Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - jobraun2

Pages1
#1
25.1, 25.4 Production Series / Re: No IPv6 Adress after Interface Reload on PPPoE over IPv6 / DHCPv6
April 13, 2025, 10:05:09 PM
Today I didn't restart my OPNsense and noticed that it fixed itself later on the day.

My interface reset cronjob was 4:00, it fixed itself 18:53 - not sure why, is there a lease time that can expire?



Code Select
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (execute task : wireguard_sync())
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (execute task : webgui_configure_do(,[opt13,opt7,opt2,opt12]))
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (execute task : vxlan_configure_do())
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (execute task : unbound_configure_do(,[opt13,opt7,opt2,opt12]))
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (execute task : openssh_configure_do(,[opt13,opt7,opt2,opt12]))
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (execute task : opendns_configure_do())
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (execute task : ntpd_configure_do())
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (execute task : dnsmasq_configure_do())
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (execute task : dhcrelay_configure_if(,[opt13,opt7,opt2,opt12],inet6))
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure newwanip (,[opt13,opt7,opt2,opt12],inet6)
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure vpn (execute task : wireguard_configure_do())
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure vpn (execute task : openvpn_configure_do(,[opt13,opt7,opt2,opt12]))
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure vpn (execute task : ipsec_configure_do(,[opt13,opt7,opt2,opt12]))
2025-04-13T18:53:16 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure vpn (,[opt13,opt7,opt2,opt12],inet6)
2025-04-13T18:53:14 Notice opnsense /usr/local/etc/rc.syshook.d/monitor/20-recover: plugins_configure monitor (execute task : dpinger_configure_do(1,[WANGIGANETZ_DHCP6]))
2025-04-13T18:53:14 Notice opnsense /usr/local/etc/rc.syshook.d/monitor/20-recover: plugins_configure monitor (1,[WANGIGANETZ_DHCP6])
2025-04-13T18:53:14 Warning opnsense /usr/local/etc/rc.routing_configure: ROUTING: gateway IP could not be found for 10.86.64.0/20
2025-04-13T18:53:14 Notice opnsense /usr/local/etc/rc.routing_configure: ROUTING: keeping inet6 default route to fe80::8a90:9ff:fe68:a06b%pppoe1
2025-04-13T18:53:14 Notice opnsense /usr/local/etc/rc.routing_configure: ROUTING: configuring inet6 default gateway on opt13
2025-04-13T18:53:14 Notice opnsense /usr/local/etc/rc.routing_configure: ROUTING: keeping inet default route to 62.155.246.150
2025-04-13T18:53:14 Notice opnsense /usr/local/etc/rc.routing_configure: ROUTING: configuring inet default gateway on wan
2025-04-13T18:53:14 Notice opnsense /usr/local/etc/rc.routing_configure: ROUTING: treating '62.155.246.150' as far gateway for '79.251.215.129/32'
2025-04-13T18:53:14 Notice opnsense /usr/local/etc/rc.routing_configure: ROUTING: entering configure using defaults
2025-04-13T18:53:14 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure monitor (execute task : dpinger_configure_do(,[WANGIGANETZ_DHCP6]))
2025-04-13T18:53:14 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure monitor (,[WANGIGANETZ_DHCP6])
2025-04-13T18:53:14 Warning opnsense /usr/local/etc/rc.newwanipv6: ROUTING: gateway IP could not be found for 10.86.64.0/20
2025-04-13T18:53:14 Notice opnsense /usr/local/etc/rc.newwanipv6: ROUTING: keeping inet6 default route to fe80::8a90:9ff:fe68:a06b%pppoe1
2025-04-13T18:53:14 Notice opnsense /usr/local/etc/rc.newwanipv6: ROUTING: configuring inet6 default gateway on opt13
2025-04-13T18:53:14 Notice opnsense /usr/local/etc/rc.newwanipv6: ROUTING: entering configure using opt13, opt7, opt2, opt12
2025-04-13T18:53:14 Warning radvd exiting, 1 sigterm(s) received
2025-04-13T18:53:13 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure dhcp (execute task : radvd_configure_dhcp(,inet6))
2025-04-13T18:53:13 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure dhcp (execute task : dhcpd_dhcp_configure(,inet6))
2025-04-13T18:53:13 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure dhcp (,inet6)
2025-04-13T18:53:13 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure monitor (execute task : dpinger_configure_do(,[WANGIGAGIFV4_TUNNELV4]))
2025-04-13T18:53:13 Notice opnsense /usr/local/etc/rc.newwanipv6: plugins_configure monitor (,[WANGIGAGIFV4_TUNNELV4])
2025-04-13T18:53:13 Warning opnsense /usr/local/etc/rc.newwanipv6: ROUTING: gateway IP could not be found for 10.86.64.0/20
2025-04-13T18:53:13 Notice opnsense /usr/local/etc/rc.newwanipv6: ROUTING: entering configure using opt9
2025-04-13T18:53:12 Notice opnsense /usr/local/etc/rc.newwanipv6: IP renewal starting (address: 2a01:41e3:4000::2:75e2, interface: opt13, device: pppoe1)
2025-04-13T18:53:09 Notice dhcp6c dhcp6c_script: REQUEST on pppoe1 renewal
2025-04-13T18:53:09 Notice dhcp6c dhcp6c_script: REQUEST on pppoe1 executing
2025-04-13T18:53:07 Notice dhcp6c dhcp6c_script: RENEW on pppoe0 executing
#2
25.1, 25.4 Production Series / No IPv6 Adress after Interface Reload on PPPoE over IPv6 / DHCPv6
April 10, 2025, 06:25:05 PM
This is my current configuration: https://forum.opnsense.org/index.php?topic=46665.0

Unfortunately Deutsche Giganetz is forcing a PPPoE Reconnect after 24 hours ... and the interface doesn't come up afterwards.

Manually doing an Interface reload in the Overview is also breaking the connection.
Looks like it pppoe session comes up (I've CHAP SUCESS in my logs) - but it looks like it's not doing the DHCPv6 request afterwards to get an IP on the Interface.

Would appreciate any hint in the right direction :)

How can I manually trigger the DHCPv6 Request?

Thanks!

You cannot view this attachment.

Interface reload (broken):
You cannot view this attachment.

You cannot view this attachment.

After Reboot (working):
You cannot view this attachment.
#3
25.1, 25.4 Production Series / Re: Wazuh - How to get the filterlogs?
April 09, 2025, 09:44:08 PM
Do you have archive logs enabled in Wazuh? (wazuh-archives-* index)
#4
25.1, 25.4 Production Series / Re: IPv6 Only PPPoE with AFTR/GIF Tunnel for IPv4 Connectivity (Deutsche Giganetz)
April 01, 2025, 10:42:16 PM
Something I also played around with - did some more try and error, adding 1452 MSS to the gif Interface and everything starts to work:

Seems to work - in case sombody has a better suggestion - I volunteer to test ;)


You cannot view this attachment.

#5
25.1, 25.4 Production Series / IPv6 Only PPPoE with AFTR/GIF Tunnel for IPv4 Connectivity (Deutsche Giganetz)
April 01, 2025, 04:21:39 PM
Hey, so I just got my new Fiber Connection from Deutsche Giganetz - provider is mentioned a few times for older releases of OPNsense on the forum.

I've some really strange issues that I would like to share, but first my Config:

The provider requires PPPoE on VLAN 7 on IPv6 and a GIF Tunnel (AFTR / RFC6333 https://www.lacnic.net/innovaportal/file/5522/1/ds-lite-en.pdf)

VLAN Config / PPPoE Config:

You cannot view this attachment.

WAN Config:

You cannot view this attachment.

So far good so good - working IPv6 Connectivity, with Track Interface also from LAN.



Now the tricky part configuring Legacy IP:

You cannot view this attachment.

Created a GIF Device, assigned it to a new Interface - tunnel comes up and I've IPv4 Connectivity. (Same AFIR that FritzBox automatically configures, with Tunnel IPs from RFC)

From a device in LAN I'm able to do ping and traceroute:

Code Select
C:\Users\user>ping 1.1

Ping wird ausgeführt für 1.0.0.1 mit 32 Bytes Daten:
Antwort von 1.0.0.1: Bytes=32 Zeit=3ms TTL=57
Antwort von 1.0.0.1: Bytes=32 Zeit=4ms TTL=57
Antwort von 1.0.0.1: Bytes=32 Zeit=4ms TTL=57
Antwort von 1.0.0.1: Bytes=32 Zeit=4ms TTL=57

Ping-Statistik für 1.0.0.1:
    Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0
    (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 3ms, Maximum = 4ms, Mittelwert = 3ms

C:\Users\user>tracert 1.1

Routenverfolgung zu one.one.one.one [1.0.0.1]
über maximal 30 Hops:

  1    <1 ms    <1 ms    <1 ms  OPNsense.localdomain [192.168.1.1]
  2     2 ms     2 ms     2 ms  100.83.142.141
  3     7 ms     3 ms     3 ms  100.83.140.62
  4     3 ms     3 ms     2 ms  100.83.140.234
  5     3 ms     2 ms     2 ms  100.83.140.33
  6     6 ms     4 ms     *     de-cix-frankfurt.as13335.net [80.81.193.129]
  7    39 ms     8 ms    18 ms  162.158.84.137
  8     4 ms     3 ms     3 ms  one.one.one.one [1.0.0.1]

From my understanding everything should be fine at this point - however it isn't.

Webpages that only support IPv4 are still broken in a really strange way - most webpages do not work, but there are also some exceptions:

For example, GitHub over HTTP works (returns redirect to HTTPS), Github over HTTPS does run into a timeout, a server that I started at netcup for testing works via IPv4.

On the firewall itself I can do a curl to https://github.com perfectly fine without any issues.

I don't see anything blocked in the livelog and there are only any rules, as I installed a new firewall for testing this.


This issue is soo strange that I'm out of ideas - with the FritzBox provided by GigaNetz everything is fine ...

I tried configuring an Outbound NAT for the Interface attached to the GIF Device, however that didn't help.

Would appriciate any ideas :)
Pages1