Topics

1

Zenarmor (Sensei) / Extreme reduction of bandwidth on 100Mbit line

« on: April 17, 2024, 01:45:51 pm »

Hello,

I installed the Zenarmor plugin in a well working VM installation of Opnsense.

The host is the following Windows 11 PC:

- Intel Core i7 12700
- 128 GB RAM
- Intel(R) Ethernet Connection (17) I219-LM
- Micron 3400 NVMe 1TB
- ST2000DM008-2UB02 (actually the VM is installed on this HDD)

The OPNSense VM has a static IP and is performing basic functions:

- acts as Internet gateway for internal network
- a few nat port-forwarding
- traffic shaping for some internal IPs

Following the details of the VM:

- last version (7.0.14) of Virtualbox Hypervisor
- 16 GB RAM
- 500 GB HDD space
- one core (tried 4 core but had only stability problems) assigned to the VM
- two Intel PRO/1000 MT desktop network cards in bridge mode, every card has its internal IP

When there is no ZenArmor i can obtain all the 100Mbit up/down bandwidth.
When ZenArmor (free) is installed (doesn't seem netmap mode matters, I tried all the option) I barely reach 20 MBit in both directions.
This behaviour even stopping / bypassyng ZenArmor.

Uninstalling ZenArmor revert the system to full bandwidth.

If someone could give advice on how to proceed it's be greatly appreciated.

Thanks in advance

2

24.1 Legacy Series / Possible crash of services if more than one core allocated to OPNSense

« on: March 20, 2024, 10:32:36 am »

Hi,

for the first time I dedicated 4 cores to the Virtualbox VM hosting OPNSense (24.1 updated to the last patch).
Before, only one core was available and the system never had problems.

Since the change the system stops working, usually in a few hours; PC having it as GW not connected to Internet, WEB UI not reachable..............only console works.
Tried the shell: even ping doesn't work.
Reverting to one core "solves" the problem.
The functions activated on OPNSense are: NAT with Port Forwarding, an OpenVPN (Legacy, and wasn't used but is active), two rules of traffic shaping.

Tried to give a look at logs from console, didn't notice anything but I'd like some advice where (which logs) to search for answers.
And if someone else experienced similar behaviour .........please let me know.

If further info are needed just drop a line, please.

Thanks in advance

3

24.1 Legacy Series / Enlarging the max size of a dynamically allocated Opnsense VM

« on: March 13, 2024, 05:19:09 pm »

Hi,

I have a virtualbox Opnsense VM whose VDI size has been defined as dynamically allocated till a defined max size.

Now I'd like to increase the max size; tried using the CloneVDI program using the option to increase the size but this leads (seen through "gpart show") to a corrupt ada0 GPT.

Could you please give me advices on how to resize it properly?

Thanks in advance

4

20.7 Legacy Series / SOLVED: OpenVPN not allowing Internet traffic for client after reboot

« on: September 14, 2020, 11:13:03 am »

Hello,

using OpnSense 20.7.2.

I followed exactly the procedure reported at this link (different port and Description names but same flgs / procedure):

hxxps://homenetworkguy.com/how-to/configure-openvpn-opnsense/

in order to achieve a VPN that could allow me to reach some of my LAN resources (I added a rule in order to protect RDP to one PC on the LAN and it worked like a charm) and could also allow the client(s) to surf the net like all traffic came from the OPNSense Box.

I exported the client file for my android phone and for my home PC like descripted in the above link.

Then, since I had my android phone with me, I got the android OpenVpn client and imported the connection file and all worked like a charm when connected to the VPN: from the phone I could RDP the LAN address of my PC and I could surf the Internet having the IP address of the OPNsense WAN Gateway.

When at home I installed the OpenVPN client on my PC (HP laptop, Win 10 2004, 8 GB RAM), imported the file for PC created together with the one for my phone and................When connected to the VPN I couldn't have internet access at all. DNS where solved (I tried a ping -a from command prompt) but it all ended there.
Furthermore, the same happen from my phone.
It couldn't surf the Internet anymore when connected to the VPN and nothing had changed in OPNsense since when it all worked and nothing had changed in the phone.

I'm a little lost here...............If someone could help me share some light...............

I'm available if further info are required.

Thanks in advance

5

19.7 Legacy Series / Big src_addr_XXXXXX.sqlite

« on: October 09, 2019, 02:18:40 pm »

Hi,

I noticed that under /var/netflow there are almost 10 GB of files named

src_addr_XXXXXX.sqlite

where XXXXXX are different combinatino of numbers.

Could you please tell me what are they and if it's safe to get rid of some or all of them (eventually with a GUI procedure and not brutally deleting them from command line)

Thanks in advance

Best wishes

6

19.1 Legacy Series / Slow shutdown / restart on reboot

« on: April 10, 2019, 12:11:02 pm »

Hello,

I have Opnsense (up-to-date version) installed in a Virtualbox VM.

Usually it has to be restarted for :

- Upgrades of Opnsense itself
- Updates of the VM host

The shutdown (and often restart) phase is extremely slow:

the execution of the backup scripts

>>> Invoking early script 'backup'
>>> Invoking backup script 'captiveportal'
>>> Invoking backup script 'dhcpleases'
>>> Invoking backup script 'duid'
>>> Invoking backup script 'netflow'

can take minutes.

Is there something I can do to improve the situation ?

Thanks in advance

Best Regards

7

16.7 Legacy Series / Netflow Insight shows No Available Data after Upgrade

« on: January 10, 2017, 04:22:09 pm »

Hello, after today upgrade to 16.7.13 Insight shows "No available data" also if the cache section of NetFlow shows that packets are captured.

I did an ls -lah of /var/log and it shows ten older flowd.log.xxxxxxx of 11 MB each and one (today's one)  which is already 34 MB and growing.

The situation is shown in the attached file


Could someone please help me?

Thanks in advance