Topics

1

23.7 Legacy Series / Are the images updated when there is a maintenance release?

« on: October 23, 2023, 04:54:13 pm »

So is the 23.7 download a 23.7.6 ?
Or is the update applied early in the install process?

2

General Discussion / IP random ID and streaming

« on: October 01, 2023, 02:54:32 pm »

Using opnsense as my router and apple music on wired and wireless clients, I experienced annoying interruptions while streaming music. They appeared kind of random but consistently at any time of day…for months on all clients. Playback would pause, just to continue after some seconds, as if the buffer was empty. Also, the playback rarely had some timing issues. It sounded like all of a sudden 50ms of music were skipped, causing a small rhythmic annoyance.

So I have played around with the settings and it appears that, when I disable IP random ID the issue disappears. I am not 100% convinced though, since the issue appears randomly. Fingers crossed!? I can stream 4k videos fine (via amazon). I guess Apple Music is using a lot less buffering!?

RFC 1122: The IPv4 ID field MUST NOT be used for purposes other than fragmentation and reassembly.

So the question is probably something like: can the ip random id setting cause issues for packet fragmentation and reassembly? Under what circumstances? Is streaming affected? Should the setting be off by default?

3

Virtual private networks / I would like to use opnsense as a proxy for mobile connections (done)

« on: July 02, 2023, 11:09:15 am »

Hello, I would like to connect to my home router (opnsense with internet connection) from my mobile device (LTE) so that the home router acts like a proxy for accessing the internet (dns and other requests from the mobile device should be done by opnsense). Is that possible? If so, what would be the basic setup? Thank you!

tldr; from my mobile I want to connect to the internet via opnsense (mobiles only „direct connection“ is a secure tunnel to opnsense). DNS requests from the mobile divice must be handled by opnsense (where unbound is running).

4

23.1 Legacy Series / Sections could use tabs for subsections

« on: April 03, 2023, 01:53:25 pm »

This is an UI improvement proposal.
In the firmware section we have tabs for all the subsections (status, settings, updates, …)
Proposal: have tabs for subsections in the other sections as well.

5

23.1 Legacy Series / The new unbound reporting is pretty cool

« on: January 27, 2023, 10:57:28 pm »

 
Thanks!

6

22.7 Legacy Series / Installer version outdated?

« on: August 12, 2022, 09:38:12 am »

Just wondering: is the installer still at 22.7 or does it actually include 22.7.1, eg „current“ version, even though the name is 22.7?

7

22.1 Legacy Series / ZFS suspended zroot (apu2 coreboot 4.15)

« on: January 31, 2022, 02:59:58 pm »

So some of my devices suddenly lost internet connection today around 12 o'clock while some others where still working fine (fresh 22.1 (with config importer) ZFS install on apu2 since yesterday). Serial console gave me this:

Code: [Select]

FreeBSD/amd64 (mrqu.freifunk) (ttyu0)

login: vvd
Solaris: WARNING: Pool 'zroot' has encountered an uncorrectable I/O failure and has been suspended.

Nothing else. I could not login. Had to pull the power for reboot. Seems everything is running fine again.
I could not find anything in the logs except maybe this:

Code: [Select]

2022-01-30T11:59:26 Error configctl unable to connect to configd socket (@/var/run/configd.socket)
Is ZFS considered experimental? Can I do some FS check or something?

8

22.1 Legacy Series / Something I have noticed after the upgrade

« on: January 29, 2022, 08:02:07 pm »

🤔

9

Hardware and Performance / Should MTU be the same for all NICs in the Router?

« on: August 01, 2021, 10:30:45 pm »

So I have
LAN (default mtu 1500) <-> apu2 <-> pppoe dsl WAN (mtu 1492)
Should I set an mtu of 1492 on the LAN nic as well? Thanks!

10

Hardware and Performance / This just happened (apu2 fail)

« on: August 18, 2020, 01:44:10 pm »

I love apu2, but this just happened.
I was downloading the new flight simulator when all of a sudden my opnsense apu2 router stopped working. I couldnt ping it so I power cycled the unit. It would not boot again. The LED kept flashing and the board made a repeating click sound...
I thought all is lost, no flight sim for me today...when I gave it another try. About an hourlater I thought "lets plug it in and keep it clicking@...and voila, after like 3 minutes of clicking noises opnsense was booted again.
Now what was that? Anu ideas? Should I be worried and buy a backup board now?

11

20.7 Legacy Series / Suggestion for LRO and TSO hardware offloading

« on: August 11, 2020, 07:33:07 pm »

I suggest to change the description for those options from

Checking this option will disable hardware TCP segmentation offloading (TSO, TSO4, TSO6). This offloading is broken in some hardware drivers, and may impact performance with some specific NICs.

And

Checking this option will disable hardware large receive offloading (LRO). This offloading is broken in some hardware drivers, and may impact performance with some specific NICs.

to

This add latency, and because all packets need to be sending out again, the stack have to split in different packets again before to hand them down to the NIC. Intel drivers readme include this note “The result of not disabling LRO when combined with ip forwarding or bridging can be low throughput or even a kernel panic.” Also this breaks the end to end principle.

Or similar. I think it’s more useful information. Taken from here: https://bsdrp.net/documentation/technical_docs/performance

Bzw: I wonder if the same is true for CRC offloading. Anyone knows?

12

20.7 Legacy Series / VPN and Skype keep disconnecting

« on: August 10, 2020, 06:04:53 pm »

Working from home I have a vpn connection to our network. Quite often (irregular) the vpn connection times out or skype calls drop, or skype just disconnects. My internet connection is fine though, I can run streams without any issues. My it department said they don’t know about any issues and recommend to restart router etc...so they are not very helpful.

I tried to change state optimization to conservative, no dice. I tried to allow echo requests to my public ip. No luck. Any ideas?

13

General Discussion / Allow any to WAN rule, what protocols and why?

« on: August 06, 2020, 08:37:04 am »

Generally you would only need to allow TCT/UDP to any on wan for a home router, I guess...but the default is to allow all protocols. The list of those protocols is long, many of them i have no clue about. Wouldn‘t it be better for me to allow TCP/UDP only? Thanks.

14

20.7 Legacy Series / No feedback for DNS blocklists

« on: July 30, 2020, 10:06:10 pm »

Hello everyone,

I think it’s great to be able to use DNS blocklists from the gui now. I am missing some feedback that it actually works. There is no indication anywhere. Maybe I just did not find it yet. Show the number of entries in the blocklist or something would help a lot I think.

A smaller issue I found: when removing an interface (eg OPT3) which has an existing rrd file, the contexts health, insight and netflow (under reporting) fail to load. Removing the rrd file for that interface (in settings) fixes it.

Other than that its all smooth so far (on my apu2). Thanks a lot!

15

17.7 Legacy Series / Can opnsense do this?

« on: December 06, 2017, 08:01:57 pm »

Greetings everyone,

I am using the following functionality with my current firewall but i am looking for something new and i was wondering, can opnsense do this too?

Asn ip blocking (alias from whois)
Dns black holes (using common host files)
Geo-ip blocking (alias from geo-ip)
All logging can be disabled

Also, is opnsense using a rolling release model? Or will it be rolling once all big feature changes are complete? How long are old versions supported if its not rolling?

Thank you so much
J