Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - Kallex

Pages1
#1
General Discussion / Problem with DHCP Static Mappings
July 17, 2021, 02:48:56 PM
For some reason my DHCP Server on OPNSense doesn't seem to respect the static mappings. Initially I didn't set the "ARP Table Static Entry" and thought that was the case, but the problem persists still:

Interface   IP address   MAC address   
Hostname   Description   Start   End   Status   Lease type
TBNET   10.27.4.101   00:15:5d:00:12:3d
kubehost               static   

TBNET   10.27.4.101   10:d5:61:7e:5c:59
2021/07/17 12:17:48 UTC   2021/07/17 14:17:48 UTC      active

The latter entry is fresh, getting the IP Address of static mapped server, that's not running right now (or hasn't been for a while, thus its lease was expired).


  • DHCP Server has "Enable Static ARP" setting un-checked (= disabled).
  • ARP Table Static Entry - for each entry is enabled

OPNSense version is following:

OPNsense 21.4.1-amd64
FreeBSD 12.1-RELEASE-p16-HBSD
OpenSSL 1.1.1k 25 Mar 2021
#2
General Discussion / Multi-WAN (3): 2+1 Failover & Priority
June 01, 2021, 09:24:44 PM
On WAN side I have a of two wired connections (Cable and Fiber) and one 4G/LTE failover.

Let's call them:

WAN_CBL (1Gbps down, 100 mbps up)
WAN_FBR (500 Mbps down, 500 Mbps up)
WAN_FO4G (~40-50 Mbps down, ~10 Mbps up)

On LAN side I have 4 logical groups of machines/devices (separated by routing needs):

LAN_Desktops
LAN_Mobile_&_IoT
LAN_Servers
LAN_RemoteWorkClients

VLANs are used to separate (some) parts, but preferably IP/Groups can be used to "identify device group". LAN is having fully managed VLAN capable switches.

I want to dedicate certain local groups to specific WAN, but failover to other wired and eventually to 4G. So failover priority being like:

WAN_FBR => WAN_CBL => WAN_FO4G
WAN_CBL => WAN_FBR => WAN_FO4G

When everything is up and running the allocation of WANs would be as following:

WAN_FBR:
LAN_Desktops
LAN_Servers (* having priority/guaranteed minimum bandwidth over Desktops)

WAN_CBL:
LAN_Mobile_&_IoT
LAN_RemoteWorkClients (* having priority/guaranteed bandwidth over Mobile & IoT)

So to the questions:

1. Is it possible to have failover-fallback between WAN_FBR & WAN_CBL before eventually ending up to FO4G?
- So that the WAN_FBR and WAN_CBL both are under "only functional wired wan" if one is still functional

2. If the failover is possible, is it possible to allow "fallback of priority groups" also on failover
- LAN_Servers and LAN_RemoteWorkClients preferably keep their bandwidth shares/relative shares or priority

3. To keep Servers available - DDNS is to be used (on failover), but can be done outside the OPNsense
- This would be nice bonus, DDNS is on Route53, can be solved using device's own IP detection (as is now)

The OPNsense is running on DEC840 currently with all WANs having port of their own (3) and LAN having one port. In the future possibly moving to use SFP+ ports for 1Gbps+.

I think/believe/hope the above is doable, but being new to OPNsense, I don't have clear understanding what to group and how to define failovers properly.
Pages1