Topics

I've been running OPNSense for years and I really love it.  However, after a recent update my HD activity light was staying on and the CPU meter on the OPNSense dashboard was reading 100%.  After looking for anything obvious and turning off all the services I could, the CPU was still pegged and the HD light was still on constantly.  So I rebooted the machine; it never came back online.

After I attached a monitor to the machine I saw that it had a kernel panic[0].  While unusual I didn't think to much of it.  However, rebooting the machine didn't resolve the issue.  So I removed all the cards, memory, etc. to see if I could get a clean boot.  Nothing helped and I continued to get a kernel panic[0].

I thought it might be a corrupted hard drive or something so I disconnected the drive and booted off of a USB thumb drive with a fresh copy of v23.1 installed on it.  The system booted just fine and ran the live version.  So I turned the machine off, reconnected the drive, rebooted and installed v23.1 on the HD.  The install worked perfectly and the machine rebooted.  Once again, I got the kernel panic[0].

My next thought was that maybe the HD was "bad".  I replaced the HD and again installed a fresh copy of v23.1.  Again, the kernel panic[0] showed up.  Arrggghhh! 

I'm running Memtest86 v6.10 right now and everything is looking good, so I don't think it's memory related.  I've replaced the HD so that's (probably) not the problem.  It seems to work fine booting from the USB flash drive (its just slooooow) so the CPU seems to be OK. 

Any thoughts on what I should do now?  I'm not very good at reading kernel panic output so I thought I was ask here.  The weird thing is that it seems to run fine from a live USB stick but not when I install it on a HD.  Maybe the HD controller is bad?  How would I test this?

BTW: after the kernel panic the machine is locked up completely.  Nothing works.  The keyboard doesn't do anything, the capslock key doesn't even light up.  Even the floppy drive light is stuck on.

• https://imgur.com/a/aaXwkVK

I experimenting with NextDNS as my upstream DNS provider.  So far I like it quite well but I'm having a bit of trouble getting DNS configured.  I was able to set my IPv4 DNS providers in the Services --> DHCPv4 --> [LAN] config but I can't find where to set the IPv6 DNS providers.  The IPv6 Services --> DHCPv6 menu only has "Relay" & "Leases" and neither of those offer DNS configs.

Where can you override the host's IPv6 DNS providers?  Do I need to install a NextDNS plugin or something?

So, I have a pretty generic OPNSense installation; no weird plugins, no VPN connections, just a normal household LAN/WAN config.  Recently (in the past year?) I've noticed that most sites think I'm in Houston, TX for some reason (ie. Accuweather & Lowes)  Even Apple presents me with a map of Texas whenever I need to authenticate a connection (buying something on the Apple store).

This happens on two different computers (Linux & Mac) with multiple browsers (Safari, Firefox, Chrome) even in "private" mode.  I checked my IP address with several online "checkers" (ie. MaxMind, etc.) and they all get my location correct.  I've reached out to my ISP to see if there is some problem on their end.

Then I thought, "could this be a setting in OPNSense?"  I don't think so but I'm getting a bit desperate.  Is there something in OPNSense that fakes geolocation?  Maybe some sort of privacy setting or filter?

I'm using OPNSense to protect a small elementary school's network and we have been having frequent outages for the past 4 months.  We've investigated everything we can think of and so far haven't been able to fix the problem. 

Our ISP has suggested that our problem looks similar to other issues they've seen where there is a bad or failing component on the network that is sending out malformed packets and disrupting our service.  The cable modem sees these "bad" packets and starts dropping legitimate packets.

To me, our problem feels like a lack-of-bandwidth type of issue but everything we can see tells us that we are not oversubscribed.  When the outage happens, OPNSense is not reporting any type of bandwidth spike, our WAN traffic isn't topped out, even the firewall hardware looks fine (CPU, RAM, temp, etc.)

My question then is how do I track down the device that is causing the issue?  Is it possible to do a tcpdump on OPNsense and export that data for later evaluation?  I've installed the VnStat plugin but I don't think that is going to help.  Are there any other plugins that I should try?

I just installed a new OPNSense system at my wife's school and everything seems to be working fine, except the Guest WiFi VLAN interface.  The Guest Wifi VLAN is supposed to be for those in the building that have personal devices, or guests that don't need to talk to the internal network (printers, etc.)

Here are the steps I went through:

• Go to Interfaces --> Other Types --> VLAN and hit the add button
• Fill out all the information (Tag, PCP, etc.)
• Go to Interfaces --> Assignments and add it to the WAN Interface
• Go to Firewall --> Rules --> LAN and clone the "any" rules and change the settings to use the new VLAN Interface
• Go to Services --> DHCPv4 --> OPT1 and enable DHCP

Everything looks good and the interface comes up without any errors.  However, when I try to connect I don't get a DHCP connection.  So, I manually gave myself and address (10.0.1.69) and tried to ping a couple of things.  I can ping the firewall at the VLAN interface (10.0.1.1) but I can't ping 8.8.8.8.  Also, DNS lookups don't work on the VLAN but they work fine on the LAN interface.

I know that I'm probably missing something obvious but I spent 3 hours yesterday trying to track down the problem and couldn't make it work.  Do you have any thoughts about what I might be doing wrong?  I've installed firewalls before but am new to OPNSense.

I'm a new convert from IPFire and am looking for a way to monitor my Internet connection and possibly show a history.  My ISP has a habit of dropping the connection and I would like to know when and for how long it was down.  I can then take this information and get a discount on my monthly bill.  I looked around OPNSense a bit but couldn't see anything that might do what I need.  Is there a plugin that might solve this problem?  Or perhaps it's already built into the core product and I don't know how to get to it.

Thanx!
Richard