1
23.1 Legacy Series / Re: Changelog: openvpn: add unique daemon name to each instance
« on: January 27, 2023, 12:09:44 pm »
Thanks Franco
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
2
23.1 Legacy Series / Changelog: openvpn: add unique daemon name to each instance
« on: January 27, 2023, 11:43:55 am »
Hi,
In the latest change log I found this entry: "openvpn: add unique daemon name to each instance"
I couldn't find anything about this change here, does anyone know what this is for?
Best regards,
Maarten
In the latest change log I found this entry: "openvpn: add unique daemon name to each instance"
I couldn't find anything about this change here, does anyone know what this is for?
Best regards,
Maarten
3
Virtual private networks / Re: openvpn client service auto restart method? (for site to site)
« on: December 15, 2022, 12:05:54 pm »
Is there a solution for this problem yet? I have the same issue, all I can find is are solutions that involve manually changing config files, which are overridden by a firmware update. This is not practical if you have a dozen of routers with regular firmware updates.
Best regards,
Maarten
Best regards,
Maarten
4
21.7 Legacy Series / Re: Aliases not being updated, because "Last Updated" is in the future
« on: December 15, 2021, 12:48:07 pm »
Thanks for the info!
5
21.7 Legacy Series / Re: Aliases not being updated, because "Last Updated" is in the future
« on: December 15, 2021, 09:56:01 am »
Hi Franco,
Yes it's a VM, I always disable timesync, but maybe it was activated at some time during a VM move or so.
Yes it's a VM, I always disable timesync, but maybe it was activated at some time during a VM move or so.
6
21.7 Legacy Series / Re: Aliases not being updated, because "Last Updated" is in the future
« on: December 15, 2021, 08:35:58 am »
Hi Fright,
Thanks for your response, this did the job perfectly!
Best regards
Thanks for your response, this did the job perfectly!
Best regards
7
21.7 Legacy Series / Aliases not being updated, because "Last Updated" is in the future
« on: December 13, 2021, 01:50:24 pm »
Hi, I've got a problem with aliases not being updated. The reason seems to be that the timestamp of it lies within the future.
What's the best approach to solve this? I can do a "touch" to the file to give it the current timestamp, but I don't know if that's the way to go or even which of the 3 files to touch.
Best regards,
Maarten
Code: [Select]
/var/db/aliastables
-rw-r----- 1 root wheel 32 Jan 14 13:54:39 2022 WebServers.md5.txt
-rw-r----- 1 root wheel 250 Jan 14 13:54:39 2022 WebServers.self.txt
-rw-r----- 1 root wheel 250 Jan 14 13:54:39 2022 WebServers.txt
What's the best approach to solve this? I can do a "touch" to the file to give it the current timestamp, but I don't know if that's the way to go or even which of the 3 files to touch.
Best regards,
Maarten
8
21.7 Legacy Series / Re: Max size traffic shaper pipe?
« on: December 09, 2021, 12:11:02 pm »
Hi KH,
Good find, so they changed it from int32 to uint32 and should be "fixed" whenever opnsense upgrades to the freebsd version including this fix.
Maarten
Good find, so they changed it from int32 to uint32 and should be "fixed" whenever opnsense upgrades to the freebsd version including this fix.
Maarten
9
21.7 Legacy Series / Max size traffic shaper pipe?
« on: December 07, 2021, 11:27:31 am »
Hi, I'm trying to configure a pipe larger than 2gbit, but anything I configure over 2.1gb causes problems. The Shaper status does not show queues/rules after it encounters the pipe over 2.1gb.
for example "ipfw queue show", doesn't show anything, if there is a pipe over 2.1gb
Best regards,
Maarten
(OPNsense 21.7.1-amd64) (I checked, but this is also the case with OPNsense 20.7)
for example "ipfw queue show", doesn't show anything, if there is a pipe over 2.1gb
Best regards,
Maarten
(OPNsense 21.7.1-amd64) (I checked, but this is also the case with OPNsense 20.7)
10
21.7 Legacy Series / Re: Boot delay after "Invoking start script newwanip" (boot takes about 13 minutes)
« on: November 01, 2021, 01:44:24 pm »I did some testing with a vanilla configuration, and measured the time it took opnsense to reconfigure all connections:
1 vpn server configured = 30sec total
2 vpn servers configured = 100sec total
3 vpn servers configured = 25sec total !?!?!?!?
Then I deleted the 3rd and it took 20 seconds, but the boot after that it was 40. Seems like the delay is a bit random.....
This was my "vanilla" test. One instance already gave delays.
Settings: (nothing special)
Server Mode: P2P
Device Mode: Tun
Protocol: Udp
Interface: LocalHost (but tried other options as well)
IPv4 Tunnel Network: 10.0.10.4/30
11
21.7 Legacy Series / Re: Boot delay after "Invoking start script newwanip" (boot takes about 13 minutes)
« on: November 01, 2021, 01:06:48 pm »
yeah, I named it x, because I have about 10 vpn server instances. So x stands indeed for 1,2, 3 etc.
Like I mentioned above, I've tested a "vanilla" installation, latest version of opnsense, so clean sheet, no config import whatsoever. Just added a few openvpn servers and created an interface for it. That results in the delay right away for me.
Like I mentioned above, I've tested a "vanilla" installation, latest version of opnsense, so clean sheet, no config import whatsoever. Just added a few openvpn servers and created an interface for it. That results in the delay right away for me.
12
21.7 Legacy Series / Re: Boot delay after "Invoking start script newwanip" (boot takes about 13 minutes)
« on: November 01, 2021, 09:36:20 am »So there are no associated errors or delays in the OpenVPN log...?
I'm not seeing the issue despite having multiple OpenVPN Client (ovpnc) interfaces.
Also, because you are not seeing the issue on all such interfaces, it suggests the problem lies in just those with a delay.
There are no errors in my opnvpn log, the openvpn daemons start without issues. It's just the script "configctl interface newip ovpns..." which causes the delay if you attach an interface to the openvpn instance.
I've commented out that line in the script "10-newwanip", and it was fast right away. Of course this script does not run for nothing, so I restored the setting after testing.
13
21.7 Legacy Series / Re: Boot delay after "Invoking start script newwanip" (boot takes about 13 minutes)
« on: November 01, 2021, 09:06:56 am »Do you have in "timeouts" in general log without OpenVPN interfaces? Like this one:Quoteconfigctl[11670] error in configd communication Traceback (most recent call last): File "/usr/local/opnsense/service/configd_ctl.py", line 68, in exec_config_cmd line = sock.recv(65536).decode() socket.timeout: timed out
No
14
21.7 Legacy Series / Re: Boot delay after "Invoking start script newwanip" (boot takes about 13 minutes)
« on: October 29, 2021, 02:31:52 pm »
I did some testing with a vanilla configuration, and measured the time it took opnsense to reconfigure all connections:
1 vpn server configured = 30sec total
2 vpn servers configured = 100sec total
3 vpn servers configured = 25sec total !?!?!?!?
Then I deleted the 3rd and it took 20 seconds, but the boot after that it was 40. Seems like the delay is a bit random.....
1 vpn server configured = 30sec total
2 vpn servers configured = 100sec total
3 vpn servers configured = 25sec total !?!?!?!?
Then I deleted the 3rd and it took 20 seconds, but the boot after that it was 40. Seems like the delay is a bit random.....
15
21.7 Legacy Series / Re: Boot delay after "Invoking start script newwanip" (boot takes about 13 minutes)
« on: October 28, 2021, 10:54:28 am »
Apparently executing this command is taking a long time:
configctl interface newip ovpns5 (this is executed for every vpn server you've configured)
This command is fired from this script:
/usr/local/etc/rc.syshook.d/start/10-newwanip
I noticed the delay is there as when you assign an interface to the vpn instance. If you remove the interface assignment there is no delay anymore. (but your setup doesn't work of course)
configctl interface newip ovpns5 (this is executed for every vpn server you've configured)
This command is fired from this script:
/usr/local/etc/rc.syshook.d/start/10-newwanip
I noticed the delay is there as when you assign an interface to the vpn instance. If you remove the interface assignment there is no delay anymore. (but your setup doesn't work of course)