Messages

1

21.1 Production Series / Re: No IPv6 address assigned on WAN interface / Router Advertisement ignored

« on: February 28, 2021, 10:00:32 pm »

@schnipp, thanks a lot! landed as an official commit via https://github.com/opnsense/core/commit/f1afe998ad

We will do a bit of regression testing but it can go into a later stable update, maybe 21.1.4 or 21.1.5.


Cheers,
Franco

2

General Discussion / Re: Please Make a Donation to OPNsense

« on: February 27, 2021, 07:14:02 pm »

Lovely, thank you <3

3

General Discussion / Re: how to become mirror

« on: February 27, 2021, 07:13:26 pm »

Hi,

Can you send us a mail at project@opnsense.org to discuss?


Thanks,
Franco

4

Development and Code Review / Re: passing parameters

« on: February 27, 2021, 07:12:28 pm »

Looks promising, thanks!

A good example is https://github.com/opnsense/core/blob/master/src/opnsense/mvc/app/controllers/OPNsense/Core/Api/FirmwareController.php#L585-L606 where you can see the package name being passed from the API request to the configd call.


Cheers,
Franco

5

21.1 Production Series / Re: Strange sounds when running

« on: February 27, 2021, 07:09:54 pm »

If your hard disk is not solid sate it is probably the sound of it dying.


Cheers,
Franco

6

General Discussion / Re: Add on packages and reporting issues

« on: February 27, 2021, 07:06:52 pm »

Can you be more specific please?


Cheers,
Franco

7

21.1 Production Series / Re: No IPv6 address assigned on WAN interface / Router Advertisement ignored

« on: February 26, 2021, 08:26:06 pm »

The description of "Use IPv4 connectivity" and its explanation in the docs is one thing which confuses me. IPv6 requests are not sent over the IPv4 connectivity layer but encapsulated in ppp. It may sound a little bit pedantic but the description can lead to misunderstanding. As far as I understood by activating this function IPv6 packets are sent over the ppp connectivity link and otherwise directly over the parent interface (e.g. the corresponding ethernet interface). Did I understand correctly?

Correct. It's one of those things that is neither wrong or right and thus may lead to false interpretation.

I don't understand what do you mean with "messes the boot sequence". The WAN link should only come up after the interface itself is successfully prepared. Otherwise it's clear that we'll loose control messages for establishing the ip link.

When we talk about DHCP and the boot sequence obtaining an address and configuring the services (routing, firewall) for it takes an synchronous event which messes with the boot sequence that cannot tolerate undefined concurrent behaviour. For this reason pfSense a long time ago prohibited many async paths during boot sequence using a file designating that the boot sequence is in progress.

I believe this question cannot be answered with either 'yes' or 'no' for all situations. I know some fiber modems are capable of doing ethernet link monitoring on customer's side perfomed by the ISP. Whether it is used to control the network connection is unknown. I have observed that ISPs like Deutsche Telekom and 1&1 are doing something similar on the pppoe layer. They immediately send RA messages after ppp dial-in succeeds.

So, we should assume they (ISPs) can. In case an ISP sends unsolicited RA messages we are happy, otherwise it doesn't matter and we do a fallback to router solicit messages. We can only win  .

I revised the patch a bit so that basically we get ready for dealing with SLAAC as soon as PPPoE is "dialling" and created its interface. If that is not soon enough we are still screwed since we cannot push the accept_rtadv flag to a nonexistent interface, but I expect some sort of grace period for the ISP RA so testing the theory is the best approach.

https://github.com/opnsense/core/commit/a0248c7e


Cheers,
Franco

8

21.1 Production Series / Re: No IPv6 address assigned on WAN interface / Router Advertisement ignored

« on: February 25, 2021, 08:00:50 pm »

Maybe this works, I don't know. But it is worth a try. https://github.com/opnsense/core/commit/943db279


Cheers,
Franco

9

21.1 Production Series / Re: No IPv6 address assigned on WAN interface / Router Advertisement ignored

« on: February 25, 2021, 07:28:22 pm »

Scenario 1 is likely caused by deferring the IPv6 setup until the IPv4 connectivity is ready because "Use IPv4 connectivity" is checked.

https://github.com/opnsense/core/blob/70f856bf2fa9d2b1e5fc11e0b7e5bbfae04be92e/src/etc/inc/interfaces.inc#L2455

I don't recall that this ever was different. WAN comes up during boot but is not allowed to go through because it messes with the boot sequence. The WAN events are handled after boot is complete, but for PPPoE that is "too late", at least the ISP sees it that way.

https://github.com/opnsense/core/blob/70f856bf2fa9d2b1e5fc11e0b7e5bbfae04be92e/src/etc/rc.newwanip#L44
https://github.com/opnsense/core/blob/70f856bf2fa9d2b1e5fc11e0b7e5bbfae04be92e/src/etc/rc.newwanipv6#L43
https://github.com/opnsense/core/blob/master/src/etc/rc.syshook.d/start/10-newwanip

We can't assume the ISP will send an RA as soon as the IPv4 connectivity comes up or do we? How should we and/or the ISP know we are ready for it?


Cheers,
Franco

10

21.1 Production Series / Re: Native-kernel wireguard support for 21.1 feasible? FreeBSD 13 may have it

« on: February 25, 2021, 11:39:22 am »

Define "included". The kernel patch doesn't help anyone with the wireguard plugin yet so rushing this is not useful and creates false expectations.

Furthermore, due to complications in iflib code we will not be targeting 21.1.3 to avoid unnecessary changes in functional areas at this point.


Cheers,
Franco

11

21.1 Production Series / Re: New traffic widget broken in Firefox

« on: February 25, 2021, 08:52:37 am »

The widgets have a lot of old JS code that should be reworked, but I think we will not open this can of worms until 21.7 is out due to other priorities. Another issue is that some widgets do not automatically reload and basically all of them do manual code for the same purposes duplicating code where it shouldn't be necessary.

As said I like your rewrite, but we should just write replacements instead of changing the code to something completely else in existing widgets.

I will talk to Ad about integrating your PR or at least do the review to see what will happen with it.


Cheers,
Franco

12

21.1 Production Series / Re: New traffic widget broken in Firefox

« on: February 24, 2021, 09:12:35 pm »

That's always appreciated, thanks in advance!

13

21.1 Production Series / Re: Native-kernel wireguard support for 21.1 feasible? FreeBSD 13 may have it

« on: February 24, 2021, 09:09:23 pm »

Backport of the FreeBSD-CURRENT state is done now:

https://github.com/opnsense/src/commit/bb8e65da8e


Cheers,
Franco

14

21.1 Production Series / Re: New traffic widget broken in Firefox

« on: February 24, 2021, 08:29:25 pm »

https://github.com/opnsense/core/commit/8b9764fa86

# opnsense-patch 8b9764fa86

On a sadder note: no bugs related to this raised in the issue tracker so far...


Cheers,
Franco

15

Development and Code Review / Re: Understanding configctl

« on: February 24, 2021, 04:50:32 pm »

Let's test this theory:

# tail -n 5 /usr/local/opnsense/service/conf/actions_service.conf
[whoami]
command:whoami
parameters:
type:script_output
message:Who am I?
# service configd restart
# configctl service whoami
root


Cheers,
Franco