DHCPv6 and SLAAC.
So far everything works as expected with the IPv6 connectivity (all IPv6 online tests pass)

Now here comes the rub. I'm also using Wireguard in dual stack. Since the ISP changes the prefix pretty often I decided to use ULA.
For the IPv6 server address I've assigned a additional ULA address, lets say fd00:1234:5678:10:1/64 and the clients starting with fd00:1234:5678:10:2/128
I've also configured NPTv6 for the ULA like this:

Code Select

Interface: PPPoE
Internal IPv6 Prefix (source): fd00:1234:5678:10::/64
External IPv6 Prefix (target): empty
Track interface: LAN

I can ping6 the Wireguard server interfaces as well as all internal IPv6 interfaces but the internet connectivity fails.

From the logs I can see the ipv6-icmp going from the WG1 to PPPoE interface but the source address is not correctly NAT-ed:

Code Select

PPPoE		2025-02-16T14:58:44	fd00:1234:5678::3	2001:4860:4860::8888	ipv6-icmp	let out anything from firewall host itself	
PPPoE		2025-02-16T14:58:44	fd00:1234:5678:10::3	2001:4860:4860::8888	ipv6-icmp	binat rule	
WG1		2025-02-16T14:58:44	fd00:1234:5678:10::3	2001:4860:4860::8888	ipv6-icmp	WireGuard LAN Access

I recently upgraded to 25.1.1.

Is this issue known, or am I missing something in my configuration?

Thanks

Pages1