Messages

1

General Discussion / Internet connection drops on certain VLAN

« on: October 13, 2022, 04:10:43 pm »

I am noob at this. I have my network setup as ISP Arrris modem --> OPNsense router/firewall --> network switch --> APs on MESH. I have my network segregated into VLANs each distributed to their respective Wifi. Recently, I note transient internet connection drop outs intermittently on a particular Wifi/VLAN. I do not have stringent firewalls of any sort at least not on this VLAN. The problem happened simultaneously on two devices connected to the same troublesome Wifi, so I do not think this is a peripheral device issue. I am not sure how to troubleshoot this at the level of opnsense or switch. I appreciate some guidance.   

2

General Discussion / Re: Reset Interface Statistics

« on: October 04, 2022, 09:01:25 pm »

Restarting the machine will do 

3

General Discussion / Bridge network - Errors out

« on: October 04, 2022, 05:36:10 am »

I have a TOPTON device with 4 ports. I followed this guide https://docs.opnsense.org/manual/how-tos/lan_bridge.html to create a bridge interface close to the attached diagram. I noticed that I have errors out on the bridge interface and VLAN10. The physical interfaces OPT3 and OPT4 are enabled but unused at present. I tried to disable unused interfaces and it did not solve the issue. I attached a diagram for the interfaces and screenshot from my OPNSense instance. Shall I worry about these errors at all?

Thanks.

4

General Discussion / Re: VLANs on multiple interfaces

« on: August 29, 2022, 11:01:58 pm »

Thank you so much. Very nice drawing 

5

General Discussion / Re: VLANs on multiple interfaces

« on: August 29, 2022, 08:19:36 pm »

Do you want these ports to be port based VLAN members, i.e. carrying untagged frames?

What you need to do in this case is create your VLAN on the trunk port (you already did that), then create a bridge interface with that VLAN and the untagged additional port as members. Then, and this is important, assign the logical interface (Interfaces > Assignments) including IP address configuration etc. to the bridge interface, not the VLAN interface. Don't assign anything to the VLAN interface at all.

Additionally you might want to change two kernel tunables as documented in the "LAN bridge" chapter of the wiki.

HTH,
Patrick

This is exactly what I intended to do; that is to bridge logical to physical interfaces. The question is now the trunk port does not have that VLAN anymore, right?

6

General Discussion / VLANs on multiple interfaces

« on: August 29, 2022, 01:44:04 am »

I am setting up a Topton 4-NIC box. I assigned defaults of one NIC for WAN and another for LAN. I have 2 unassigned ports (OPT2,OPT3). My LAN is a trunk port and has multiple VLANs. How can assign one of those VLANs to unused OPT interfaces? The reason I want this because my desktop has 2.5gb NIC to utilize the speed on my network. I have TL-SG3428X gigabit switch. My NAS is connected to SFP+ port. I plan to connect my LAN trunk to another SFP+ port on the switch, and utilize one of the OPT ports on OPNsense box for my desktop.

I recognize that I cannot create VLANs on bridged interfaces. Can create a bridge assigned to VLAN? (thinking loud here).

Thank you so much.

7

High availability / HA requirements

« on: August 13, 2022, 03:07:21 am »

I have an N5105 mini machine that I intend to use with OPNSense without a hypervisor. I would like to set up another OPNSense instance on Proxmox as a backup HA. Is this doable? I learned from forums that interfaces has to have similar names for HA to work.

I currently have Arris S33 modem connected to a virtualized opnsense instance. My LAN is connected to a managed L2+ smart switch that carries out my VLANs. I initially thought to set up two virtualized instances but I dont have a physical router to hand over IP addresses to downstream opnsense instances. I do not plan to use my L2+ smart switch to handle DHCP.

I am open to suggestions.  Thank you.

8

General Discussion / Re: Errors Out on VLANs

« on: July 01, 2022, 03:17:02 am »

I uninstalled Zenarmor (Sensei) for I found Elasticsearch Database was taking so much disc space. And the surprise, all interface errors disappeared. It has been 24 hours so far. You may close this post. Thank you.

9

General Discussion / OPNsense disk is full

« on: June 21, 2022, 11:38:19 pm »

I have OPNsense running on Proxmox. This VM has an assigned 80 gb storage setting on 250gb SSD. I suddenly had my drive full that the VM is no longer able to run. so I moved out some VMs to empty some space but this VM appears to consume over 200gb by itself on the proxmox side, but only 36% full on the VM side. I ran fsck -fy  / with output marking disk as "dirty". OPNsense self check marked file system fine. I can see on df -h one drive is consuming as such (see pic). tunfs TRIM is set to disable. I am unable to enable this because the disk is marked as dirty. Of note, VM is running on ext4 file system (not ZFS) and I have enabled the Discard option in HDD configuration on Proxmox side.

Appreciate help to approach this issue.

10

General Discussion / Re: I225V Interface errors on trunked (tagged) port

« on: June 21, 2022, 11:25:53 pm »

I have similar issues to this date which appear to happen on truncated VLAN ports only. It seems to come up often. See previous posts if that helps.
https://forum.opnsense.org/index.php?topic=28440.msg138569#msg138569
https://forum.opnsense.org/index.php?topic=26853.0

Will keep an eye on this post!

11

General Discussion / Re: Errors Out on VLANs

« on: May 27, 2022, 12:15:17 am »

I switched my LAN cable and did not make a difference. Errors counts slowed down after I changed my switch IP address to static but did not last for long. Why do you think it is a CPU issue. The CPU work load is barely 3% all times. It seems like people have had this problem for awhile now https://github.com/opnsense/src/issues/74

12

General Discussion / Re: Errors Out on VLANs

« on: May 25, 2022, 12:15:43 am »

You are right, and I do not know how to draw a network. I am not an engineer or IT person 

My proxmox host has 2 Ethernet ports from the motherboard and 4 others from the I-350 card. I use one on the motherboard to access proxmox interface wired to my network switch. I assigned 2 ports on I-350 to opnsense VM as Linux bridge: one goes to my modem as WAN; and the other goes to my trunk port on my switch as LAN. The LAN carried all VLANs.

What I meant by adding a 3rd port to opnsense is that I attempted to assign a 3rd physical port to opnsense but it stopped working for me as I detailed. I though I would use this for DMZ or VPN.

I hope this clarifies the confusion.

13

General Discussion / Re: Errors Out on VLANs

« on: May 24, 2022, 09:18:57 pm »

The LAN cable is one supplied by my NAS so I expect it to be decent but I will try.

Can you elaborate on the CPU/proxmox issue?

I am wondering whether this is related to my switch because it is a budget one. Sp I will setup another trunk port and route LAN/VLANs through it.

The other thing is I do not use my LAN at all this is why it is 0 errors (in part). I will wire connect to LAN over my switch and see if this generates errors. This way I skip my AP route.

Of note, I added a third NIC to opnsense VM and I lost connection to opnsense GUI and connectivity although post was showing on proxmox console but without a WAN IP address. Not sure if this has to do anything with the errors.

Thanks!

14

General Discussion / Re: Errors Out on VLANs

« on: May 24, 2022, 07:22:04 am »

Here is my stat page:

15

General Discussion / Errors Out on VLANs

« on: May 20, 2022, 07:33:46 pm »

I setup OPNSENSE virtualized on proxmox desktop machine.  I use Intel I350 Quad Port by CISCO UCSC-PCIE-IRJ45 via bridge in proxmox. I have 1 port for WAN and 1 port for LAN (and carries all VLAN segments). I use managed switch by TPLink TL-SG108E between LAN and my Wifi AP. I exclusively use VLANs on my network and preserved LAN for management. I have over 1300 errors outs on firewall statistics.

How can I approach this issue? Thanks in advance.