Topics

1

Hardware and Performance / Weird speed issues with Mellanox ConnectX-3

« on: October 20, 2019, 11:12:44 pm »

Hi,

I installed a Mellanox ConnectX-3 10G nic today. The card was recognized after I prompted the system to load the module (I added mlx4en_load="YES" to /boot/loader.conf.local. So far so good.

However, when I ran iperf3 I noticed that I am only getting about 1.4GB/s on the interface. I've tried turning on/off all the hardware offloading settings, but to no avail. Speed doesn't exceed 1.4GB/s. To rule out other issues, I've booted a live CD image of Ubuntu 18.04.3 on the same system and ran iperf3 from there. I was getting about 9.85GB/s - which I expected.

Is there anything that I overlooked in OPNsense? Is it a module issue in FreeBSD?

Thanks!

2

18.7 Legacy Series / separate VLAN for VPN

« on: September 12, 2018, 04:35:08 am »

Hello,

I have the following setup working quite well:

VLAN 10 traffic is using default gateway
VLAN 20 traffic is going over VPN gateway (OpenVPN client interface)

What doesn't appear to work is to have one VLAN20 traffic rule to ANY with VPN gateway. External traffic via the VPN interface works fine, but LAN traffic doesn't get through as soon as I use a non-default gateway.

So, right now I have two rules for VLAN 20:
1. from VLAN 20 to local subnets via default gateway
2. from VLAN 20 to ANY via VPN gateway

For all local traffic, the first rule applies and if not non-local traffic, rule 2 sends it out via the correct gateway.

Now, I don't understand why local traffic gets blocked if I just have a simple VLAN 20 to ANY rule with VPN gateway. Something must change if the gateway is not the default one.

Any thoughts?

Thanks!

3

16.7 Legacy Series / Google Backup issue

« on: October 12, 2016, 03:58:38 am »

Hi

I've been using Google Drive Backup for a while. I've recently re-installed OPNsense and noticed a weird behavior. Configuration backup works and the config file is written into Google Drive and shows up in the folder.

However, when I look at the file, it appears encrypted. I've already tried creating a new P12 key and tried to upload it to OPNsense. After the file is uploaded, it shows P12 key (not loaded)... So not sure it takes it.

What could be wrong?

Thanks

4

16.7 Legacy Series / Funky Gateway behaviour

« on: August 09, 2016, 06:12:03 pm »

Hello,

I have one regular WAN gateway and one OpenVPN gateway (WAN_VPN) that is connected to an OpenVPN client on the firewall. Further, I have a VLAN 20 interface. Then, the rules are such that VLAN 20 can only use the WAN_VPN interface.

Here's the funky part: When I reboot the OPNsense, the machines on VLAN20 go through WAN, not WAN_VPN. However, if I save any settings on the firewall, regardless of whether I changed something or not, suddenly the VLAN 20 machines will go through WAN_VPN as they should. ?!

I've turned off all rules in VLAN20 and the machines won't get out as they should. However, if I turn a rule just directing any VLAN 20 traffic out the WAN_VPN gateway and reboot, the same funky behaviour happens.

Default gateway switching is turned off (not ticked).

Any thoughts?

5

16.7 Legacy Series / [SOLVED] Repository Problem

« on: July 24, 2016, 02:56:33 am »

Clicked to check for updates. Says "Repository Problem"

6

16.7 Legacy Series / [SOLVED] OpenVPN connection status

« on: July 13, 2016, 07:57:06 pm »

Noticed that in VPN > OpenVPN > Connection Status, both client and server instances are shown with the red "stop" status although the services are running and operation fine.

Cheers
-C

7

16.7 Legacy Series / Initial observations

« on: July 08, 2016, 03:24:12 am »

Hello,

I like the changes to 16.7 very much, specifically FreeBSD 10.3. Now I can use my modified coretemp.ko (modified to reduce reported temp by 30C as my proc has a different junction temp).

Unfortunately, the update broke UPnP. Plex and other services that use NAT-PMP or UPnP cannot register their ports anymore. I've restarted the firewall and the various clients, but it doesn't work. OPNsense doesn't register any open ports under "Status" either.

Then, under "Service Status" on the Dashboard, there's suddenly an entry for the dhcpd6 service (not started) although I utilize no IPv6 services. It wasn't there in 16.1 and use the same conf.

The Traffic Graphs show IPsec (which I don't use), but no OpenVPN.

Finally, after reboot, I have to restart the OpenVPN client for it to work. This was an issue in 16.1, but I thought that there was a fix for that.

Thank you! And good work!

8

16.1 Legacy Series / Restore config during install

« on: July 05, 2016, 05:36:32 pm »

Hello,

I was wondering if there's a way to restore a configuration backup file during installation like this one: https://doc.pfsense.org/index.php/Automatically_Restore_During_Install

Many thanks!
-C