Messages

1

24.7 Production Series / Re: Traffic Graph in Lobby Strange Behaviour

« on: November 29, 2024, 01:34:20 am »

Windows 11 doesn’t update the clock very often by default:
 https://www.elevenforum.com/t/how-often-should-clock-synchronize.1181/

Coupled with pc vendors cutting g cost corners and using the less than stable oscillators on the system board leads to clock drift in windows.

I adjust mine every hour, unless I need something more precise. Should keep your drift within a second or two at most.

Adam

2

24.7 Production Series / Re: DEC2752: Getting switch online

« on: November 29, 2024, 01:28:46 am »

I’ve done something similar before, except I setup a port on the firewall with all of the clans tagged, and another on my switch with all of the clans tagged. I then assigned switch ports to whatever clan I wanted the connected device to be in.

The vlans for you switch (2 and 99) are not defined on the firewall, is vlan 10 defined on the swithport connected to the firewall?

3

24.1 Legacy Series / Re: How to handle DNS Queries / Or switch Topology

« on: May 30, 2024, 09:42:04 pm »

I'd start with grabbing some packet captures of the DNS traffic at the firewall and see if the issue is internal or external.

4

23.7 Legacy Series / Re: Switching from IPFire to Opnsense - USB ethernet adapters

« on: January 14, 2024, 08:55:49 pm »

Realtek has a checkered past with their FreeBSD drivers. Personally, I’ve had several OPNSense builds using the RTL8111 adapters, and have had decent luck with them. Had a dual port card in a box my son took to college, and it help up without issue to 4 college boys gaming on the internet.

I have not tried a USB to Ethernet adapter with OPNSense. My advice is to give it a try - it may work well enough for your needs.

Adam

5

23.7 Legacy Series / ipsec connections

« on: August 02, 2023, 04:36:46 pm »

Is there a place to set the default phase 1 and phase 2 proposals?

I upgraded two boxes to 23.7 and moved from tunnels to connections and noticed the tunnels wouldn't come up until I change one side from "default" to a handful of proposals.

6

22.7 Legacy Series / Re: DHCP service "Additional Pools" logic

« on: January 22, 2023, 02:43:12 pm »

The "Additional Pools" are for pools within the subnet of the interface:

"If you need additional pools of addresses inside of this subnet outside the above Range"

I have some legacy subnets where the ip's were not managed well, and have statics all of the place. I setup one small subnet, then added a copy of other pools in between the statics.

I think you'll have to setup a vlan to service dhcp out of the new subnet

7

Hardware and Performance / Re: intel nics i225 with Opnsense

« on: November 03, 2022, 05:24:06 am »

it auto detected them.

8

Hardware and Performance / Re: intel nics i225 with Opnsense

« on: November 02, 2022, 03:36:24 pm »

I purchased a 4 port Celeron j4125 appliance using the 2.5gb Intel nice. No issues at all with it. I have a lan, wan and a trunked in terrace with multiple vlans.

Wan interface connects directly to a Motorola cable modem with a 2.5gb Nic. Lan and trunk interfaces are connected into a Ubiquiti 2.5gb switch.

I work from home full-time, and push a lot of data through this. Works well, and I'm happy with it.

9

22.7 Legacy Series / Re: OPNSense VLAN and Unifi Switch/AP

« on: October 20, 2022, 05:18:56 pm »

I've done this many times. Feel free. to reach out to me if you need help.

10

Development and Code Review / Re: blocking traffic with /sbin/pfctl

« on: April 20, 2022, 04:35:47 pm »

I'd be willing to test the Crowdsec plugin when you're ready.

11

22.1 Legacy Series / Re: Support for "Speed Dragon Multimedia Limited" NICs dropped?

« on: April 04, 2022, 10:20:08 am »

I believe it’s a Realtek rtl8111 chipset. I had one a while ago and remember the name.

12

21.7 Legacy Series / Re: MultiWAN Load Balancer with mixed types of gateways (RFC1918+PPPoE)

« on: November 22, 2021, 05:13:13 pm »

Check your sticky settings under Firewall>Advanced>Multi-wan. You may want to experiment to see what provides you the most stability.

13

Hardware and Performance / Re: Issue with MTU on 10G interface

« on: August 04, 2021, 05:00:09 pm »

Not sure if this helps or not, but I have an intel X540-t2 and a X550-t2 (both use the ix driver), and both defaulted to 1500 mtu's. Both are configured with one untagged interface, and one with tagged and untagged interfaces configured.

14

21.1 Legacy Series / Re: Dual WAN issues

« on: July 20, 2021, 11:05:52 pm »

Under Firewall, Advanced, Multi-wan you'll need to enable "Sticky Connections". You'll also probably want to set a reasonable value in the timeout - say 10 or 15 minutes.

15

21.1 Legacy Series / Re: OPNsense with IPv6 and pi-hole

« on: July 12, 2021, 10:05:02 pm »

I grabbed the link local address for my pihole (starts with fe) and configure the DHCP6 server to hand out that as the DNS server.
Set the " Use the DNS settings of the DHCPv6 server" in the Router Advertisements.
Make sure to set pihole to listen on all interfaces, and away you go.