OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of hedberg »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - hedberg

Pages: [1]
1
17.1 Legacy Series / 17.1 images will not boot
« on: January 31, 2017, 10:21:44 pm »
I would like to test 17.1 at a fairly new J1900 based machine with 4 intel nics.

This is the machine type:
https://www.amazon.co.uk/Celeron-Firewall-Fanless-Desktop-Computer-x/dp/B01IG5O95W

Tried both VGA versions from a USB stick and both CD-ROM versions with no success. Same machine booted one of the 16.7 versions just fine and I just installed a FreeBSD 11 on it to verify it wasnt the FreeBSD 11 that was at fault.

The CD-ROM load some small files and then dies. The USB version doesnt even boot.

Any ideas? 

2
General Discussion / Default NTP server settings
« on: January 21, 2017, 09:37:57 pm »
Hi,

I just installed a secondary OpnSense the other day and noticed that the default NTP server in the installation was nl.pool.ntp.org.

The Pool NTP project requests vendors (also open source vendors) to create a vendor zone, so the default  should be e.g. [0-3].opnsense.pool.ntp.org

http://www.pool.ntp.org/en/vendors.html#vendor-zone

There is no cost for Open Source projects.

Br,
Thomas


3
16.7 Legacy Series / 100.000+ NTP queries a second
« on: January 04, 2017, 02:44:00 pm »
I have purchased a new NTP server that is able to handle 100.000 NTP queries a second. It is going to be a part of the pool.ntp.org project and I expect quite a bit of load on it.

I was warned by the manufacturer that a lot of network equipment and firewalls might have problems handling 100.000+ requests a second or about 100Mbit traffic of very small packets. I assume it is because most modern firewalls have statefull inspection and it probably require a lot of memory to server that many small packets.

Currently I have OpnSense installed on VMware on an Atom 2750 based motherboard. It has 32GB of memory with 2GB allocated to OpnSense at the moment together with 2 of 8 cores. It has 4Gbit Intel interfaces and the internet connection is 500/500Mbit. For the ones who might be interested in the NTP server it is a LeoNTP.

Has anybody tried this on OpnSense with a similar hardware platform? I would be grateful for any suggestions or concerns you might have.

(This is installed in a private home, so there is nobody else being affected if the firewall can’t cope with it).





4
General Discussion / Extending the whitelisting in proxy
« on: August 07, 2016, 07:50:30 pm »
Have you considered making the proxy's blacklist function more flexible, so one could "turn it on it's head" and forbid everything except categories that was checked/allowed - a whitelist.

EDIT: A shame that the whitetrash project (http://whitetrash.sourceforge.net) is abandoned. Looks interesting.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2