Topics

My router stopped working.

I woke up Friday and it was bricked.

I was able to plug in my old router and upgrade it / migrate a backup so as not to lose a year's worth of tweaks but some stuff is still acting weird.

I noticed I can't go into the tunables page.

I am getting this error:

Code Select Expand

Fatal error: Uncaught TypeError: gettext(): Argument #1 ($message) must be of type string, array given in /usr/local/www/system_advanced_sysctl.php:122 Stack trace: #0 /usr/local/www/system_advanced_sysctl.php(122): gettext(Array) #1 {main} thrown in /usr/local/www/system_advanced_sysctl.php on line 122

Is there any way to reset all tunables from the cli (I cannot see trash icon in gui)

Thanks in advance,

Good afternoon,

Does anyone have any experience using the command:

Code Select Expand

bectl export

I am running ZFS on one disk (limitation of the hardware I run OPNsense on) and I was thinking of backing up snapshots to my NAS, so in the off chance something failed, I could have a decent starting point to restore everything.

The definitive post on ZFS and bectl, https://forum.opnsense.org/index.php?topic=25540.msg122731#msg122731, does not mention the export command so I am hoping someone has some experience to share.

Thanks in advance,

After migrating to 23.7 everything is working as well as previously in 23.1.10/11 excepting Dpinger with OpenVPN.

When I switch servers the dpinger instance shows down (red) until I go to System > Gateways > Single > edit the gateway of the client in question (I use two OpenVPN clients configured to failover ... https://forum.opnsense.org/index.php?topic=4979.msg25066#msg25066), save then reapply.

This makes the gateway come back up as green with a ping etc.

I rebuilt my OpenVPN clients using the new instance system as well.

Everything seems to work (OpenVPN shows I have an IP and up) but my instance does not seem to work with System>Gateways>Single or Group.

Has anyone else experienced anything similar / have any insight?

Hello,

After the latest update, following a reboot, I need to manually restart my OpenVPN clients to get the connected.

This cannot be done without doing the following steps.

I first must execute

Code Select Expand

sudo ps auxww | grep openvpn
To get the OpenVPN PIDS (The system tries to start my clients but fails and these PIDS block manual start).  Then I need to kill the PIDS in question.

Code Select Expand

sudo kill PID
After I do this i can manually start the clients from the GUI.

Does anyone have any insight on how I can fix this?

Thanks in advance,

Good day,

I just wanted to update you on an issue.

I have been using Sensei with a Lagg for several months.

I have the lagg running between my switch (Unifi 16 port POE, 1st generation I think) to my OPNsense router (qotom i7).  I have no issues with it without Sensei installed.

The only way to get it to work with Sensei is to assign both interfaces that make up the lagg (igb0 / igb1) into the protected interface.

Since the release of Sensei 1.6.1, I can see an interface Lagg0 in the interfaces menu.  However if I assign it as a protected interface everything on the Lagg becomes unreachable.  If I put Sensei into passive mode it works, but it will not work in Bypass mode.  I have tried with both the native and generic drivers. 

I assume this is due to an interaction between Netmap and Lagg (lacp), because according to information on your website (Deployment Modes), passive mode works if Netmap is being problematic, and it does.

On September 21, Salih attempted to help me get this to work using the kernel patches available back then and we had the same issue.  He said you guys would test it internally.  I am not sure if you did, but I wanted to let you know it still is not working for me.

I will go back to only protecting interfaces (igb0 / igb1) in the mean time.

Addendum:

For completeness I left the Lagg in the protected interfaces and added igb0 / igb1.

Now everything works (protected interfaces include lagg0, igb0 and igb1).  I am very confused because in OPNsense interfaces Lagg0 contains igb0 / igb1.

I am going to leave it like this for the time being.  I will report back if there are any adverse effects.

I hope this helps someone.

Thanks for all your work on this,

Hello,

I have been messing with sensei this afternoon and in doing so have rebooted my router about 10 times.

I have noticed that netdata and syslog-ng sometimes do not come up with the server.  They have a few times, but mostly they do not.

This never happened previously on 20.1, I rebooted the router a whole bunch on that series because I hosed my configuration a few times.

Has anyone noticed this? 

I have not changed my config since 20.1 other than to turn off circular logging.

I am hoping nothing is corrupted because I really do not want to have to rebuild this thing again.

Cheers,

Good afternoon,

I upgraded to 20.7 and everything is fine.

I noticed that syslogd was going to be deprecated (eventually), and I had previously read that circular logging was on it s way out so I decided to turn off this feature.

Everything seems to be logging correctly but now I am receiving messages like this once per minute to the general (gui) / system (console) log:

2020-08-01T12:29:33   syslog-ng[68466]: Destination timeout has elapsed, closing connection; fd='7'
2020-08-01T12:28:33   syslog-ng[68466]: Destination timeout has elapsed, closing connection; fd='7'
2020-08-01T12:27:33   syslog-ng[68466]: Destination timeout has elapsed, closing connection; fd='7'
2020-08-01T12:26:33   syslog-ng[68466]: Destination timeout has elapsed, closing connection; fd='29'

This fd bit changes: I have 30, 31, 26 ...

I have googled this and found a post about changing the filter to only show warnings and above

https://serverfault.com/questions/1020432/syslog-ng-set-loglevel-priority-to-warning-or-more-to-be-less-verbose

but I figured I should ask if there is something else going on before I did that.

Looking through my logs I could not find anything else firing once per minute, and no one on these forums seems to have had this issue yet (or they did not post if they did)

Any help will be much appreciated.

Cheers,