Messages

Same here in the UK with VirginMedia with Cable Modem in Bridge Mode after this update it killed my IPv6

Nothing to do with PPPoE IMHO as we use just DHCP on the WAN Interface

Seen the same log entries on my OPNsense system;

Some how Unbound stopped (RED) and this is in the log when starting at 2021-09-17T06:18:49 from the Dashboard;

2021-09-17T06:21:47   unbound[56365]   dhcpd entry changed bitmanEV.home.loc @ xxx.xxx.xxx.226.   
2021-09-17T06:21:38   unbound[80917]   [80917:2] info: generate keytag query _ta-4f66. NULL IN   
2021-09-17T06:21:38   unbound[80917]   [80917:1] info: generate keytag query _ta-4f66. NULL IN   
2021-09-17T06:21:38   unbound[80917]   [80917:0] info: start of service (unbound 1.13.2).   
2021-09-17T06:21:38   unbound[80917]   [80917:0] notice: init module 1: iterator   
2021-09-17T06:21:38   unbound[80917]   [80917:0] notice: init module 0: validator   
2021-09-17T06:21:34   unbound[95771]   daemonize unbound dhcpd watcher.   
2021-09-17T06:18:49   unbound[70713]   dhcpd entry changed bitmanEV.home.loc @ xxx.xxx.xxx.227.   
2021-09-17T01:00:15   unbound[50772]   [50772:0] info: 32.000000 64.000000 3   
2021-09-17T01:00:15   unbound[50772]   [50772:0] info: 16.000000 32.000000 14   
2021-09-17T01:00:15   unbound[50772]   [50772:0] info: 8.000000 16.000000 12   
2021-09-17T01:00:15   unbound[50772]   [50772:0] info: 4.000000 8.000000 13   
2021-09-17T01:00:15   unbound[50772]   [50772:0] info: 2.000000 4.000000 18   

when upgrating from OPNsense 21.1.1-amd64 to OPNsense 21.1.2-amd64

seen this warning in the log file

configd not running? (check /var/run/configd.pid).
Starting configd.
Unable to lock on the pidfile.
/usr/local/etc/rc.d/configd: WARNING: failed to start configd
Reloading plugin configuration

is this an issue? or can this safely been ignored?


cheers,

4G modem as WAN / broadband

may be have a play with the MTU size?

talking about harsh...

a Raspberry Pi ?

no, you have to boot the system as a live cd first and then install it...  :-\

is de WAN verbinding via DHCP van je provider? kijk eens in je logs om te zien of daar een renew request gedaan word

zelf heb ik TalkTalk en die gasten hebben hun DHCP lease op 480 sec staan (vraag me niet waarom) en dit resulteert in unbound opnieuw te starten. ik heb in unbound de WAN interface verwijderd

just my cents

on your apu2 do you have the nic's in auto negotiate mode? it might be that there is some problem with link negotiation?

just a shot in the dark but you never know

these are my settings to HE;

Parent interface [WAN]

GIF remote address [IPv4 address]

GIF tunnel local address [IPv6 address]

GIF tunnel remote address [IPv6 address] [/64]

Description [What ever description]


good luck

indeed correct, best wait for 11.2

netgate just modded the 11.1 code for their XG-7100 and kept it for them selfs

We backported the C3000 support for hardware we're selling, and it's the only hardware that we have properly vetted the code with. FreeBSD is adding C3000 support to 11.2, so it will be more widely tested there on other hardware by FreeBSD users.

We have not seen any stability issues on the particular hardware in the XG-7100, which is where we've tested it.

see my floating rule as that takes care of it

i assume you did read this https://wiki.opnsense.org/manual/how-tos/ipv6_tunnelbroker.html and this https://doc.pfsense.org/index.php/Using_IPv6_with_a_Tunnel_Broker to get some idea's

my OPNsense system has the following Firewall Rules for the HE Tunnel;

floating rule IPv6 IPv6-ICMP *
IPv4 ICMP WAN

good luck

to block ad's just use these DNS servers;

2a00:5a60::ad1:0ff

2a00:5a60::ad2:0ff

176.103.130.130

176.103.130.131

from https://adguard.com/en/adguard-dns/overview.html

if you got a managed switch at hand? it's called a firewall on a stick https://g33kr.net/how-tos/firewall-on-a-stick/