Topics

1

19.1 Legacy Series / [SOLVED] Upgrade to 19.1.1 - no ipv6 gateway

« on: February 17, 2019, 02:02:02 pm »

Hi,

after upgrading to 19.1.1 from 18.7, the ipv6 gateway is shown as offline and cannot be started from GUI anymore. The issue is that there is no rtsold process anymore pickup the prefix from WAN and  also dhcp6d can not be started.

The logs do not show any hint except that they state that there is no ipv6 default route possible to be set;

Code: [Select]

Feb 17 13:53:54 OPNsense opnsense: /interfaces.php: The command '/bin/pkill -'HUP' 'php-cgi'' returned exit code '1', the output was ''
Feb 17 13:53:54 OPNsense opnsense: /interfaces.php: ROUTING: entering configure using defaults
Feb 17 13:53:54 OPNsense opnsense: /interfaces.php: ROUTING: IPv4 default gateway set to wan
Feb 17 13:53:54 OPNsense opnsense: /interfaces.php: ROUTING: IPv6 default gateway set to wan
Feb 17 13:53:54 OPNsense opnsense: /interfaces.php: ROUTING: setting IPv4 default route to 192.168.2.1
Feb 17 13:53:54 OPNsense opnsense: /interfaces.php: ROUTING: keeping current default gateway '192.168.2.1'
Feb 17 13:53:54 OPNsense opnsense: /interfaces.php: ROUTING: skipping IPv6 default route
Feb 17 13:54:51 OPNsense opnsense: /interfaces.php: ROUTING: entering configure using 'wan'
Feb 17 13:54:51 OPNsense opnsense: /interfaces.php: ROUTING: IPv4 default gateway set to wan
Feb 17 13:54:51 OPNsense opnsense: /interfaces.php: ROUTING: IPv6 default gateway set to wan
Feb 17 13:54:51 OPNsense opnsense: /interfaces.php: ROUTING: setting IPv4 default route to 192.168.2.1
Feb 17 13:54:51 OPNsense opnsense: /interfaces.php: ROUTING: removing /tmp/igb1_defaultgw
Feb 17 13:54:51 OPNsense opnsense: /interfaces.php: ROUTING: creating /tmp/igb1_defaultgw using '192.168.2.1'
Feb 17 13:54:51 OPNsense opnsense: /interfaces.php: ROUTING: skipping IPv6 default route
Feb 17 13:54:57 OPNsense opnsense: /interfaces.php: Warning! services_radvd_configure(auto) found no suitable IPv6 address on igb2
Feb 17 13:54:57 OPNsense opnsense: /interfaces.php: Warning! services_radvd_configure(auto) found no suitable IPv6 address on igb0
Feb 17 13:54:57 OPNsense opnsense: /interfaces.php: Warning! services_radvd_configure(auto) found no suitable IPv6 address on igb3

dpinger can not be started as well (clear if there is no ipv6 gateway ....)

Any idea where to look after?

Br br

2

18.7 Legacy Series / Upgrade to 18.7.4: telegraf plugin broken?

« on: September 28, 2018, 10:19:08 pm »

Hi there,

after I upgraded to 18.7.4. I noticed that the telegraph plugin seems to be broken, mainly due to the input.systems module; I have no suddenly two log files, one in /var/log/telegraf/telegraf.log and one in /var/log/telegraf.log. Although the config says

Code: [Select]

[global_tags]

[agent]
  interval = "10s"
  round_interval = false
  metric_batch_size = 1000
  metric_buffer_limit = 10000
  collection_jitter = "0s"
  flush_jitter = "0s"
  precision = ""
  debug = false
  quiet = true
  logfile = "/var/log/telegraf.log"
  hostname = "opnsense"
  omit_hostname = false

[[outputs.influxdb]]
  urls = ["http://192.168.1.205:8086"]
  database = "telegraf"
  retention_policy = ""
  write_consistency = "any"
  timeout = "5s"
  username = "influx"
  password = "XXXXXXXXXX"




[[inputs.cpu]]
  percpu = true
  totalcpu = true
  collect_cpu_time = false

[[inputs.disk]]
  mount_points = ["/"]

[[inputs.diskio]]

[[inputs.mem]]

[[inputs.processes]]


[[inputs.system]]

[[inputs.net]]
that /var/log/telegraf.log shall be used, it uses the other one and writes tons of messages like

Code: [Select]

2018-09-28T19:20:23Z E! Error in plugin [inputs.system]: open /var/run/utmp: no such file or directory
2018-09-28T19:20:33Z E! Error in plugin [inputs.system]: open /var/run/utmp: no such file or directory
2018-09-28T19:20:43Z E! Error in plugin [inputs.system]: open /var/run/utmp: no such file or directory
2018-09-28T19:20:53Z E! Error in plugin [inputs.system]: open /var/run/utmp: no such file or directory
2018-09-28T19:21:03Z E! Error in plugin [inputs.system]: open /var/run/utmp: no such file or directory
2018-09-28T19:21:13Z E! Error in plugin [inputs.system]: open /var/run/utmp: no such file or directory
2018-09-28T19:21:23Z E! Error in plugin [inputs.system]: open /var/run/utmp: no such file or directory
2018-09-28T19:21:33Z E! Error in plugin [inputs.system]: open /var/run/utmp: no such file or directory
2018-09-28T19:21:43Z E! Error in plugin [inputs.system]: open /var/run/utmp: no such file or directory
2018-09-28T19:21:53Z E! Error in plugin [inputs.system]: open /var/run/utmp: no such file or directory
2018-09-28T19:22:03Z E! Error in plugin [inputs.system]: open /var/run/utmp: no such file or directory
E! Unable to append to /var/log/telegraf.log (open /var/log/telegraf.log: permission denied), using stderr
/var/log/telegraf.log belongs now root:root but should root:telegraf (?),

The non-nice side effect is that opnsense throughput in downlink drops to <5% of the normal performance.

Br br

3

18.1 Legacy Series / 18.1.10: dpinger activation -how to replace apinger

« on: June 21, 2018, 07:46:36 pm »

Hi there,

with pleasure i noticed that now a package for dpinger is provided with 18.1.10. Do I assume right that for now no GUI support for   dpinger is provided?

If so is there a safe recommendation how to replace apinger with dpinger via console?

Looking forward to your reply

Br br

 

4

18.1 Legacy Series / [SOLVED] Error when installing 18.1.9

« on: May 31, 2018, 09:06:20 pm »

Hi there

Get an error when installing 18.1.9. Installation screen hangs with extracting opnsense-18.1.9 and the following error message appears:

Code: [Select]

[31-May-2018 20:58:01 Europe/Berlin] PHP Fatal error:  Uncaught Error: Class 'OPNsense\Core\Routing' not found in /usr/local/opnsense/mvc/app/config/services_api.php:87
Stack trace:
#0 [internal function]: Closure->{closure}()
#1 [internal function]: Phalcon\Di\Service->resolve(NULL, Object(Phalcon\Di\FactoryDefault))
#2 [internal function]: Phalcon\Di->get('router', NULL)
#3 [internal function]: Phalcon\Di->getShared('router')
#4 /usr/local/opnsense/www/api.php(26): Phalcon\Mvc\Application->handle()
#5 {main}
  thrown in /usr/local/opnsense/mvc/app/config/services_api.php on line 87
Any idea how to fix that?

Br br

5

17.7 Legacy Series / igmpproxy and Telekom Entertain behind Fritzbox - now working

« on: January 02, 2018, 05:58:24 pm »

Hi all,

the same procedure as every year - but this time with progress:  igmpproxy in 17.7 now working with Telekom Entertain and Opnsense behind a Fritzbox as Router. Several topics dealt with that over the last 18 months eg https://forum.opnsense.org/index.php?topic=1968.0,https://forum.opnsense.org/index.php?topic=5295.0.

Over the last year there has been some updates of igmpproxy coming from pfsense space and fed back to freebsd ports, eg https://redmine.pfsense.org/issues/6099. Also, the problems with the correct aging of mcast routes in the table seems to be fixed now. Although not knowing whether all of them are fully reflected in the igmpproxy plugin of the current Opnsense release 17.7.11, I could make it work at least for Telekom Entertain 1.0 (NOT yet proven for the new Telekom Entertain TV 2.0) at least for the following configuration:

                                                                                 ----
                                                                            +-+ S +------> DMZ   <-----> Client
                                                                            |   | W |
Telekom ISP <--> Fritzbox 3490 <--> Opnsense <--+-+ I  +------> LAN    <-----> Client
                                                                            |   | T  |
                                                                            +-+ C +------> WLAN <-----> Client
                                                                                | H  |
                                                                                 ----
The switch supports IGMPv3 snooping and provides separated networks for DMZ, LAN, WLAN via untagged VLANs

After installation of the igmpproxy plugin, the following upstream networks should be configured:

• 193.158.0.0/15
• 87.140.0.0/15
• 224.0.0.0/4

The downstream networks should contain the networks of the LAN side interfaces accordingly.

The resulting /usr/local/etc/igmpproxy.conf should look like eg

Code: [Select]

##------------------------------------------------------
## Enable Quickleave mode (Sends Leave instantly)
##------------------------------------------------------
quickleave
phyint igb1 upstream ratelimit 0 threshold 1
altnet 193.158.0.0/15
altnet 224.0.0.0/4
altnet 87.140.0.0/15

phyint igb0 downstream ratelimit 0 threshold 1
altnet 192.168.X.0/24

phyint igb2 disabled
phyint igb3 disabled

Indeed you can also configure more downstream interfaces (in my case disabled here) important is to have ONE single upstream interface with the shown networks .... At the moment, I don't have yet a BNG network connection (migration announced for Q1), might be that then the upstream networks needs to be adapted.

Then, some firewall rules need to be configured:
On WAN interface:

• IPv4 IGMP from all sources, all ports to dest 224.0.0.0/4, all ports, activate extension
• IPv4 UDP from all sources, all ports to dest 224.0.0.0/4, all ports, activate extension

On LAN

• activate also extensions on all general rules

Then, very important, under Interfaces->WAN, the box 'block private networks' may NOT be ticked. Otherwise, Opnsense igmpproxy does not see the IGMP Queries from the Fritzbox anymore which prevents in time answers with member reports from the Opnsense and the Fritzbox stops the UDP stream after 2-3 mins.

In my config, TV can be seen stable on all devices in my LAN and WLAN with the vlc player. Thanks to IGMPV3 snooping capable switch, the additional traffic load on the LAN is neglectible ....

I will go for testing of direct connected Opnsense to Draytec Modem (leave out fritzbox) in the next step; as well I am currently working on a full igmpv3 implementation on the downstream side (this seems to be a prerequisite to make Entertain TV 2.0 work)...

Br br

6

17.7 Legacy Series / Update 17.7.8: apinger and ipv6 gateway monitoring not working

« on: November 22, 2017, 09:07:38 pm »

Hi there,

after upgrading to 17.7.8, ipv6 gateway monitoring is not working after reboot anymore. apinger.conf does not contain any target ... entry for the ipv6 gateway, only vor ipv4.

Simply restarting apinger does not help in my case.

Fix has been by going into system->gateways->all, then go into the config page for the ipv6 gateway and press Save. Then restart apinger and the target .... entry is in apinger.conf again. however, it is wrong one address (Link local WAN interface not Link Local WAN gateway).

With the next automatic restart, it went back to the correct values again

I can reproduce this when rebooting

Br br

7

17.7 Legacy Series / [SOLVED] IPv6 and letsencrypt

« on: October 26, 2017, 10:37:39 pm »

Hi there,

I am running a configuration like

FritzBox<-->opnsense (dmz interface) <--> web server with dyndns.

The web server acts as a public subdomain (sub.example.com)  and shall now get an ssl certificate via letsencrypt. As I have a dual stack running, Dyndns takes the ipv6 address of the Fritzbox as the ipv6 subdomain address. So far so good.

Due to the fact that Dyndns now offers ipv4 AND ipv6 a  DNS AAAA record iss created for the domain and therefore lets encrypts certbot is using ipv6 for certificate installation and renewal; obviously fallback to ipv4 is still not working in case that there is no answer from the server from ipv6. Currently certbot is failing as it does not reach the servers directory via ipv6

As with public ipv6 addresses NAT is no longer the valid method, how do I tell opnsense, that it should 'forward' the Fritzbox ipv6 address to the (public ?) ipv6 address of the webserver?

Looking forward to your reply

Br br

[EDIT] For those who are interested: The workaround is to configure the dyndns client on the FritzBox to update ipv4 only; this eliminates the AAAA record in DNS and letsencrypt is using Ipv4. To do so (here for dyn.com) Goto the Fritzbox in Internet->Freigaben->Dyndns and select user defined;  then put the following URL in the field:
https://members.dyndns.org/nic/update?hostname<DOMAIN>&myip<ipaddr>&wildcard=NOCHG&mx=NOCHG&backmx=NOCHG
Click apply and then wait for 5 min; the AAAA record has been disappeared; certbot renew then runs fine ....

8

17.7 Legacy Series / Upgrade to 17.7.4 - unbound 1.6.6 not starting automatically

« on: September 27, 2017, 11:16:22 pm »

Hi there,

17.7.4 updates also unbound to new version 1.6.6. However, unbound is not restarted after the update so that still 1.6.5 is running - is this by intention?

Br br

9

17.7 Legacy Series / [SOLVED] Adding IPv6 static route for rc.newwanipv6 fail

« on: September 24, 2017, 04:41:42 pm »

Hello,

after having fixed so fast (thanks again Franco !!) the matter around apinger (see https://forum.opnsense.org/index.php?topic=6028.0), there is another new error message in my system.log, which seems to have on a first look a similar root cause:

Code: [Select]

OPNsense opnsense: /usr/local/etc/rc.newwanipv6: Removing static route for monitor fe80::3631:c4ff:XXXX:XXXX%igb1 via fe80::3631:c4ff:XXXX:XXXX
OPNsense opnsense: /usr/local/etc/rc.newwanipv6: Adding static route for monitor fe80::3631:c4ff:XXXX:XXXX%igb1 via fe80::3631:c4ff:XXXX:XXXX
OPNsense opnsense: /usr/local/etc/rc.newwanipv6: The command '/sbin/route add -host -'inet6' 'fe80::3631:c4ff:XXXX:XXXX%igb1' 'fe80::3631:c4ff:XXXX:XXXX'' returned exit code '1', the output was 'route: writing to routing socket: Network is unreachable add host fe80::3631:c4ff:XXXX:XXXX%igb1: gateway fe80::3631:c4ff:XXXX:XXXX fib 0: Network is unreachable'

Could it be that the link local address of the default ipv6 gateway is not assigned to my WAN interface too for the adding the static route which would require some adoption of the rc.newwanipv6?

Looking forward to your reply

Br br

10

17.7 Legacy Series / [SOLVED] apinger and ipv6 gateway: cannot bind socket on address

« on: September 24, 2017, 12:44:51 am »

Hello together

after having updated to 17.7.3 from 17.1.11, I get the following error messages in the gateways.log file for the ipv6 gateway monitoring:

Code: [Select]

Could not bind socket on address(fe80::217:3fff:XXXX:XXXX) for monitoring address fe80::3631:c4ff:XXXX:XXXX(WAN_DHCP6) with error Can't assign requested address
OPNsense apinger: bind(): Can't assign requested address
Considering the /var/etc/apinger.conf, apinger sets the srcip to be the interface link-local address but it does not set the scope on the source IP or target, so apinger cannot reach the gateway.

Code: [Select]

target "fe80::3631:c4ff:XXXX:XXXX" {
  description "WAN_DHCP6"
  srcip "fe80::217:3fff:XXXX:XXXX"
        alarms override "loss","delay","down";
  rrd file "/var/db/rrd/WAN_DHCP6-quality.rrd"
}
The correct config should look (if e.g. igb1 is your WAN interface)

Code: [Select]

target "fe80::3631:c4ff:XXXX:XXXX%igb1" {
  description "WAN_DHCP6"
  srcip "fe80::217:3fff:XXXX:XXXX%igb1"
        alarms override "loss","delay","down";
  rrd file "/var/db/rrd/WAN_DHCP6-quality.rrd"
}
Have tried this out manually, with this config setting, the error message disappears.

As apinger restarts every 30 min. with a freshly written apinger.conf this needs to be included in the script generating the apinger.conf.

See also here: https://redmine.pfsense.org/issues/3969

Br br

11

17.1 Legacy Series / kernel error message ifa_maintain_loopback_route: insertion failed for interface

« on: June 07, 2017, 01:37:02 pm »

Hello together,

after upgrade to 17.1.8 for what reasons ever, one of my interface is not accepting to get configured with a linkloca address:

Code: [Select]

OPNsense opnsense: /usr/local/etc/rc.newwanipv6: The command '/sbin/ifconfig igb3 inet6 fe80::1:1%igb3' returned exit code '1', the output was 'ifconfig: ioctl (SIOCAIFADDR): File exists'
I have then the  following error messages in routing.log:

Code: [Select]

Jun  7 20:28:26 OPNsense radvd[54605]: received icmpv6 RA packet with non-linklocal source address from 2003:46:e954:26f2:XXX:XXXX:XXXX:XXXX
Jun  7 20:28:26 OPNsense rtsold[88234]: <rtsol_input> invalid RA with non link-local source from 2003:46:e954:26f2:XXX:XXXX:XXXX:XXXX on igb3

and in dmesg

Code: [Select]

ifa_maintain_loopback_route: insertion failed for interface igb3: 17

igb3 is one of my internal networks .... Mr. google is not really enlighting .....

What is the corrective measure to get rid of these messages? RA on all other internal interfaces works and they also get an link local address 

Thanks ...

br br

12

17.1 Legacy Series / Systems suddenly HALTS - Stability issue since 17.1

« on: April 26, 2017, 08:25:41 am »

Hello together,

I am facing since the migration to 17.1 the phenomenon that about all 3-4 weeks my system out of the sudden simply HALTS. No Logs, no message on the console, no crash report.  As I saw a few others who are at least from their writing being in a similar situation (with perhaps different root cause), I would like to ask how we could analyze this further. (are there any additional debug option I could activate et al)

Phenomenologically, I observe a random service stop in three classes:

• In the first class, router advertising for ipv6 stops (once about every three days)
• In the second class, the WAN interface goes down (once all 10 days)
• a complete system HALT (once all three weeks, without any hints on console or logs)

Must not necessarily correlate but could.

The following phenomenons are then observed when these events happen:

1.) Dashboard does not show suddenly any valid IPv6 addresses on the interfaces and ipv6 to the outside does not work ... radvd still running according to process table, wireshark does not show any RA packets anymore on the interfaces.

2.) WAN interface down:

Code: [Select]

Apr 25 22:21:00 OPNsense opnsense: /usr/local/etc/rc.filter_configure: Could not find IPv6 gateway for interface(wan).
Apr 25 22:21:00 OPNsense opnsense: /usr/local/etc/rc.filter_configure: Could not find IPv6 gateway for interface(wan).
Apr 25 22:22:59 OPNsense kernel: igb1: Watchdog timeout -- resetting
Apr 25 22:22:59 OPNsense kernel: igb1: Queue(73303552) tdh = 718230942, hw tdt = 38012041
Apr 25 22:22:59 OPNsense kernel: igb1: TX(73303552) desc avail = 0,Next TX to Clean = 0
Apr 25 22:22:59 OPNsense kernel: igb1: link state changed to DOWN
Apr 25 22:22:59 OPNsense configd.py: [b7a4b9b8-7077-471d-b36b-88b921d53a20] Linkup stopping igb1
Apr 25 22:22:59 OPNsense opnsense: /usr/local/etc/rc.linkup: DEVD Ethernet detached event for wan
Apr 25 22:23:00 OPNsense UNKNOWN[10427]: Exiting, sigterm or sigint received.
Apr 25 22:23:00 OPNsense UNKNOWN[10427]: sending stop adverts
Apr 25 22:23:00 OPNsense UNKNOWN[10427]: removing /var/run/radvd.pid
Apr 25 22:23:03 OPNsense kernel: igb1: link state changed to UP
Apr 25 22:23:03 OPNsense configd.py: [897d7623-e7c8-4e2d-bd7f-b1b2c1497d6e] Linkup starting igb1
Apr 25 22:23:03 OPNsense opnsense: /usr/local/etc/rc.linkup: DEVD Ethernet attached event for wan
Apr 25 22:23:03 OPNsense opnsense: /usr/local/etc/rc.linkup: HOTPLUG: Configuring interface wan
Apr 25 22:23:03 OPNsense opnsense: /usr/local/etc/rc.linkup: Accept router advertisements on interface igb1
Apr 25 22:23:03 OPNsense opnsense: /usr/local/etc/rc.linkup: ROUTING: setting IPv4 default route to 192.168.2.1
Apr 25 22:23:04 OPNsense opnsense: /usr/local/etc/rc.linkup: The command '/sbin/route delete -inet 'default'' returned exit code '1', the output was 'route: route has not been found delete net default fib 0: not in table'
Apr 25 22:23:07 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: rc.newwanipv6: Informational is starting igb1.
Apr 25 22:23:07 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: rc.newwanipv6: on (IP address: fe80::217:3fff:febe:a21d) (interface: wan) (real interface: igb1).
Apr 25 22:23:10 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: The command '/sbin/route delete -host 192.168.2.1' returned exit code '1', the output was 'route: route has not been found delete host 192.168.2.1 fib 0: not in table'
Apr 25 22:23:10 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: The command '/sbin/route delete -host 8.8.8.8' returned exit code '1', the output was 'route: route has not been found delete host 8.8.8.8 fib 0: not in table'
Apr 25 22:23:10 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: ROUTING: setting IPv4 default route to 192.168.2.1
Apr 25 22:23:10 OPNsense configd.py: [8d2bfedd-ecf1-403d-a361-aa63f27621ec] updating dyndns GW_WAN
Apr 25 22:23:11 OPNsense configd.py: [557139d3-e4f7-4dc3-b655-7e38388b6976] updating rfc2136 GW_WAN
Apr 25 22:23:11 OPNsense configd.py: [b519c996-1d03-49aa-9049-361ca6457316] Restarting ipsec tunnels
Apr 25 22:23:11 OPNsense configd.py: [6274acfb-b837-43fe-b148-788e960e93db] Restarting OpenVPN tunnels/interfaces GW_WAN
Apr 25 22:23:11 OPNsense configd.py: [4a6b68ba-78e4-4bb1-946e-847ee4f42255] Reloading filter
Apr 25 22:23:12 OPNsense configd.py: [f476d51c-71d5-47ef-93f6-2280408e2197] updating dyndns wan
Apr 25 22:23:13 OPNsense configd.py: [06014b09-7e86-4fb2-aa08-4e7ef3f51abe] updating rfc2136 wan
Apr 25 22:23:14 OPNsense opnsense: /usr/local/etc/rc.filter_configure: Could not find IPv6 gateway for interface(wan).
Apr 25 22:23:14 OPNsense opnsense: /usr/local/etc/rc.filter_configure: Could not find IPv6 gateway for interface(wan).
Apr 25 22:23:15 OPNsense configd.py: [9c8020e5-c3aa-44a3-91c2-6e4858bf2214] Reloading filter
Apr 25 22:23:18 OPNsense opnsense: /usr/local/etc/rc.filter_configure: Could not find IPv6 gateway for interface(wan).
Apr 25 22:23:18 OPNsense opnsense: /usr/local/etc/rc.filter_configure: Could not find IPv6 gateway for interface(wan).
Also here, WAN (igb1) needed to be restarted manually , traffic was not possible (neither ipv4 nor v6).

3.) System HALT: No logs or console messages
No interaction possible anymore (ssh, console, BMC console, no system activity anymore (flashing disk LED); BMC heartbeat still working). A simple hard restart makes everything working again until the next time.

I would like to analyze this further but can not figure out the trigger why the router advertising stops or what triggers  the watchdog for the WAN interface. (although showing in the log that igb1 is restarting, it is NOT let traffic through afterwards and need to be restarted once again manually ....

Checked also Memory consumption over time and CPU load pattern - no finding

I am running out of ideas how to analyze further. Does somebody has any further idea? - looking forward to your reply

Br br

PS: This is also the reason for getting this solved  (https://forum.opnsense.org/index.php?topic=5019.0) to get a really fully working console ...

13

17.1 Legacy Series / Gateway status unknown ....

« on: April 19, 2017, 02:19:51 pm »

Hello all

After recent reboot, I enabled gateway monitoring of the ipv6 default gateway. I noticed that the gateway monitoring on the ipv6 side is shown with status 'pending' and later 'unknown'. Earlier posts did relate this to the apinger problem. my gateways.log holds a lot of messages like

Code: [Select]

Apr 19 13:07:49 OPNsense apinger: Starting Alarm Pinger, apinger(15864)
Apr 19 13:07:59 OPNsense apinger: Exiting on signal 15.
When I disable gateway monitoring on the IPv6 gateway then everything is displayed fine /ipv6 gateway has state online) ....

I am running opnsense behind a fritzbox with a 'read from interface' config ... I have a firewall rule in WAN allowing ICMPv6 traffic. Is there any other prerequisite to make ipv6 gateway monitoring work?

Thanks for your help

Br br

 

14

17.1 Legacy Series / Change keymap on console

« on: April 19, 2017, 02:07:12 pm »

Hello all,

there is a known way how to change the keymap setting for the console in FreeBSD. This can obviously not 1:1 applied in opnsense, as /etc/login.conf is overwritten with each reboot. Selecting German in GUI does not affect keymaps in console !?

How can I use a german keyboard with the console then which survives reboot?

Thanks for your help

Br br

15

17.1 Legacy Series / 17.1.3 and 17.1.4 looses WAN from time2time

« on: March 31, 2017, 08:05:26 am »

Hello all,

now already the second time in the last 7 days, I experienced a loss of the WAN interface - out of the sudden, system .log contains

Code: [Select]

Mar 31 07:44:51 OPNsense kernel: igb1: Watchdog timeout -- resetting
Mar 31 07:44:51 OPNsense kernel: igb1: Queue(73303552) tdh = 718230942, hw tdt = 38012041
Mar 31 07:44:51 OPNsense kernel: igb1: TX(73303552) desc avail = 0,Next TX to Clean = 0
Mar 31 07:44:51 OPNsense kernel: igb1: link state changed to DOWN
Mar 31 07:44:52 OPNsense configd.py: [2613750e-b422-4cd4-b3e7-af62c8e262a4] Linkup stopping igb1
Mar 31 07:44:52 OPNsense opnsense: /usr/local/etc/rc.linkup: DEVD Ethernet detached event for wan
Mar 31 07:44:52 OPNsense UNKNOWN[95178]: Exiting, sigterm or sigint received.
Mar 31 07:44:52 OPNsense UNKNOWN[95178]: sending stop adverts
Mar 31 07:44:52 OPNsense UNKNOWN[95178]: removing /var/run/radvd.pid
Mar 31 07:44:55 OPNsense kernel: igb1: link state changed to UP
Mar 31 07:44:55 OPNsense configd.py: [95439359-bc6d-431b-8e0c-17a8ec6b78d8] Linkup starting igb1
Mar 31 07:44:55 OPNsense opnsense: /usr/local/etc/rc.linkup: DEVD Ethernet attached event for wan
Mar 31 07:44:55 OPNsense opnsense: /usr/local/etc/rc.linkup: HOTPLUG: Configuring interface wan
Mar 31 07:44:56 OPNsense opnsense: /usr/local/etc/rc.linkup: Accept router advertisements on interface igb1
Mar 31 07:44:56 OPNsense opnsense: /usr/local/etc/rc.linkup: ROUTING: setting IPv4 default route to 192.168.X.X
Mar 31 07:44:56 OPNsense opnsense: /usr/local/etc/rc.linkup: The command '/sbin/route delete -inet 'default'' returned exit code '1', the output was 'route: route has not been found delete net default fib 0: not in table'
Mar 31 07:44:59 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: rc.newwanipv6: Informational is starting igb1.
Mar 31 07:45:00 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: rc.newwanipv6: on (IP address: fe80::XX:XX:XX:a21d) (interface: wan) (real interface: igb1).
Mar 31 07:45:02 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: The command '/sbin/route delete -host 192.168.X.X' returned exit code '1', the output was 'route: route has not been found delete host 192.168.X.X fib 0: not in table'
Mar 31 07:45:02 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: The command '/sbin/route delete -host 8.8.8.8' returned exit code '1', the output was 'route: route has not been found delete host 8.8.8.8 fib 0: not in table'
Mar 31 07:45:02 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: ROUTING: setting IPv4 default route to 192.168.X.X

Despite it seems that WAN is tried to be restarted and reconfigured, traffic is not possible over WAN. Situation can only be fixed by manually restarting the WAN interface via GUI.

Any Idea How I could track this down further?

Looking forward t your reply

Br br