OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of cpw »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - cpw

Pages: [1] 2
1
24.7 Production Series / WAN as PPPoE - bug in the "Assign Interfaces" CLI tool perhaps?
« on: October 17, 2024, 10:35:45 pm »
Hi, I'm in the process of overhauling my OPNsense, so I'm rebuilding my config from scratch to clean out a lot of cruft in a new VM of 24.7.6. I'm trying to align my interfaces with the "prebuilt" setups as much as possible (lower friction, maybe?)

Something I've noticed - I have a fibre with PPPoE. It's working great, no problems, on the existing setup, but it's officially my "WAN" connection, not "opt2".

I'm trying to run the assignment "wizard" in the command line, but it refuses to let me select "pppoe0" as a WAN connection, even though it IS configured in the UI. I can assign it through the UI (but it gets an OPT name), but the command line seems to completely reject pppoe0 as a valid interface name.


Code: [Select]
MANAGEMENT (vtnet0_vlan1) -> v4: 10.10.0.250/24
                    v6: fdf5:7b89:4604::a0a:fa/128

 HTTPS: sha256 CC 73 E3 5C AE B1 E3 48 66 C7 FE F5 C3 74 3A 46
               57 17 34 90 FB 9E D1 BB 36 E5 76 15 68 60 4E 41

  0) Logout                              7) Ping host
  1) Assign interfaces                   8) Shell
  2) Set interface IP address            9) pfTop
  3) Reset the root password            10) Firewall log
  4) Reset to factory defaults          11) Reload all services
  5) Power off system                   12) Update from console
  6) Reboot system                      13) Restore a backup

Enter an option: 1

Do you want to configure LAGGs now? [y/N]:
Do you want to configure VLANs now? [y/N]:

Valid interfaces are:

vtnet0           bc:24:11:96:b5:a0 VirtIO Networking Adapter
vtnet0_vlan1     00:00:00:00:00:00 VLAN tag 1, parent interface vtnet0
vtnet0_vlan20    00:00:00:00:00:00 VLAN tag 20, parent interface vtnet0
vtnet0_vlan40    00:00:00:00:00:00 VLAN tag 40, parent interface vtnet0
vtnet0_vlan39    00:00:00:00:00:00 VLAN tag 39, parent interface vtnet0
vtnet0_vlan10    00:00:00:00:00:00 VLAN tag 10, parent interface vtnet0
vtnet0_vlan30    00:00:00:00:00:00 VLAN tag 30, parent interface vtnet0
vtnet0_vlan50    00:00:00:00:00:00 VLAN tag 50, parent interface vtnet0
vtnet0_vlan60    00:00:00:00:00:00 VLAN tag 60, parent interface vtnet0
vtnet0_vlan100   00:00:00:00:00:00 VLAN tag 100, parent interface vtnet0

If you do not know the names of your interfaces, you may choose to use
auto-detection. In that case, disconnect all interfaces now before
hitting 'a' to initiate auto detection.

Enter the WAN interface name or 'a' for auto-detection: pppoe0

Invalid interface name 'pppoe0'

Enter the WAN interface name or 'a' for auto-detection:

Enter the LAN interface name or 'a' for auto-detection
NOTE: this enables full Firewalling/NAT mode.
(or nothing if finished): vtnet0_vlan1

Enter the Optional interface 1 name or 'a' for auto-detection
(or nothing if finished): pppoe0

Invalid interface name 'pppoe0'

Enter the Optional interface 1 name or 'a' for auto-detection
(or nothing if finished):



Is this a bug or oversight in the CLI utility behind "Assign Interfaces"?



2
24.7 Production Series / PPPoE negotiating ipv6 after upgrade to 24.7.4_1 - I WAS TOO HASTY
« on: September 18, 2024, 04:29:04 pm »
Hi, I just upgraded from 24.1.10_8 to 24.7.4_1 (via 24.7.1) and it seems that IPv6 over PPPoE is no longer working for my setup. It worked perfectly prior to the upgrade.

I have "Use IPv4 Connectivity" selected, and it was working fine prior to the update. The IPv6 configuration type is "DHCPv6", again, same as prior to the update.

I am requesting a /56 PD and sending the prefix hint. Again, this all worked fine prior to the upgrade.

The change I see in the PPPoE log file is the presence of a new error message:

Code: [Select]
2024-09-18T10:09:07-04:00 Informational ppp [opt2_link0] rec'd unexpected protocol IPv6
2024-09-18T09:56:28-04:00 Informational ppp [opt2_link0] rec'd unexpected protocol IPv6


This has happened twice since the update (once at 24.7.1 and once at 24.7.4_1). It seems clear that this is now broken for me.

Some log file snippets from prior to the upgrade, and post upgrade.

Prior:


EDIT: Nevermind. It just took about 15 minutes for the IPv6 address to show up on the interface. Very slow, and the error message wasn't convincing, but it is there and I have a PD. Thanks for the software!

3
23.7 Legacy Series / dpinger fails to restart after a PPPoE link recycle
« on: January 05, 2024, 11:04:56 pm »
Hi
I have an annoyingly unreliable DSL/PPPoE link to upstream. It loses signal fairly regularly and needs to reauthenticate and rebuild the interface.

DPinger does NOT like this. Every time, since about the 23.7 series, I have to manually restart the dpinger processes (ipv4 and ipv6 monitors) monitoring the status of the link. The link itself comes back very reliably - a blessing I suppose - but dpinger is convinced its dead. I have previously solved this by monitoring the dpinger processes - but those don't seem to actually terminate anymore, just the monitoring.

Log file:

Code: [Select]
2024-01-05T16:52:27-05:00 Notice dpinger ALERT: DSL_DHCP6 (Addr: 2607:xxxx Alarm: down -> none RTT: 11.6 ms RTTd: 3.2 ms Loss: 0.0 %)
2024-01-05T16:52:15-05:00 Notice dpinger ALERT: DSL_PPPOE (Addr: 206.x.x.x Alarm: down -> none RTT: 11.5 ms RTTd: 1.3 ms Loss: 0.0 %)
2024-01-05T16:52:15-05:00 Notice dpinger Reloaded gateway watcher configuration on SIGHUP
2024-01-05T16:52:15-05:00 Notice dpinger Reloaded gateway watcher configuration on SIGHUP
2024-01-05T16:52:14-05:00 Warning dpinger send_interval 1000ms loss_interval 4000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 0ms loss_alarm 0% alarm_hold 10000ms dest_addr 2607:xxxx bind_addr 2607:x:x:x:x identifier "DSL_DHCP6 "
2024-01-05T16:52:14-05:00 Warning dpinger exiting on signal 15
2024-01-05T16:52:05-05:00 Warning dpinger send_interval 1000ms loss_interval 4000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 0ms loss_alarm 0% alarm_hold 10000ms dest_addr 206.x.x.x bind_addr 69.x.x.x identifier "DSL_PPPOE "
2024-01-05T16:52:05-05:00 Warning dpinger exiting on signal 15
2024-01-05T16:20:58-05:00 Notice dpinger Reloaded gateway watcher configuration on SIGHUP
2024-01-05T16:20:57-05:00 Warning dpinger exiting on signal 15
2024-01-05T16:20:37-05:00 Notice dpinger Reloaded gateway watcher configuration on SIGHUP
2024-01-05T16:20:37-05:00 Warning dpinger send_interval 1000ms loss_interval 4000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 0ms loss_alarm 0% alarm_hold 10000ms dest_addr 206.x.x.x bind_addr 69.x.x.x identifier "DSL_PPPOE "
2024-01-05T16:20:37-05:00 Warning dpinger exiting on signal 15
2024-01-05T16:20:36-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:35-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:35-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:34-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:34-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:33-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:33-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:32-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:32-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:31-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:31-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:30-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:30-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:29-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:29-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:28-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:28-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:27-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:27-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:26-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:26-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:25-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:25-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:24-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:24-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:23-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:23-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:22-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:22-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:21-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:21-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:20-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:20-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:19-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:19-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:18-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:18-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:17-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:17-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:16-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:16-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:15-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:15-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:14-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:14-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:13-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:13-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:12-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:12-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:11-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:11-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:10-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:10-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:09-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:09-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:08-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:08-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:07-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:07-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:06-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:06-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:05-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:05-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:04-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:04-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:03-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:03-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:02-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:02-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:01-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:01-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:20:00-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:20:00-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:59-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:59-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:58-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:58-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:57-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:57-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:56-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:56-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:55-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:55-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:54-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:54-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:53-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:53-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:52-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:52-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:51-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:51-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:50-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:50-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:49-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:49-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:48-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:48-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:47-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:47-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:46-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:45-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:45-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:44-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:44-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:43-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:43-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:42-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:42-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:41-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:41-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:40-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:40-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:39-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:39-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:38-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:38-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:37-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:37-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:36-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:36-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:35-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:35-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:34-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:34-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:33-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:33-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:32-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:32-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:31-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:31-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:30-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:30-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:29-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:29-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:28-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:28-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:27-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:27-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:26-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:26-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:25-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:25-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:24-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:24-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:23-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:23-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:22-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:19:22-05:00 Warning dpinger DSL_DHCP6 2607:xxxx: sendto error: 50
2024-01-05T16:19:21-05:00 Warning dpinger DSL_PPPOE 206.x.x.x: sendto error: 50
2024-01-05T16:18:39-05:00 Notice dpinger ALERT: DSL_PPPOE (Addr: 206.x.x.x Alarm: loss -> down RTT: 11.2 ms RTTd: 0.9 ms Loss: 33.0 %)
2024-01-05T16:18:39-05:00 Notice dpinger ALERT: DSL_DHCP6 (Addr: 2607:xxxx Alarm: loss -> down RTT: 10.6 ms RTTd: 0.2 ms Loss: 32.0 %)
2024-01-05T16:18:28-05:00 Notice dpinger ALERT: DSL_PPPOE (Addr: 206.x.x.x Alarm: none -> loss RTT: 11.3 ms RTTd: 1.6 ms Loss: 12.0 %)
2024-01-05T16:18:28-05:00 Notice dpinger MONITOR: DSL_DHCP6 (Addr: 2607:xxxx Alarm: none -> loss RTT: 10.6 ms RTTd: 0.2 ms Loss: 12.0 %)
2024-01-05T13:05:42-05:00 Notice dpinger ALERT: DSL_PPPOE (Addr: 206.x.x.x Alarm: down -> none RTT: 10.6 ms RTTd: 0.1 ms Loss: 0.0 %)
2024-01-05T13:05:42-05:00 Notice dpinger ALERT: DSL_DHCP6 (Addr: 2607:xxxx Alarm: down -> none RTT: 10.7 ms RTTd: 0.2 ms Loss: 0.0 %)


At 16:19 the DSL link went down and recycled - it came up at 16:20:36 - right before both dpinger processes died. Except they were still running - monit failed to detect that they had changed state at all.

It seems that dpinger is wedging somehow. How would I go about debugging this situation - I'm pretty sure I can cause this problem fairly easily by just unplugging the phone cable from the DSL modem, but I don't know how to debug. I have "debugging" turned on in the log file but nothing shows up.

4
23.1 Legacy Series / Duplicate DHCPv6 servers seem to be running and fighting about addresses
« on: April 19, 2023, 06:47:43 pm »
I have a static PD from my ISP (yay!) and I'm trying to hand out static IP addresses to server clients via DHCP, so I can keep them accessible, and get nice automations around DNS and stuff.

Unfortunately, the "static PD" is a tad unstable at present, and sometimes things go a bit awry, and I get a different PD from my ISP. When this happens, I notice that a duplicate DHCP server starts up, serving the new PD to my clients, while the existing one is still running!. This is, as you can imagine, causing some serious headaches. I'm not sure why this happens, but it's happened about a few dozen times since IPv6 started being available on my system - about 3 weeks ago.

Code: [Select]
[root@wall /var/log/system]# ps aux | fgrep dhcp
root     4559   0.0  0.2  31228  17460  -  Is   30Mar23      0:06.65 /usr/local/sbin/dhcp6c -c /var/etc/dhcp6c.conf -p /var/run/dhcp6c.pid -D
root    16705   0.0  0.2  25764  15032  -  Ss   09:56        0:02.06 /usr/local/bin/python3 /usr/local/opnsense/scripts/dhcp/unbound_watcher.py --domain weeksfamily.ca (python3.9)
dhcpd   46539   0.0  0.2  25712  13264  -  Ss   09:55        0:00.74 /usr/local/sbin/dhcpd -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid lagg0_vlan1 lagg0_vlan20 lagg0_vlan30 lagg0_vlan40
dhcpd   63528   0.0  0.1  22768  10328  -  Ss   Tue02        0:06.05 /usr/local/sbin/dhcpd -6 -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid lagg0_vlan10
_dhcp   68325   0.0  0.0  13076   2476  -  SCs  Tue10        0:00.71 dhclient: igb2 (dhclient)
dhcpd   96030   0.0  0.1  22768  10332  -  Ss   09:55        0:00.63 /usr/local/sbin/dhcpd -6 -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid lagg0_vlan10
root    96473   0.0  0.0  12756   1860  -  Is   09:55        0:00.00 daemon: /usr/local/opnsense/scripts/dhcp/prefixes.sh[97087] (daemon)
root    97087   0.0  0.0  13504   2364  -  S    09:55        0:00.05 /bin/sh /usr/local/opnsense/scripts/dhcp/prefixes.sh
root     9761   0.0  0.0  12748   1996  0  S+   12:38        0:00.00 fgrep dhcp

Here you can see that PID 63528 and 96030 are both serving v6 on the lagg0_vlan10 interface, and I get a random assortment of IPs as a result, depending which one "wins".

I suspect this is a bug, but not sure how I would go about diagnosing it, especially since it's triggered by the upstream interface getting a new PD.

5
23.1 Legacy Series / Recommended way to handle ipv6 address on WAN interface from PD
« on: April 14, 2023, 09:25:34 pm »
Hi,
Is there a recommended way to handle an IPv6 address assignment for the WAN interface, where I'm receiving a /56 PD from my ISP?

Details:
I have a static(!) IPv6 /56 PD from my ISP. The WAN interface receives it correctly from my ISP via DHCPv6, which is great. I also request a regular /128 IP address from my ISP (which I don't believe is static and is not from the PD). I would probably prefer to assign the WAN address from the /56, but I don't know how to do that. Perhaps I just assign a static address? But then, I don't think I can track interface to push the PD down to the "LAN" side, can I?

I've currently set the "LAN" interface to be the ::1 from the PD, which means it can be reached from the internet. But it's not the origin of packets from the firewall to the internet on IPv6 (that is the /128), which makes me slightly uncomfortable.

How is this recommended to be handled. I've seen other posts asking a similar question (getting a PD from ISP, how to assign from it) but never seen an actual answer saying "do this".

Thanks!

6
22.1 Legacy Series / IPv6 over PPPoE routing
« on: April 03, 2022, 10:57:43 pm »
Hi
So, I have previously posted on this topic, and it still seems to be a problem even with latest 22.1.4. I have IPv6 available from my DSL provider (TekSavvy), via PPPoE. I can confirm I get an IPv6 address, and prefix delegated from them (via PPPoE IPv4 connection).

However, I never get any routes to the PPPoE connection for IPv6. These are the ONLY two routes related to pppoe0 in the entire route table.

Code: [Select]
ipv6 fe80::%pppoe0/64 link#17 U NaN 1492 pppoe0 DSL
ipv6 fe80::4262:31ff:fe06:af3c%pppoe0 link#17 UHS NaN 16384 lo0 Loopback

I have a multiwan setup, and the IPv6 routing on the cable connection works fine. I had a problem a few weeks ago with the cable connection however, and the cable connection was fully disabled, so my only connectivity for a couple of weeks was the DSL/PPPoE. This did NOT change anything about IPv6 routing for the PPPoE connection, so I was effectively off IPv6 for this period of time.

My speculation is that something about PPPoE is not updating the routing system when PPPoE fully provisions it's IPv6 route (which happens a short time after IPv4 comes up, because it has to wait for IPv4 connectivity to request the IPv6 information).

How would I go about trying to diagnose this problem?

7
21.7 Legacy Series / Forcing unbound overrides to be the ONLY addresses for a name
« on: October 12, 2021, 11:34:10 pm »
Hi
So, I have unbound serving my local LAN as expected. In particular, it is serving DNS for the OPNsense box itself (named wall).

Unfortunately, it seems that all the WAN IP addresses for the device are being registered in unbound as valid IP addresses for wall as well. Particularly problematic, is that one of them is IPV6, which is HIGHLY preferred by other devices on network (obviously). Sadly, this WAN interface is a bit wobbly, and so I suddenly lose all connectivity to the OPNsense device (because I use it's DNS name) if the wobble takes this device out (and it thus loses it's IPV6 address, and so all public IPV6 becomes invalid in the network - yeah, fun I know).
I would like to force ONLY the addresses in the Override section to be valid (site local ipv6 and ipv4 addresses). But it seems unbound is determined to make sure it serves ALL addresses all the time. Is there any way to stop this behaviour?

8
21.7 Legacy Series / IPv6 over PPPoE (in a multiwan setup)
« on: August 26, 2021, 03:54:08 pm »
So, this is confusing me. I'm not sure if it's a real issue, or something else. I'm trying to get my PPPoE connection's IPv6 working. I already have my "cable" IPv6 working. It's working fine as far as I can tell.

But the PPPoE seems to not be routing. I get an IPv6 address and delegation range (sometimes my ISP is a bit slow on responding the DHCP6 requests).

Compare the routing entries for CABLE vs DSL (PPPoE):

Code: [Select]
ipv6 default fe80::217:10ff:fe93:fd18%igb2 UG 991972 1500 igb2 CABLE
ipv6 ::1 link#6 UH 376 16384 lo0 Loopback
ipv6 2001:4860:4860::8844 fe80::217:10ff:fe93:fd18%igb2 UGHS 22834 1500 igb2 CABLE
ipv6 2604:5580:41:29::/64 link#3 U 0 1500 igb2 CABLE
ipv6 2604:5580:101:19::/64 link#3 U 0 1500 igb2 CABLE
ipv6 2607:9880:1:29::/64 link#3 U 0 1500 igb2 CABLE
ipv6 2607:f2c0:8006:2::aaaa link#17 UHS 0 16384 lo0 Loopback
ipv6 2607:f2c0:eb8a:d00::/64 link#11 U 4060 1500 lagg0_vlan20 LAN
ipv6 2607:f2c0:eb8a:d00:4262:31ff:fe06:af3a link#11 UHS 0 16384 lo0 Loopback
ipv6 2607:f2c0:eb8a:d04::/64 link#12 U 9165 1500 lagg0_vlan30 WIFI
ipv6 2607:f2c0:eb8a:d04:4262:31ff:fe06:af3a link#12 UHS 0 16384 lo0 Loopback
ipv6 2607:f2c0:f200:1909::/64 link#3 U 512 1500 igb2 CABLE
ipv6 2607:f2c0:f200:1909:aaaa:aaaa:aaaa:aaaa link#3 UHS 0 16384 lo0 Loopback
ipv6 2607:f798:70:10ad::/64 link#3 U 0 1500 igb2 CABLE
ipv6 2607:f798:80c:ba::/64 link#3 U 0 1500 igb2 CABLE
ipv6 fd07:f798:3:41f8::/64 link#3 U 0 1500 igb2 CABLE
ipv6 fdeb:df40:8dd7::/48 link#18 U 0 1420 wg0 WIREGUARD
ipv6 fdeb:df40:8dd7::1 link#18 UHS 0 16384 lo0 Loopback
ipv6 fe80::%igb2/64 link#3 U 36402 1500 igb2 CABLE
ipv6 fe80::4262:31ff:fe06:af3c%igb2 link#3 UHS 0 16384 lo0 Loopback
ipv6 fe80::%igb3/64 link#4 U 0 1500 igb3
ipv6 fe80::4262:31ff:fe06:af3d%igb3 link#4 UHS 0 16384 lo0 Loopback
ipv6 fe80::%lo0/64 link#6 U 0 16384 lo0 Loopback
ipv6 fe80::1%lo0 link#6 UHS 0 16384 lo0 Loopback
ipv6 fe80::%lagg0/64 link#9 U 0 1500 lagg0
ipv6 fe80::4262:31ff:fe06:af3a%lagg0 link#9 UHS 0 16384 lo0 Loopback
ipv6 fe80::%lagg0_vlan10/64 link#10 U 36 1500 lagg0_vlan10 DMZ
ipv6 fe80::4262:31ff:fe06:af3a%lagg0_vlan10 link#10 UHS 0 16384 lo0 Loopback
ipv6 fe80::%lagg0_vlan20/64 link#11 U 138311 1500 lagg0_vlan20 LAN
ipv6 fe80::4262:31ff:fe06:af3a%lagg0_vlan20 link#11 UHS 0 16384 lo0 Loopback
ipv6 fe80::%lagg0_vlan30/64 link#12 U 336006 1500 lagg0_vlan30 WIFI
ipv6 fe80::4262:31ff:fe06:af3a%lagg0_vlan30 link#12 UHS 0 16384 lo0 Loopback
ipv6 fe80::%lagg0_vlan40/64 link#13 U 0 1500 lagg0_vlan40 THINGS
ipv6 fe80::4262:31ff:fe06:af3a%lagg0_vlan40 link#13 UHS 0 16384 lo0 Loopback
ipv6 fe80::%lagg0_vlan50/64 link#14 U 0 1500 lagg0_vlan50 GUEST
ipv6 fe80::4262:31ff:fe06:af3a%lagg0_vlan50 link#14 UHS 0 16384 lo0 Loopback
ipv6 fe80::%lagg0_vlan1/64 link#15 U 0 1500 lagg0_vlan1 MGMT
ipv6 fe80::4262:31ff:fe06:af3a%lagg0_vlan1 link#15 UHS 0 16384 lo0 Loopback
ipv6 fe80::%pppoe0/64 link#17 U 23071 1492 pppoe0 DSL
ipv6 fe80::4262:31ff:fe06:af3c%pppoe0 link#17 UHS 0 16384 lo0 Loopback

The IPv6 address assigned to CABLE is

Code: [Select]
IPv6 address 2607:f2c0:f200:1909:aaaa:aaaa:aaaa:aaaa/128
IPv6 delegated prefix 2607:f2c0:eb8a:d00::/56
IPv6 gateway fe80::217:10ff:fe93:fd18

The IPv6 address assigned to DSL is

Code: [Select]
IPv6 address 2607:f2c0:8006:2::aaaa/128
IPv6 delegated prefix 2607:f2c0:95a5:c500::/56
IPv6 gateway fe80::200:ff:fe00:0

As you can see, I'm getting no routes to my DSL interface except the "link#17" loopback route.

I have dhcp6c logging turned up to debug, but i see no mention of routing. Is this how IPv6 over PPPoE should work? The lack of routes seems to be the reason why things aren't working. I can't ping anything through that interface as far as I can tell.

9
Development and Code Review / How to go about updating the rfc2136 plugin?
« on: August 10, 2021, 02:55:54 pm »
Hi,
So, locally, I've fixed the rfc2136 plugin to use the much more flexible auth mechanism in nsupdate (nsupdate -y <keytype>:<server>:<keystring>) man page for nsupdate here: https://linux.die.net/man/8/nsupdate

I would like to submit this back to the community but I have no idea how I would go about doing so. I think that it'd be a good idea to add a field to the UI to capture the key type string, and then construct the -y cmdline value from the three fields (I currently have everything smashed into the keystring field for testing and validation - it works!).

How would I go about helping here? I don't know my way around the UI aspects of opnsense at all (obviously, I've figured out how to generate the nsupdate command tho ;) )

Is this even a good idea? It seems the only way to expose non HMAC-MD5 keys to end users for usage in dns updates.

10
20.7 Legacy Series / Monit configuration "stuck" needing apply
« on: January 06, 2021, 03:19:20 pm »
HHi,
So I tweaked my monit configuration to hopefully monitor dpinger a bit better. The configuration seems to be working, however the monit Web UI is stuck reporting "needs apply". Repeated selection of the button works to generate new config, that is accepted by monit (monit is running with new config), but the button itself never goes away.

configd.log file:

Code: [Select]
Jan  6 09:08:48 wall configd.py[45684]: [d2cd3e3e-78c4-4c5f-aaee-5ab69ac242bf] get monit status
Jan  6 09:08:48 wall configd.py[45684]: [d4af6713-acf7-4560-bc76-471489360c48] generate template OPNsense/Monit
Jan  6 09:08:48 wall configd.py[45684]: generate template container OPNsense/Monit
Jan  6 09:08:48 wall configd.py[45684]:  OPNsense/Monit generated //usr/local/etc/monitrc
Jan  6 09:08:48 wall configd.py[45684]:  OPNsense/Monit generated //etc/rc.conf.d/monit
Jan  6 09:08:48 wall configd.py[45684]: [ce69a8aa-4936-4ee8-a4d2-446dbb24bc93] testing monit configuration

I can't find any errors anywhere in the log files.

Edit: running latest opnsense regular build with libressl:

Code: [Select]
OPNsense 20.7.7_1-amd64
FreeBSD 12.1-RELEASE-p11-HBSD
LibreSSL 3.1.5

11
General Discussion / Installing a BSD package (from source?) - JQ
« on: July 12, 2020, 05:40:25 am »
Hi, I would like to install jq - the json parsing utility - onto my opnsense box, as it would allow me to process various JSON data sources found therein. It seems it's not in the package repositories provided by OPN sense, so I guess I have to somehow build it manually. How would I go about that? Could I request that this tool be added to a future version of opnsense repositories?

JQ is here: https://stedolan.github.io/jq/download/ and is common in linux distributions. There seem to be some FreeBSD sources for it and a contemporary port as well.

Thanks

12
20.1 Legacy Series / dpinger failing to detect up connection
« on: May 26, 2020, 04:26:24 pm »
Is dpinger supposed to detect a working link, after a temporary outage?

It seems that on a pretty regular basis, dpinger detects down for a link, and continues doing so indefinitely, even if the interruption was momentary. It only recovers (and gateways associated with the dpinger process) when you restart the dpinger process manually.

Is this by design? Do I need to tell monit to kick them every 5 minutes to ensure they work somewhat reliably?

13
20.1 Legacy Series / dpinger keeps stopping
« on: May 23, 2020, 04:25:45 pm »
Is dpinger supposed to keep going into the "stopped" state?

It seems that quite frequently, dpinger has stopped working, and i need to manually restart it. This is obviously making it hard to get a reliable failover.

I have dpinger monitoring two ISP connections, one normal, one PPPoE. There is a third dpinger monitoring an upstream ipv6. They all seem to randomly go into the "stopped" state, and thus don't actually trigger gateway failover/failback actions. The stopped state seems to correlate with a short "low availability" blip on the respective connection. Perhaps the interface is glitching, and dpinger is subsequently crashing?

Is there any advice to improve the reliability here? Perhaps adding a monit script to kick the services up again?

Thoughts?
Thanks

14
20.7 Legacy Series / IPv6 Multiwan
« on: May 15, 2020, 08:40:55 pm »
Hi
I see rumours that multiwan ipv6 is soon to be working in OPNsense and I'd like to help out with testing.

I have two upstream ISP connections: One PPPoE, one normal, both allocate valid ipv6 prefixes using PD.

Currently, the "normal" connection provides PD to the LAN and WIFI local nets. I have no PD from the PPPoE connection because that stops all IPv6 working.

If possible, I'd like the "PPPoE" network to supply ipv6 PD by default to a "static LAN", as well as a "failover" PD to the rest of my local network, to be used only when the "normal" connection is not available.

In theory, this should allow me to do WAN failover for the ipv6 connectivity - currently, if the "normal" connection fails, I lose all ipv6 routing.

Is the new functionality aimed at helping with this? If so, how can I help with testing? What setup would I need to do?

Thanks!

15
20.1 Legacy Series / Unbound crashing whenever a link fails
« on: April 30, 2020, 09:32:45 pm »
Hi
I seem to be getting a dead unbound whenever a link changes state for some reason.

Code: [Select]
2020-04-30T15:17:41 configd.py: message c2a300b6-546a-43de-a439-881c67fc3ff3 [filter.refresh_aliases] returned {"status": "ok"}
2020-04-30T15:17:41 configd.py: [c2a300b6-546a-43de-a439-881c67fc3ff3] refresh url table aliases
2020-04-30T15:17:41 configd.py: OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-04-30T15:17:41 configd.py: OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-04-30T15:17:41 configd.py: generate template container OPNsense/Filter
2020-04-30T15:17:41 configd.py: [5d9a0fcc-1279-41d5-8c95-71604ef75565] generate template OPNsense/Filter
2020-04-30T15:17:40 configd.py: [9065aa66-743e-482a-b6a6-11a95e9bbc2f] Reloading filter
2020-04-30T15:17:39 configd.py: message 9f2df814-976c-48cc-be41-1d261e909ba5 [filter.refresh_aliases] returned {"status": "ok"}
2020-04-30T15:17:39 configd.py: message ac0718e4-092c-4bcc-97f7-28c30788ef86 [unbound.start] returned Error (1)
2020-04-30T15:17:39 configd.py: [ac0718e4-092c-4bcc-97f7-28c30788ef86] returned exit status 1
2020-04-30T15:17:39 configd.py: [ac0718e4-092c-4bcc-97f7-28c30788ef86] Start Unbound
2020-04-30T15:17:39 configd.py: OPNsense/Unbound/* generated //var/unbound/root.hints
2020-04-30T15:17:39 configd.py: generate template container OPNsense/Unbound/core
2020-04-30T15:17:39 configd.py: [da00957b-616a-45ff-87f2-35753f0d05a7] generate template OPNsense/Unbound/*
2020-04-30T15:17:39 configd.py: [9f2df814-976c-48cc-be41-1d261e909ba5] refresh url table aliases
2020-04-30T15:17:39 configd.py: OPNsense/Filter generated //usr/local/etc/filter_geoip.conf
2020-04-30T15:17:39 configd.py: OPNsense/Filter generated //usr/local/etc/filter_tables.conf
2020-04-30T15:17:39 configd.py: generate template container OPNsense/Filter
2020-04-30T15:17:39 configd.py: [38bb817d-71e3-497d-bb5b-bf3c565f2d2a] generate template OPNsense/Filter
2020-04-30T15:17:37 configd.py: [07b6bf92-a183-41c7-bc36-6a917f9caa57] New IPv6 on pppoe0
2020-04-30T15:17:37 configd.py: [813cf8ea-6491-45d0-bcd7-ee5dbf9557ab] New IPv4 on pppoe0

It has to be manually restarted, which is less than desireable. This has only started happening since updating to 20.1.5.

Pages: [1] 2
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2