Topics

1

23.1 Legacy Series / IPV6 not routing after update to 23.1.5_4

« on: April 01, 2023, 03:17:16 pm »

The simplest description is that i cannot pint the router using ipv6.  needless to say I cannot contact the internet via ipv6. 23.1.4 worked, other prior versions also had the same problem.

Code: [Select]

Pinging rtr.bs.net [xxxx:xxxx:xxxx:xxxx:201:2eff:fea3:a866] with 32 bytes of data:
Destination host unreachable.
Request timed out.
Destination host unreachable.
Destination host unreachable.

Ping statistics for xxxx:xxxx:xxxx:xxxx:201:2eff:fea3:a866:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

2

General Discussion / Lost ipv6. I think it's my provider.

« on: June 26, 2022, 12:44:30 am »

Hi All,

Here is my log.  This is all I get, logging is set to debug but seems the same as info. is the system log the only place to look?  Can anyone tell me where to go from here?

Code: [Select]

<29>1 2022-06-25T18:32:31-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="1"] set client ID (len 14)
<29>1 2022-06-25T18:32:31-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="2"] set identity association
<29>1 2022-06-25T18:32:31-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="3"] set elapsed time (len 2)
<29>1 2022-06-25T18:32:31-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="4"] set option request (len 4)
<29>1 2022-06-25T18:32:31-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="5"] set IA_PD prefix
<29>1 2022-06-25T18:32:31-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="6"] set IA_PD
<29>1 2022-06-25T18:32:31-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="7"] send solicit to ff02::1:2%re1
<29>1 2022-06-25T18:32:31-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="8"] reset a timer on re1, state=SOLICIT, timeo=10, retrans=117984
<29>1 2022-06-25T18:34:29-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="1"] set client ID (len 14)
<29>1 2022-06-25T18:34:29-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="2"] set identity association
<29>1 2022-06-25T18:34:29-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="3"] set elapsed time (len 2)
<29>1 2022-06-25T18:34:29-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="4"] set option request (len 4)
<29>1 2022-06-25T18:34:29-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="5"] set IA_PD prefix
<29>1 2022-06-25T18:34:29-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="6"] set IA_PD
<29>1 2022-06-25T18:34:29-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="7"] send solicit to ff02::1:2%re1
<29>1 2022-06-25T18:34:29-04:00 rtr.condor2711.net dhcp6c 58250 - [meta sequenceId="8"] reset a timer on re1, state=SOLICIT, timeo=11, retrans=117972

Thanks

3

21.1 Legacy Series / [SOLVED] 21.1.8 openvpn server startup failure

« on: July 09, 2021, 02:46:10 am »

Hi All,

I jus upgraded from 21.1.7 to 21.1.8 and my openvpn server faild to start with the below log.

My subnet is a /29 so the startup command should be

Code: [Select]

/sbin/ifconfig ovpns1 192.168.1.241 192.168.1.246 mtu 1500 netmask 255.255.255.255 up
But this is what is happening.

Code: [Select]

2021-07-08T20:16:53 openvpn[5628] /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkdown ovpns1 1500 1622 192.168.1.241 192.168.1.242 init
2021-07-08T20:16:53 openvpn[5628] Exiting due to fatal error
2021-07-08T20:16:53 openvpn[5628] IPv4 pool size is too small (1), must be at least 2
2021-07-08T20:16:53 openvpn[5628] UDPv4 link remote: [AF_UNSPEC]
2021-07-08T20:16:53 openvpn[5628] UDPv4 link local (bound): [AF_INET]65.185.18.45:1194
2021-07-08T20:16:53 openvpn[5628] Could not determine IPv4/IPv6 protocol. Using AF_INET
2021-07-08T20:16:51 openvpn[5628] /usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkup ovpns1 1500 1622 192.168.1.241 192.168.1.242 init
2021-07-08T20:16:51 openvpn[5628] /sbin/ifconfig ovpns1 192.168.1.241 192.168.1.242 mtu 1500 netmask 255.255.255.255 up
2021-07-08T20:16:51 openvpn[5628] TUN/TAP device /dev/tun1 opened
2021-07-08T20:16:51 openvpn[5628] TUN/TAP device ovpns1 exists previously, keep at program end
2021-07-08T20:16:51 openvpn[5628] NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2021-07-08T20:16:51 openvpn[94954] library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
2021-07-08T20:16:51 openvpn[94954] OpenVPN 2.5.3 amd64-portbld-freebsd12.1 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jul 6 2021
2021-07-08T20:16:51 openvpn[94954] DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning.
2021-07-08T20:16:51 openvpn[94954] WARNING: --topology net30 support for server configs with IPv4 pools will be removed in a future release. Please migrate to --topology subnet as soon as possible.
2021-07-08T20:16:51 openvpn[94954] WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
Please note the 192.168.1.241 instead of 192.168.1.246.

Thanks

4

19.7 Legacy Series / Windows IP registration

« on: November 18, 2019, 03:44:44 pm »

I there a way to get windows dynamic DNS update to occur on the local LAN using UNBOUND or some other setup?  I just want windows clients to register IP address to the local domain.

5

19.1 Legacy Series / 19.1.10 update failed all out traffic blocked

« on: July 07, 2019, 12:48:49 am »

Rule 13 according to logs.  Firewall has access to internet.  Ping from ssh works.  All outgoing lan traffic is blocked.

6

18.7 Legacy Series / dnscrypt-proxy2 will not start on boot

« on: August 10, 2018, 03:24:51 am »

I have switched for dnscrypt-proxy v1 to v2.  I can not get dnscrypt-proxy2 to start on boot.  this prevents the fire wall from completing boot.  after the web ui comes up I can ssh in and issue "service dnscrypt-proxy restart".  it tells me it can't stop the service and the starts it.  at this point the firewall finishes the boot.  below are my rcvars.

Code: [Select]

root@router:/usr/local/etc/rc.d # cat /etc/rc.conf
dnscrypt_proxy_enable="YES"
dnscrypt_proxy_suexec="YES"
dnscrypt_proxy_uid="root"


7

18.7 Legacy Series / 18.7 R1 and R2 dnsmasq problem

« on: July 19, 2018, 07:14:40 pm »

dnsmasq is missing localhost, all interfaces to bind to.  Only LAN and WAN are available.  the default LAN binding seems to be ALL.  This prevents packages such as dnscrypt from working as it needs to be bound to 127.0.0.2.  dnscrypt will not bind because dnsmasq is already bound.

For now I switched to unbound which I can set the interface binding correctly.

8

18.7 Legacy Series / r1 release date?

« on: July 10, 2018, 10:33:53 pm »

do we have an expected date?

9

17.1 Legacy Series / Upgrade directly to 17.1.2

« on: February 24, 2017, 02:33:32 pm »

Can this be done by typing "17.1.2" at the console upgrade instead of typing "17.1"?  I have Realtek ports and don't want to risk a time out while going from 17.1 to 17.1.2