Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - dbd

Pages1
#1
26.1 Series / 1 VLAN interface not configured on boot
March 17, 2026, 02:40:10 PM
Hi.
I'm running a pair of OPNSense (26.1.4) in HA. On one of those (the backup), one VLAN interface fails to be configured on boot, resulting in CARP being disabled for it. I have 44 VLAN interfaces configured the same way. And only one has the issue (and it's always the same). It was working a few weeks/months ago (not sure when it broke exactly). During boot, I see this in system/latest.log

Code Select
<11>1 2026-03-17T13:43:06+01:00 fw-2.acme.com opnsense 554 - [meta sequenceId="267"] /usr/local/etc/rc.bootup: The command `/sbin/ifconfig -Lmv ' failed to execute (vtnet0: flags=1008802<BROADCAST,SIMPLEX,MULT
ICAST,LOWER_UP> metric 0 mtu 1500 \x09options=880028<VLAN_MTU,JUMBO_MTU,LINKSTATE,HWSTATS> \x09capabilities=990028<VLAN_MTU,JUMBO_MTU,VLAN_HWFILTER,LINKSTATE,NETMAP,HWSTATS> \x09ether bc:24:11:8a:e4:17 \x09media:
 Ethernet autoselect (10Gbase-T <full-duplex>) \x09status: active \x09supported media: \x09\x09media autoselect \x09nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> \x09drivername: vtnet0 vtnet1: flags=100894
3<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 \x09options=880028<VLAN_MTU,JUMBO_MTU,LINKSTATE,HWSTATS> \x09capabilities=990028<VLAN_MTU,JUMBO_MTU,VLAN_HWFILTER,LINKSTATE,NETMAP,HWST
ATS> \x09ether bc:24:11:2d:f0:e8 \x09media: Ethernet autoselect (10Gbase-T <full-duplex>) \x09status: active \x09supported media: \x09\x09media autoselect \x09nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
\x09drivername: vtnet1 vtnet2: flags=1008802<BROADCAST,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 \x09options=880028<VLAN_MTU,JUMBO_MTU,LINKSTATE,HWSTATS> \x09capabilities=990028<VLAN_MTU,JUMBO_MTU,VLAN_HWFILT
ER,LINKSTATE,NETMAP,HWSTATS> \x09ether bc:24:11:7d:21:ea \x09media: Ethernet autoselect (10Gbase-T <full-duplex>) \x09status: active \x09supported media: \x09\x09media autoselect \x09nd6 options=29<PERFORMNUD,IFD
ISABLED,AUTO_LINKLOCAL> \x09drivername: vtnet2 lo0: flags=1008049<UP,LOOPBACK,RUNNING,MULTICAST,LOWER_UP> metric 0 mtu 16384 \x09options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6> \x09capabilities=68
0003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6> \x09inet 127.0.0.1 netmask 0xff000000 \x09inet6 ::1 prefixlen 128 \x09inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 \x09groups: lo \x09nd6 options=21<PERFORMNUD,
AUTO_LINKLOCAL> \x09drivername: lo0 enc0: flags=0 metric 0 mtu 1536 \x09options=0 \x09capabilities=0 \x09groups: enc \x09nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> \x09drivername: enc0 pfsync0: flags=10
00041<UP,RUNNING,LOWER_UP> metric 0 mtu 1500 \x09options=0 \x09capabilities=0 \x09syncdev: vtnet2 syncpeer: 10.117.15.2 maxupd: 128 defer: off version: 1400 \x09syncok: 0 \x09groups: pfsync \x09drivername: pfsync
0 pflog0: flags=0 metric 0 mtu 33152 \x09options=0 \x09capabilities=0 \x09groups: pflog \x09drivername: pflog0 vtnet1_vlan10: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 \x09o
ptions=80000<LINKSTATE> \x09capabilities=80000<LINKSTATE> \x09ether bc:24:11:2d:f0:e8 \x09groups: vlan \x09vlan: 10 vlanproto: 802.1q vlanpcp: 0 parent interface: vtnet1 \x09media: Ethernet autoselect (10Gbase-T
<full-duplex>) \x09status: active \x09supported media: \x09\x09media autoselect \x09nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> \x09drivername: vlan0 vtnet1_vlan100: flags=1008843<UP,BROADCAST,RUNNING,SI
MPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 \x09options=80000<LINKSTATE> \x09capabilities=80000<LINKSTATE> \x09ether bc:24:11:2d:f0:e8 \x09groups: vlan \x09vlan: 100 vlanproto: 802.1q vlanpcp: 0 parent interface:
 vtnet1 \x09media: Ethernet autoselect (10Gbase-T <full-duplex>) \x09status: active \x09supported media: \x09\x09media autoselect \x09nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> \x09drivername: vlan1 vtn
et1_vlan101: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 \x09options=80000<LINKSTATE> \x09capabilities=80000<LINKSTATE> \x09ether bc:24:11:2d:f0:e8 \x09groups: vlan \x09vlan:
101 vlanproto: 802.1q vlanpcp: 0 parent interface: vtnet1 \x09media: Ethernet autoselect (10Gbase-T <full-duplex>) \x09status: active \x09supported media: \x09\x09media autoselect \x09nd6 options=29<PERFORMNUD,IF
DISABLED,AUTO_LINKLOCAL> \x09drivername: vlan2 vtnet1_vlan102: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 \x09options=80000<LINKSTATE> \x09capabilities=80000<LINKSTATE> \x09e
ther bc:24:11:2d:f0:e8 \x09groups: vlan \x09vlan: 102 vlanproto: 802.1q vlanpcp: 0 parent interface: vtnet1 \x09media: Ethernet autoselect (10Gbase-T <full-duplex>) \x09status: active \x09supported media: \x09\x0
9media autoselect \x09nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> \x09drivername: vlan3 vtnet1_vlan103: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 \x09options=80000<
LINKSTATE> \x09capabilities=80000<LINKSTATE> \x09ether bc:24:11:2d:f0:e8 \x09groups: vlan \x09vlan: 103 vlanproto: 802.1q vlanpcp: 0 parent interface: vtnet1 \x09media: Ethernet autoselect (10Gbase-T <full-duplex
>) \x09status: active \x09supported media: \x09\x09media autoselect \x09nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> \x09drivername: vlan4 vtnet1_vlan104: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTIC
AST,LOWER_UP> metric 0 mtu 1500 \x09options=80000<LINKSTATE> \x09capabilities=80000<LINKSTATE> \x09ether bc:24:11:2d:f0:e8 \x09groups: vlan \x09vlan: 104 vlanproto: 802.1q vlanpcp: 0 parent interface: vtnet1 \x09
media: Ethernet autoselect (10Gbase-T <full-duplex>) \x09status: active \x09supported media: \x09\x09media autoselect \x09nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> \x09drivername: vlan5 vtnet1_vlan105:
 flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 \x09options=80000<LINKSTATE> \x09capabilities=80000<LINKSTATE> \x09ether bc:24:11:2d:f0:e8 \x09groups: vlan \x09vlan: 105 vlanprot
o: 802.1q vlanpcp: 0 parent interface: vtnet1 \x09media: Ethernet autoselect (10Gbase-T <full-duplex>) \x09status: active \x09supported media: \x09\x09media autoselect \x09nd6 options=29<PERFORMNUD,IFDISABLED,AUT
O_LINKLOCAL> \x09drivername: vlan6 vtnet1_vlan106: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 \x09options=80000<LINKSTATE> \x09capabilities=80000<LINKSTATE> \x09ether bc:24:1
1:2d:f0:e8 \x09groups: vlan \x09vlan: 106 vlanproto: 802.1q vlanpcp: 0 parent interface: vtnet1 \x09media: Ethernet autoselect (10Gbase-T <full-duplex>) \x09status: active \x09supported media: \x09\x09media autos
elect \x09nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> \x09drivername: vlan7 vtnet1_vlan107: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 \x09options=80000<LINKSTATE> \
x09capabilities=80000<LINKSTATE> \x09ether bc:24:11:2d:f0:e8 \x09groups: vlan \x09vlan: 107 vlanproto: 802.1q vlanpcp: 0 parent interface: vtnet1 \x09media: Ethernet autoselect (10Gbase-T <full-duplex>) \x09statu
s: active \x09supported media: \x09\x09media autoselect \x09nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> \x09drivername: vlan8 vtnet1_vlan108: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP
> metric 0 mtu 1500 \x09options=80000<LINKSTATE> \x09capabilities=80000<LINKSTATE> \x09ether bc:24:11:2d:f0:e8 \x09groups: vlan \x09vlan: 108 vlanproto: 802.1q vlanpcp: 0 parent interface: vtnet1 \x09media: Ether
net autoselect (10Gbase-T <full-duplex>) \x09status: active \x09supported media: \x09\x09media autoselect \x09nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> \x09drivername: vlan9 vtnet1_vlan109: flags=10088
43<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 \x09options=80000<LINKSTATE> \x09capabilities=80000<LINKSTATE> \x09ether bc:24:11:2d:f0:e8 \x09groups: vlan \x09vlan: 109 vlanproto: 802.1q vl
anpcp: 0 parent interface: vtnet1 \x09media: Ethernet autoselect (10Gbase-T <full-duplex>) \x09status: active \x09supported media: \x09\x09media autoselect \x09nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
 \x09drivername: vlan10 vtnet1_vlan11: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 \x09options=80000<LINKSTATE> \x09capabilities=80000<LINKSTATE> \x09ether bc:24:11:2d:f0:e8 \
x09groups: vlan \x09vlan: 11 vlanproto: 802.1q vlanpcp: 0 parent interface: vtnet1 \x09media: Ethernet autoselect (10Gbase-T <full-duplex>) \x09status: active \x09supported media: \x09\x09media autoselect \x09nd6
 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> \x09drivername: vlan11 vtnet1_vlan112: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP>
<11>1 2026-03-17T13:43:06+01:00 fw-2.acme.com opnsense 554 - [meta sequenceId="268"] /usr/local/etc/rc.bootup: Unable to configure nonexistent interface opt38 (vtnet1_vlan513)

Once booted, I must go to from the web console to Interfaces -> the affected interface. Click save (without changing anything), then apply.
Any idea how I could debug this ? The other host is exactly the same (both are KVM VM running on Proxmox VE, only MAC addresses differ) and has no issue
#2
26.1 Series / Re: Rules migration in a HA setup
January 29, 2026, 03:25:28 PM
Thanks. I might wait a bit then before migrating my old rules
#3
26.1 Series / Re: Old rules deprecation
January 29, 2026, 03:24:40 PM
Thanks. That's a relief, as I'm a bit afraid it'll take me some time to migrate my main production system and its 2000 or so rules (or maybe the migration will work on first try, who knows ;-) )
#4
26.1 Series / Rules migration in a HA setup
January 29, 2026, 02:20:35 PM
Hi.
Regarding the rules migration, are there any particular steps to follow for an HA system ? Should we just do the migration on the current master, and let configuration sync replicate this on the backup ?
#5
26.1 Series / Old rules deprecation
January 29, 2026, 01:55:03 PM
Hi.
What are the plan for the old rules ? Will they be deprecated, and then removed at some point ?
#6
26.1 Series / Source NAT vs Outbound ?
January 29, 2026, 01:47:07 PM
Hi.
Just upgraded a small OPNSense setup from 25.7.11 to 26.1. It went well, including the migration of rules to the new system (although this was a very simple setup, and I'm a bit worried about my bigger production system which has thousands of rules, in a HA pair of OPNSense ...)
One thing I wonder now with the new rules interfaces, is the difference between NAT -> Source NAT and NAT -> Outbound (as the later is obviously a Source NAT too). Could someone clarify ? Will a later migration process be needed to migrate Outbound rules to Source NAT ? Or will this just be a manual process ?
Pages1