OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of moonman »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - moonman

Pages: [1]
1
Hardware and Performance / How to load ure module for USB NIC if device id isn't in the driver?
« on: September 22, 2024, 12:03:59 am »
Hi, I need to add 2 extra ethernet ports to my firewall (a little Intel N100 fanless box with 4 ethernet ports) for low bandwidth-ish devices (PiKVM and a printer). I have 2 MS Surface USB3 gigabit adapters with realtek 8153b chips in them and got them to work with cdc generic driver by settings them to mode 1. The problem is that this driver is pretty bad in terms of maximum bandwidth (250Mbit/s) and latency. realtek 8153b is supposed to be decently supported with the "ure" driver which I am hoping will improve the latency at high load. I suspect that ure driver doesn't get loaded because the device id is just not in the driver code. Is there any way to make the driver load for my device passing device id at runtime (which is possible on linux).

I had these nics running under linux before and they were rock solid with months uptime.

Code: [Select]
ugen0.3: <RTL8153B GigE [Surface Ethernet Adapter] Microsoft Corp.> at usbus0, cfg=1 md=HOST spd=SUPER (5.0Gbps) pwr=ON (72mA)

  bLength = 0x0012
  bDescriptorType = 0x0001
  bcdUSB = 0x0300
  bDeviceClass = 0x0000  <Probed by interface class>
  bDeviceSubClass = 0x0000
  bDeviceProtocol = 0x0000
  bMaxPacketSize0 = 0x0009
  idVendor = 0x045e
  idProduct = 0x0927
  bcdDevice = 0x3100
  iManufacturer = 0x0001  <Microsoft>
  iProduct = 0x0002  <Ethernet Adapter>
  iSerialNumber = 0x0006  <001008A1A>
  bNumConfigurations = 0x0002

2
20.1 Legacy Series / Traffic shaper is not working properly for me
« on: March 08, 2020, 03:01:06 am »
There are 2 issues with it:
- It halves the total bandwidth for every user
- It limits the bandwidth per user, instead of per pipe. Given enough users, the cumulative bandwidth will exceed that of the maximum bandwidth of the pipe.

There are at least 2 topics on this on this forum. One from 2016 and one from 2018. Github issue was closed in 2019 with no resolution (and 1 more problem added while trying to fix the initial one).

Is anyone working on this at all?

https://forum.opnsense.org/index.php?topic=7235.0
https://forum.opnsense.org/index.php?topic=3966.0
https://github.com/opnsense/core/issues/2191



3
General Discussion / Unbound won't start with do-not-query-localhost: no for dnscrypt-proxy
« on: July 09, 2019, 01:13:29 am »
Hello everyone,

I was just following https://docs.opnsense.org/manual/how-tos/dnscrypt-proxy.html to setup dnscrypt-proxy.
In the first paragraph the guide says to "just set this in your Unbound Advanced settings:"
Code: [Select]
do-not-query-localhost: no
forward-zone:
name: "."
forward-addr: 127.0.0.1@5353
There is no option to use custom options under Unbound --> Advanced, so I assume the author meant Unbound --> General --> Custom options.

Well, inserting the above into Custom Options, saving and applying settings kills Unbound and it won't start again until
Code: [Select]
do-not-query-localhost: no is removed (and the rest kept), with the only issue that no address resolves without this option. I assume it just won't forward to 127.0.0.1:5151 because it's localhost and it is disallowed.

Any help would be appreciated.

4
General Discussion / Running external socks5 proxy on wan
« on: April 19, 2019, 01:54:01 am »
Hello,

I'm looking to run a socks5 proxy on the WAN interface for external use (for friends and family to bypass country firewall block)
Now, I am familiar with Linux (i.e. I have Arch Linux running), however I'm little kind of stuck with freebsd (and by extension opnsense)

Looks like there are packages such as nylon, ss5 and 3proxy, (I'm especially interested in ss5) however  none of these are available in the repositories. How would I add a repository from a freebsd, or how would I go about installing a port?

5
General Discussion / How to revert to previous release?
« on: March 24, 2019, 07:24:24 pm »
Hello,

I've been having issues with site-to-site ipsec performance, and my guess is that it happened when I upgraded to 19.1.4. I would like to revert back to 19.1.3 (19.1.2 kernel) to test this theory.

According to this https://wiki.opnsense.org/manual/opnsense_tools.html
Code: [Select]
opnsense-revert -r 19.1.3 opnsensewill downgrade everything but the kernel.

Is this correct? it looks like this only downgrades 1 package (opnsense) which it looks like is only responsible for the reported version. All my other packages stayed the same.

The question is, how do I revert the whole system back to 19.1.3.

PS: I know the kernel will need to be downgraded with
Code: [Select]
opnsense-update -kr 19.1.3

6
General Discussion / [SOLVED] How to read Health -> Quality graph
« on: March 21, 2019, 03:49:54 am »


I understand that the latency for example is 15ms, but what is 400m for packet loss?

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2