Topics

1

20.7 Legacy Series / Initial DHCP lease time is set to 600 seconds not 86400 seconds

« on: October 29, 2020, 04:10:14 pm »

In using the DHCP service on OPNsesne, when I was spinning up a Nexus v9000 I was getting a message that the lease time was under 3600 which it was not accepting.

Upon research using the packet capture diagnostics, I noticed the dhcp service was, in fact, handing out the 600 second value under option 51 - Attached snip (dhcp-offer.png) and the DHCP Discover package was asking for 538705920 seconds - Attached snip (dhcp-discover.png)

After many retries (about 180 seconds after the initial discover) the correct dhcp lease is offered to the devices.

Everything is defaulted to 7200 and 86400 and the /var/dhcpd/etc/dhcpd.conf file shows those same values as the default and in the pools.

I spun up a quick dhcp-server (version 4.3.6) under CentOS 8 and copied the above dhcpd.conf to the /etc/dhcpd directory and it served out the correct lease times to the devices.

Currently using OPNsense 20.7.4-amd64 with LibreSSL-3.1.4 and the packages shows a isc-dhcp44-server version of 4.4.2_1.

2

18.7 Legacy Series / E1000 and Proxmox 5.2-x issues

« on: September 23, 2018, 08:54:13 pm »

Seems to be an issue with the e1000 interaction with OPNsense 18.7.x (possibly 18.1.x) and Proxmox using the e1000 nic.

Within a 24 hour time span the nic will basically stop passing data and the gateway will go "RED". This has mostly been seen on the WAN interface. This seems to be due to high or heavy traffic causing the nic to stop responding. Going into console and issuing an 'ifconfig em1 down' and then an 'ifconfig em1 up' resolves the issue. Tried the unchecking and checking from the GUI on that interface does not seem to clear this symptom up. And of course rebooting the VM fixes the issue too. I can replicate this everyday except I just upgraded from pfSense to OPNsense and DO NOT want to go back. I believe that the 2.4.3-p1 using 11.0 and OPNsense uses 11.1 but I did not try pfSense with e1000 nics only virtio nics. I used the e1000 nics due to the recommendation of the IDS/IPS requirement.

I did have the LAN interface lock on me once and I could not get into the system to try the "ifconfig" command so I had to reboot the VM (forgot about the Proxmox VM console but customer was wondering what was going on...mass hysteria).

I originally thought it was a CARP/HA issue but I have had it happen on a standalone OPNsense VM (only once so far) using the e1000 drivers but does not have a heavy load on it (using it as an SBC...which I am trying to make into a plugin for OPNsense )

Using 'virtio' now and all seems to be fine but of course IDS/IPS does not work (Underlying FreeBSD issues with virtio or qemu not having netmap support...lot of discussion about this around the internet).

3

18.7 Legacy Series / Gateway widget display is not updating.

« on: September 23, 2018, 08:42:18 pm »

When using Microsoft edge (Not my default browser) it shows the "Name" and the "Status" of Unknown and not RTT, RTTd and Loss. Under System->Gateways->Single the system displays results as expected.
When running under Firefox there are No Issues. Displaying as expected.

Under the "Console" of edge the following errors are logged every few seconds.
[object Error]: {description: "'find' is not defined", message: "'find' is not defined", number: -2146823279, stack: "ReferenceError: 'find' is not defined at Anonymous function (Unknown script code:6:11) at Array.prototype.map (native code) at gateways_widget_update (Unknown script code:4:7) at Anonymous function (https://192.168.0.2/index.php:1122:25) at Array.prototype.map (native code) at Anonymous function (https://192.168.0.2/index.php:1119:13) at i (https://192.168.0.2/ui/js/jquery-3.2.1.min.js:2:28012) at j.fireWith (https://192.168.0.2/ui/js/jquery-3.2.1.min.js:2:28725) at A (https://192.168.0.2/ui/js/jquery-3.2.1.min.js:4:13607) at Anonymous function (https://192.168.0.2/ui/js/jquery-3.2.1.min.js:4:16162)"}