Messages

1

22.7 Legacy Series / ISC DHCP 4.4.3-P1 EOL

« on: October 12, 2022, 02:35:03 pm »

ISC DHCP Server has reached EOL

Now that the version of ISC DHCP that OPNsense uses is EOL as of this release in 22.7.6, what are the plans going forward?

Any consideration to making the move to ISC Kea DHCP server?

Would also be great, if OPNsense was finally able to function as a DHCP server for multiple subnets and VLANs over a single defined interface/link in the context of an L3 switch.

2

22.7 Legacy Series / Re: Using AdGuard Home for specific hosts only?

« on: October 08, 2022, 04:04:16 pm »

So have Adguard on port 53 and Unbound on port 53530. So everything hist adguard first.

I used Adguard Settings/Client Settings to segregate lists of clients IP's and MAC addresses that bypass the global Adguard settings and get passed through directly to unbound as well as other client lists, for example younger kids, that get more stringent settings.

3

22.7 Legacy Series / Re: AdGuard not updating

« on: October 06, 2022, 04:36:29 am »

Solution picked from Adguard bug thread:


- SSH in your opnsense box
- Send this command, change USERNAME:PASSWORD to your Login/Pass of Adguard
- Specify port if you changed the default
 

Code: [Select]

curl -H 'Content-Type: application/json' -X POST -v 'http://USERNAME:PASSWORD@127.0.0.1/control/update'

Can confirm this worked - but, in my case, I had to use the IP address of my AGH box on my LAN, localhost didn't work.

Updated to .b17 successfully, no apparent loss of data.  Thank you!

Same here, but had to add the IP address and port for it to work for me. Thanks, that was much easier than I expected.

4

22.7 Legacy Series / Re: AdGuard not updating

« on: October 04, 2022, 04:28:51 pm »

Might be an issue on the adguard update server side. I get the same error for the v0.108.17 that came available today. I would give them a few hours to get things sorted and try again.

5

22.7 Legacy Series / Re: filter log files keep growing till they overflow the disk

« on: September 27, 2022, 05:00:27 pm »

Under System -> Settings -> Logging -> Preserve logs (Days) what do you have there? Some have stated the default changed to 31 days with the 22.* series. Some have needed to decrease this to 7 days or less.

6

22.7 Legacy Series / Re: Recurring Kernel Panics - Fatal trap 12: page fault while in kernel mode

« on: September 15, 2022, 04:21:09 am »

@rafaelreiser have you tried to run the opnsense VM either in ubuntu kvm/qemu or Proxmox without nic passthrough yet? Using a virtualized cpu and paravirtualized nics (virtio) seems to be about the only combo left to try.

I’ve also run OPNsense VM on Proxmox for years now without any sort of crashes like this, as have many others on the Proxmox forum I frequent, so no inherent generalized compatibility issues there on the software front.

7

22.7 Legacy Series / Re: Recurring Kernel Panics - Fatal trap 12: page fault while in kernel mode

« on: September 11, 2022, 08:42:01 pm »

Proxmox is just some binaries on top of a slightly modified Debian install. In fact, you can install Debian and then install proxmox to that.

Regardless of how you chose to install initially, you can have Docker running directly on the Debian/proxmox host easily as getting it running on Debian. Most people don't as installing docker on a lightweight proxmox Debian/Ubuntu/alpine LXC takes so few additional resources, but you can.

https://pve.proxmox.com/pve-docs/pve-admin-guide.html#_install_proxmox_ve_on_debian

8

22.7 Legacy Series / Re: Recurring Kernel Panics - Fatal trap 12: page fault while in kernel mode

« on: September 08, 2022, 10:48:37 pm »

You would lose little to nothing virtualizing the cpu and host and really it might just be temporary to trouble shoot if the host nic or cpu direct interaction with FreeBSD are the issue. It’s more about systematically checking off those boxes of what might be the cause.

VirtIO on many host can do 10-20g of throughput and should have no issues with 2.5g.

9

22.7 Legacy Series / Re: Recurring Kernel Panics - Fatal trap 12: page fault while in kernel mode

« on: September 08, 2022, 05:11:38 pm »

Also similar to https://forum.opnsense.org/index.php?topic=29845.0?

Are you virtualizing the VM CPU as KVM/Qemu or using host? Have you tried not passing through the network adapter and using VirtIO instead, which should handle 2.5g fine? Either of those could narrow down the issue.

Starting to suspect something in this hardware combo is giving the underlying FreeBSD base fits. If virtualizing the 2.5g nic or the CPU (or both in combination) stops the Freebsd Kernel panics that should point in the general direction of an answer. Seems as though RAM issues would affect the host and VM.

10

22.7 Legacy Series / Re: API Firewall Rule management

« on: August 29, 2022, 08:01:14 pm »

Interesting, watching on GitHub.

11

22.7 Legacy Series / Re: 22.7.2 Wireguard service won't start

« on: August 29, 2022, 03:42:20 pm »

Im assuming the FW needs rebooted after this? Also wireguard go service fails to start, assuming that's OK as kmod is running and everything works just fine.

I do not remember on the first question, sorry.

Yes on the second question, that is the expected behavior. If the Red/stopped WireGuard-Go status bothers you on the dashboard services widget (it did bother me) you can click the edit (pencil) button for that widget and specify that wireguard-go status is no longer shown. Out of sight, out of mind was my fix.

12

22.7 Legacy Series / Re: WAN management issue

« on: August 25, 2022, 05:29:28 am »

If you can't get that to work, consider setting up wireguard on opnsense and using that connection to gain access behind the WAN/Outside interface and not have to expose the webui at all.

13

22.7 Legacy Series / Re: DNSMasq and DNSSEC

« on: August 24, 2022, 04:20:44 pm »

Asking naively, wouldn't using DNS over HTTPS (DoH) be next to impossible for the ISP to stop?

How to Configure DNS over HTTPS (DoH) Using DNSCrypt-Proxy in OPNsense

14

22.7 Legacy Series / Re: I provided an incorrect IP address for the OPT1 gateway during network setup

« on: August 21, 2022, 06:21:17 pm »

From ipmi/BMC terminal menu, choose option 1.

https://youtu.be/CocyuQ-AyOY

15

22.7 Legacy Series / Re: No carrier after install

« on: August 21, 2022, 05:25:58 pm »

What I find ironic, is the big providers stick to cable/DSL because they say fiber is too expensive to lay, too expensive to maintain, etc. While the small providers that specialize in fiber internet charge lower prices, are profitable and growing. Albeit slowly since they can only grow in new housing developments. No one seems to be interested in building in established neighborhoods.

Established companies have more regulations and potential blow back for putting fiber in only in profitable new neighborhoods and skipping over the ones they already service. New companies don't suffer any local/federal/political/contractual ramifications for actively expanding into those same areas because they don't have the "baggage" of preexisting older neighborhood customers.