Topics

1

24.1 Legacy Series / IPv6 ULA with NPT, when WAN is Dynamic

« on: April 26, 2024, 02:08:55 am »

Hi Guys,

• I have DHCPv6 configured on the WAN interface and its using PD with a /56.
• I also have Static IPv6 configured on my LAN interfaces using ULA configured as /64.
• I'd like to use NPT for 1:1 between the equivalent WAN /56 mapped to the LAN /56.

I have this working with NPT (/56 and /64) mapping configs, however I need to enter the "External IPv6 Prefix (target)" to make this work.  I recall reading to leave "External IPv6 Prefix (target)" empty for it to work dynamically, however that does not work, even with /56, which is address to address.

Any thoughts, what I'm missing?

2

21.7 Legacy Series / OpenVPN 'Client Specific Overrides' 'Common Name' Not Working

« on: October 06, 2021, 12:19:32 pm »

Hi Guys,

I understand the Common Name within 'Client Specific Overrides' is the certificate CN used for the user, however, it doesn't appear to be working.

Any Ideas?

Thanks,

3

21.7 Legacy Series / ESXi Shaper 1Gb download performance

« on: September 17, 2021, 03:00:12 pm »

Hi Guys,

I have a couple of shapers, one for inbound and one for outbound on my WAN interface.  I am running a virtual firewall, the external WAN interface is now passthrough using igb, which has improved things a lot.

When enabling any shapers using vmxnet3 on the LAN interface, my download performance drops from 800-900Mbit to 600Mbit. 

I therefore changed to E1000e for the LAN, and that increased performance without shapers to between 850-950Mbit.  However, I am still getting a performance drop with shapers to around 700Mbit (during testing, I am increasing the shaper to 1800Mbit to eliminate queue size).

Any Suggestions?

Thanks,

4

21.7 Legacy Series / VRF support

« on: July 27, 2021, 08:15:44 pm »

Hi Guys,

Is there any support for VRF's?  I have a use case for a Management/OOB interface.

Thanks,

5

19.7 Legacy Series / Shaper - WF2Q+ weights not working

« on: September 23, 2019, 12:57:22 am »

Hi Guys,

I don't know if I'm doing something wrong here, but I cannot get weights to work on queues.

I have the following:

Pipe:
Bandwidth - 100Mb
Scheduler - Weighted Fair Queueing

Queue 1:
Pipe - Above
Weight - 100

Queue 2:
Pipe - Above
Weight - 1

Rule 1:
Destination Address: host 1
Target - Queue 1

Rule 2:
Destination Address: host 2
Target - Queue 2

The queues are working, but no matter what I use for weight, it is always around 50/50.

Thanks,

6

18.1 Legacy Series / Netflow counting traffic twice

« on: February 11, 2018, 03:12:42 am »

Sup guys,

Netflow appears to be counting traffic twice, this port UPnP.  Am I seeing this correctly, check out the pictures.

EDIT: I'm also seeing the same thing with NAT rules.

Thanks,

7

18.1 Legacy Series / Lost all firewall rules

« on: January 30, 2018, 07:10:22 pm »

Hi Guys,

I hit reset in the Traffic Shaper and although I have rules in the GUI I have lost all rules when I run 'ipfw -a list' I now get:

Code: [Select]

root@OPNsense:~ # ipfw -a list
65535 17072 4146486 allow ip from any to any


8

18.1 Legacy Series / Traffic shaper limit not stable throughput

« on: January 29, 2018, 07:50:48 pm »

Hi Guys,

I've been playing with the Traffic Shaper, having come for pfSense, but gave up on the shapers, I thought I'd give it another look with the change to dummynet/ipfw.

I have a simple Pipe with bandwidth set to 200Mbit and a rule for one host.  When I test this limit and look at some traffic charts on opnsense, it's extremely choppy between 110Mbit and 150Mbit.  I'd expect it to hit 200Mbit and stay there.  I have tested at different bandwidths and it does the same, never keeping at a stable throughput.

Any ideas?  Is it my understanding.

I am running on an ESXi Virtual Machine, performance and memory look ok and they are E1000 NICs.

Thanks,