Topics

Hi,

I have Internet via Vodafone cable and use the Vodafone station in bridge mode. From time to time there is a WAN failure and the Internet connection in the Opnsense was automatically restored after the WAN connection in the modem was restored. Since one of the last updates - presumably to 24.1.9_x - this no longer works. I have to restart either the modem or the Opnsense to re-establish the connection. Until then, the log is flooded in an endless loop with entries like these:

Code Select Expand

2024-06-28T08:17:59 Notice opnsense /usr/local/etc/rc.newwanip: Failed to detect IP for interface wan
2024-06-28T08:17:58 Notice dhclient dhclient-script: Reason FAIL on igb0 executing
2024-06-28T08:17:57 Notice dhclient dhclient-script: New Routers (igb0): 88.134.72.254
2024-06-28T08:17:56 Notice dhclient dhclient-script: New Routers (igb0): 88.134.72.254
2024-06-28T08:17:56 Notice dhclient dhclient-script: New Broadcast Address (igb0): 88.134.72.255
2024-06-28T08:17:56 Notice dhclient dhclient-script: New Subnet Mask (igb0): 255.255.255.0
2024-06-28T08:17:56 Notice dhclient dhclient-script: New IP Address (igb0): xx.xxx.xx.xx
2024-06-28T08:17:56 Notice dhclient dhclient-script: Reason TIMEOUT on igb0 executing
2024-06-28T08:17:49 Notice kernel arprequest_internal: cannot find matching address
2024-06-28T08:17:38 Notice kernel arprequest_internal: cannot find matching address
2024-06-28T08:17:19 Notice kernel arprequest_internal: cannot find matching address
2024-06-28T08:17:06 Notice kernel arprequest_internal: cannot find matching address
2024-06-28T08:17:01 Notice kernel arprequest_internal: cannot find matching address
2024-06-28T08:16:59 Notice kernel arprequest_internal: cannot find matching address
2024-06-28T08:16:58 Notice kernel arprequest_internal: cannot find matching address
2024-06-28T08:16:43 Notice opnsense /usr/local/etc/rc.newwanip: Failed to detect IP for interface wan
2024-06-28T08:16:43 Notice dhclient dhclient-script: Reason FAIL on igb0 executing
2024-06-28T08:16:41 Notice dhclient dhclient-script: New Routers (igb0): 88.134.72.254
2024-06-28T08:16:40 Notice dhclient dhclient-script: New Routers (igb0): 88.134.72.254
2024-06-28T08:16:40 Notice dhclient dhclient-script: New Broadcast Address (igb0): 88.134.72.255
2024-06-28T08:16:40 Notice dhclient dhclient-script: New Subnet Mask (igb0): 255.255.255.0
2024-06-28T08:16:40 Notice dhclient dhclient-script: New IP Address (igb0): xx.xxx.xx.xx
2024-06-28T08:16:40 Notice dhclient dhclient-script: Reason TIMEOUT on igb0 executing
2024-06-28T08:16:23 Notice kernel arprequest_internal: cannot find matching address
2024-06-28T08:16:03 Notice kernel arprequest_internal: cannot find matching address
2024-06-28T08:15:53 Notice kernel arprequest_internal: cannot find matching address
2024-06-28T08:15:47 Notice kernel arprequest_internal: cannot find matching address
2024-06-28T08:15:43 Notice kernel arprequest_internal: cannot find matching address
2024-06-28T08:15:42 Notice kernel arprequest_internal: cannot find matching address

Does anyone have any ideas?

Hey,

I'm currently running 23.7.8_1 on a DEC740 and noted, that the ARC size is growing continuously. I don't know after which update that started exactly - I think it was 23.7.6, but I may be wrong. After a reboot it looks "normal" with about 300 MB ARC size, but then it starts growing. Yesterday it was around 2050 MB, just now I see 2385 MB. So currently the total RAM usage is 3263 MB (82%).

Is this expected or it here something going wrong?

The health check looks ok.

Code Select Expand

***GOT REQUEST TO AUDIT HEALTH***
Currently running OPNsense 23.7.8_1 at Wed Nov 15 16:28:09 CET 2023
>>> Root file system: zroot/ROOT/default
>>> Check installed kernel version
Version 23.7.8 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 23.7.8 is correct.
>>> Check for missing or altered base files
No problems detected.
>>> Check installed repositories
OPNsense
>>> Check installed plugins
os-ddclient 1.16_2
os-mdns-repeater 1.1_1
>>> Check locked packages
No locks found.
>>> Check for missing package dependencies
Checking all packages: .......... done
>>> Check for missing or altered package files
Checking all packages: .......... done
>>> Check for core packages consistency
Core package "opnsense" has 69 dependencies to check.
Checking packages: ...................................................................... done
***DONE***

[single]

Hey,

we have weird network problems in conjunction with OpenVPN with our firewall after updating from 23.4 to 23.4.1 on a DEC3850 for a single employee.

The "Default deny / state violation rule" blocks randomly traffic from one of our OpenVPN connected employees although the corresponding traffic is alowed by rule(s). At times the traffic from this employee is blocked at all. All our clients are running Windows 10 using OpenVPN connect 3.3.7 and this setup is working for at least 1,5 years now.

In the live log it sometimes looks like alllow/deny ping pong - screenshots attached.

I'm a bit helpless at this point. What could be the reason that the traffic from a single employee is blocked while all others have normal access as expected? This employee has no (known) problems to access other parts of the internet at all - websites etc. working normal.

I have the feeling, that this problem has nothing to do with the update to 23.4.1, but it started right after the update, so I thought asking in the forum might be a good idea.

Has someone ever experienced such a problem?

Yesterday I had to reinstall 22.1.3 on a DEC690 with broken UFS filesystem (multiple power outages). The reinstall (ZFS) followed by a config import went without any problem - except the wireguard setup. Wireguard was broken afterwards - the plugins page listed "os-wireguard" as missing and the only visible wireguard related thing was it's (inactive) interface in the corresponding list.

After installing the wireguard plugin, the former configuration from the backup (local & endpoint) showed up in the GUI but was not applied to the plugin. I had to edit and save each configuration (without changes) to get it working. Afterwards the configured wireguard tunnel started working again.

After trying to install 22.1 on a new DEC740 for about an hour, I'm giving up for now - it seems to be impossible. At the beginning, the console works as expected until I reach the menu to choose the keyboard layout. When using the arrow keys to navigate down the available keyboard layouts, the menu navigation suddenly gets slower until it freezes completely (the tab key still works at this point). A few seconds later, the installer skips the whole menu to the next menu - same again there.

Used the original usb console cable and the image OPNsense-22.1-OpenSSL-serial-amd64.img.bz2. Tested via screen on a macbook (Monterey) and putty on a windows laptop (Windows 10 pro) - same results. Console speed was set to 115200.

Am I doing something wrong?

I'm searching for the proper DAC cable to connect the SFP+ port of a DEC740 to the SFP+ port of an Aruba Instant On 1930-24G switch. According to the notes in the shop, the SFPP-PCxxx series from sf.com should work. Is it enough to choose the proper cable variant for the switch (https://www.fs.com/de/products/36784.html) or do I need a custom dual mode cable to support both devices? And, if I need a dual mode cable, which manufacturer / model do I have to choose for the DEC740 port?