Topics

1

21.7 Legacy Series / Aliases not being updated, because "Last Updated" is in the future

« on: December 13, 2021, 01:50:24 pm »

Hi, I've got a problem with aliases not being updated. The reason seems to be that the timestamp of it lies within the future.

Code: [Select]

/var/db/aliastables

-rw-r-----  1 root  wheel    32 Jan 14 13:54:39 2022 WebServers.md5.txt
-rw-r-----  1 root  wheel   250 Jan 14 13:54:39 2022 WebServers.self.txt
-rw-r-----  1 root  wheel   250 Jan 14 13:54:39 2022 WebServers.txt

What's the best approach to solve this? I can do a "touch"  to the file to give it the current timestamp, but I don't know if that's the way to go or even which of the 3 files to touch.

Best regards,

Maarten

2

21.7 Legacy Series / Max size traffic shaper pipe?

« on: December 07, 2021, 11:27:31 am »

Hi, I'm trying to configure a pipe larger than 2gbit, but anything I configure over 2.1gb causes problems. The Shaper status does not show queues/rules after it encounters the pipe over 2.1gb.

for example "ipfw queue show", doesn't show anything, if there is a pipe over 2.1gb

Best regards,

Maarten

(OPNsense 21.7.1-amd64) (I checked, but this is also the case with OPNsense 20.7)

3

21.7 Legacy Series / Boot delay after "Invoking start script newwanip" (boot takes about 13 minutes)

« on: October 01, 2021, 01:06:48 pm »

Hi, it takes about 13 minutes for my router to boot up. This is the case for years now. I'm trying to find out how I can solve this, but I'm not sure where to start.

I've attached a screenshot of the part where it becomes really slow. (Red Arrows) Every line of "Reconfiguring IPv4 on ovpns" takes minutes to complete.

I've tried to boot with all openvpn server connections disabled. As expected the boot was fast. I've re-enabled the connections and the boot is slow again.

Is this a known issue?

[You need to be logged in to see the attached picture...]


[Edit 2021-10-28]
Apparently executing this command is taking a long time:

configctl interface newip ovpns5  (this is executed for every vpn server you've configured)

This command is fired from this script:
/usr/local/etc/rc.syshook.d/start/10-newwanip

I noticed the delay is there when you assign an interface to the vpn instance. If you remove the interface assignment there is no delay anymore. (but then your setup doesn't work of course)
[/Edit]

4

20.7 Legacy Series / GUI, change default rowcount shown

« on: November 06, 2020, 08:32:44 am »

Hi,

Is there a way to change default row count shown in for rules and stuff? (see attached image)

Best regards,

Maarten

5

20.7 Legacy Series / PPPoE failed after reboot

« on: August 25, 2020, 02:22:01 pm »

Hi,

After a reboot my PPPoE connection failed. It does not try to reconnect. This is the log after the reboot:

Interfaces: Point-to-Point: Log File

Date Line
2020-08-25T13:08:48   ppp[22102]: process 22102 terminated
2020-08-25T13:08:48   ppp[22102]: [opt1_link0] Link: Shutdown
2020-08-25T13:08:48   ppp[22102]: [opt1] Bundle: Shutdown
2020-08-25T13:08:48   ppp[22102]: [opt1] IPV6CP: state change Stopped --> Closed
2020-08-25T13:08:48   ppp[22102]: [opt1] IPV6CP: Close event
2020-08-25T13:08:48   ppp[22102]: [opt1] IFACE: Rename interface pppoe0 to pppoe0
2020-08-25T13:08:48   ppp[22102]: [opt1] IFACE: Down event
2020-08-25T13:08:48   ppp[22102]: [opt1] IFACE: Delete route 0.0.0.0/0 x.x.x.x failed: No such process
2020-08-25T13:08:48   ppp[22102]: [opt1] IPCP: LayerDown
2020-08-25T13:08:48   ppp[22102]: [opt1] IPCP: SendTerminateReq #4
2020-08-25T13:08:48   ppp[22102]: [opt1] IPCP: state change Opened --> Closing
2020-08-25T13:08:48   ppp[22102]: [opt1] IPCP: Close event
2020-08-25T13:08:48   ppp[22102]: [opt1] IFACE: Close event
2020-08-25T13:08:48   ppp[22102]: fatal error, exiting
2020-08-25T13:08:48   ppp[22102]: 0x449dc90e3c0 <_pthread_sigmask+0x530> at /lib/libthr.so.3
2020-08-25T13:08:48   ppp[22102]: 0x33f04957cd0 <SendSignal+0x50> at /usr/local/sbin/mpd5
2020-08-25T13:08:48   ppp[22102]: 0x33f04958129 <DoExit+0x289> at /usr/local/sbin/mpd5
2020-08-25T13:08:48   ppp[22102]: caught fatal signal ABRT

What can cause this to happen?

Best regards,

Maarten

6

20.7 Legacy Series / dpinger not started on boot

« on: August 25, 2020, 02:04:35 pm »

Hi,

I'm running a multiwan setup and sometimes on a reboot the dpinger service is not started. This is obviously a pretty big problem, because the gateway is then not enabled.

1) Is there a way to see why this happened?
2) Should a service like this be monitored and started if it failed?

7

20.1 Legacy Series / Use aliases in Shaper rules

« on: June 12, 2020, 11:40:59 am »

Hi,

I'm checking out the latest production version of OPNsense, and I notice I still can't use aliases. This would greatly enhance the usage of the shaper configuration. Setting up a shaper configuration for a slightly more advanced network is a pain a.t.m.

Is there any plan on implementing this feature?

Best regards,

Maarten

(old similar topic old version)
https://forum.opnsense.org/index.php?topic=5500.0

8

20.1 Legacy Series / Automatic gateway switching, exclude certain gateways for default GW selection

« on: June 05, 2020, 01:06:16 pm »

Hi,

I've got a few gateways where 2 of them actually are gateways to the internet. I've checked both these internet gateways as "Upstream Gateway", and assigned the appropriate priority. The Switching works fine, but if both of the internet gateways are down the next gateway inline is selected as default gateway, which is unwanted because the rest does not connect to the internet.

Where can I specify that the rest of the gateways cannot be selected as default gateway? I know I can make a fake gateway that is next inline that goes nowhere and mark that as always on, but that seems a bit messy to me.

Best regards,

Maarten

9

18.7 Legacy Series / Connecting Sites via openvpn and policy routing

« on: October 01, 2018, 09:23:53 am »

Hi,

I've got a problem when connecting sites together via policy routing.

I've connected my sites as shown in the attached image, and the problem is I can't ping from "Site B" to "Site C" and visa versa.
The Ping request does reach the host at "Site C", and the ping reply travels back over the tunnel, but "Site A" decides to route the ping reply over the default gateway instead of the tunnel to "Site B". This is the case in both directions. So the policy routing seems to be setup correctly.

What can be the problem here?

10

18.1 Legacy Series / State table problem afer reboot

« on: July 26, 2018, 02:27:57 pm »

Hi,

I have 2 routers connected over openvpn. I use policy routing to route the subnets. If I run a ping from one host to a host on the other network and then reboot the router, at boot the router creates a wrong state.

This happens probably because the host is still pinging and the vpn is not yet online. It is not always the case, but, when I have 3 pings to separate hosts, usually 1 or 2 do not reply untill I do a State table reset.

Is this a known issue?

Best regards,

Maarten

OPNsense 18.1.13-amd64
FreeBSD 11.1-RELEASE-p11
OpenSSL 1.0.2o 27 Mar 2018

11

18.1 Legacy Series / [SOLVED] Use External (advanced) Alias in firewall rules

« on: July 06, 2018, 03:43:09 pm »

Hi,

Is there a way to use the "External Alias" in your firewall rules? Looks like you're not able to assign this type of alias to a firewall rule. This should work right?

Best regards,

Maarten

12

18.1 Legacy Series / Port forward (NAT) with VIP issue

« on: June 05, 2018, 02:36:23 pm »

Hi,

I've noticed when I use "WAN address" when creating a Port forward, it forwards the port on the "WAN address" and all VIP's on that interface. Is it suppose to be like this?

I've found another similar "issue" on older opnsense releases (https://forum.opnsense.org/index.php?topic=5312.msg22326#msg22326 ) The work around mentioned here does work.

Best regards,

Maarten

OPNsense 18.1.9-amd64
FreeBSD 11.1-RELEASE-p10
OpenSSL 1.0.2o 27 Mar 2018

13

17.7 Legacy Series / Change bootorder A10 router

« on: December 19, 2017, 01:27:21 pm »

Hi,

I'm using the A10 router and want to set usb boot to be the default. Is this possible? I want to be able to boot from usb in case of a update failure, without having to access the console.

Best regards,

Maarten

14

16.7 Legacy Series / Traffic shaper Issue

« on: November 03, 2016, 09:08:01 am »

Hi,

I've got a problem with the traffic shaper. When I set the rule protocol to "tcp (non-ACK packets)" it does not trigger on any tcp packet, and when I set it to "tcp (ACK packets only)" it will trigger on normal tcp data packets.

So the Ack Queue is handling all tcp packets.

Best regards,

Maarten

15

16.7 Legacy Series / [SOLVED] pftop (queues)

« on: November 02, 2016, 12:56:39 pm »

Hi,

When I use pftop on the console and go to the queue view I get an error "Error Reading Queues (DIOCGETALTQS): Operation not supported by device".  Is there a way to fix this?

Best regards,

Maarten