OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of harg »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - harg

Pages: [1]
1
General Discussion / Using OPNSense router with SFR FTTH (Box 7)
« on: December 12, 2023, 05:10:07 pm »
I've just have SFR FTTP installed (France) and I've been supplied with a pretty nasty "Box 7" (Appears to be an Altice GR140CG) where the fibre connection goes straight into it and it provide wifi and routing etc.

I'd like to use an OPNSense router instead and I've had a poke around the admin UI and there's nothing in there regarding a "bridge mode". (some screenshots attached)

I've read a few forum posts on the SFR community site saying to use a DMZ. Does this approach suffer from the double-NAT problem? Can anyone point me to some guidance on how to configure this? Is there a better way?

Any guidance appreciated


2
23.1 Legacy Series / Very slow DNS for updates, plugin listing, remote calls from the OPNSense box
« on: June 20, 2023, 11:02:06 am »
Router info:

Code: [Select]
*** myrouter.localdomain: OPNsense 23.1.9 ***

 LAN (igc1)      -> v4: 192.168.1.1/24
                    v6/t6: 2a0d:3344:12b:c900:62be:b4ff:****:****/64
 Starlink (igc0) -> v4/DHCP4: 100.82.***.***/10
                    v6/DHCP6: fe80::62be:b4ff:****:****%igc0/64


My setup is pretty simple; a single WAN interface (Starlink) and a single LAN interface. I'm also running Adguard home as the DNS for the LAN DHCP server.

Clients on the LAN can access the internet fine and DNS seems fast. ipv6 seems to also work.

However I noticed that when visiting System->Firmware->Status it would be very slow to show any information (up to ~5mins) or would fail to show anything at all. The same applies to the plugins & packages tabs.

It seemed like a DNS issue so I ssh'd into the OPNSense box and tried pinging some hosts. I noticed there was a significant delay after running `ping` and any output appearing:

Code: [Select]
root@myrouter:~ # ping google.com
# delay of ~20-30 seconds
PING google.com (142.250.200.14): 56 data bytes
64 bytes from 142.250.200.14: icmp_seq=0 ttl=119 time=43.432 ms
64 bytes from 142.250.200.14: icmp_seq=1 ttl=119 time=58.192 ms

If I ping the IP address directly the output is instant:

Code: [Select]
root@myrouter:~ # ping 142.250.200.14
PING 142.250.200.14 (142.250.200.14): 56 data bytes
64 bytes from 142.250.200.14: icmp_seq=0 ttl=119 time=48.951 ms

It seems like OPNSense itself is having trouble resolving DNS. It seems to work eventually but making anything that involves resolving a domain very slow. As mentioned this does not seem to affect clients on the LAN where Adguard Home is being using for DNS; just calls from the OPNSense box itself.

Any advice on how to diagnose and fix the issue?

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2