Messages

1

General Discussion / DHCP leases updates to MQTT?

« on: December 28, 2022, 07:29:07 pm »

I'm interested in sending DHCP leases (IPv6 & v4) to MQTT. I know how to send them but I need to know how I can get notification pf DHCP leases. Any thouhgts?

2

22.1 Legacy Series / Re: os-ddclient

« on: May 19, 2022, 02:45:27 pm »

I'm using noip.com and I ran into the same issue and I changed the cmd line in /usr/local/etc/ddclient.conf

```
daemon=300
syslog=yes                  # log update msgs to syslog
pid=/var/run/ddclient.pid   # record PID in file.
ssl=yes
#ssl=no

# re0 is the Inet interface
use=cmd, cmd="/usr/local/opnsense/scripts/ddclient/checkip -i re0 -t 0 -s noip-ipv4",
protocol=noip, \
login=nom@example.com, \
password=NunAYurBusiness \
example.ddns.net
```

Once I switched it from -t 1 to -t 0 it started working.

3

General Discussion / Confusion with IPV6 and SSH access rules (not to FW)

« on: March 14, 2022, 04:41:37 pm »

I'm a bit confused as to how to proceed. IPv6 is going to require that I start thinking differently. I have an SSH server on my LAN (with IPv6) and I'd like to be able to access it from the Internet. I know not to think of this in NAT terms but how do I open up the firewall to access that server? The IPv6 address isn't really static and I don't want to open up the entire network to SSH. I could assign and different port on the server for SSH. Can anyone point me in the correct direction?

4

22.1 Legacy Series / Re: ipv6 issues

« on: March 06, 2022, 06:28:40 pm »

... then if i set the prefix to 56 and add track 6 on the internal vlan interface...using 0x0..and...nothing.  ...

@hescominsoon, did you try 0x1 instead of 0x0? I had to change mine on each interface. 0x0 didn't work for me. I incremented for each LAN I added under IPv6.

5

22.1 Legacy Series / Re: ipv6 issues

« on: March 06, 2022, 06:25:22 pm »

Thanks :-)

6

22.1 Legacy Series / Re: ipv6 issues

« on: March 06, 2022, 02:41:30 pm »

Most ISPs that use DHCP6 only provide a /128 on the WAN, that is if they even provide a GUA address at all, some will not even provide that, instead relying on a link-local address between your WAN and the ISP BNG. Routing will still work as Opnsense uses the default route via the WAN interface, even if it is link-local, to route packets out to the ISP BNG. Therefore do not assume you will always see a GUA address on the WAN.

BNG - What is that? Sorry this level of IPv6 is new to me.

GUA - Global Unique Address.

I am fortunate, I now have a GUA and I do see Opnsense using the link-local as the default route. Not sure what issue hescominsoon is running into.

7

22.1 Legacy Series / Re: ipv6 issues

« on: March 05, 2022, 01:40:32 pm »

You cannot set up an interface with /60 in IPv6. All interfaces are /64. Always. You might get a /60 (I get a /56) via prefix delegation but you can only use individual /64s out of that range on your interfaces.

Ah, sorry, poorly worded on my part.

On the WAN interface I set  "Prefix delegation size" to /60. But WAN will get a /128, the LANs (which are tracking the WAN) will get /64.

And now the really strange part, routing is working! I have at least 2 of my servers able to reach IPv6 and the IPv6 test site (ipv6-test.com). I need to work on a third. I have to turn off IPv6 on a third server as it was having issues with IPv6. :-)

8

22.1 Legacy Series / Re: ipv6 issues

« on: March 05, 2022, 07:13:06 am »

I setup my WAN with a /60, prefix hint and dhcpv6. Someone suggested consumer IPv6 only gets /60 not /64 like the commercial accounts. I've setup my LAN interface to track the WAN interface and set the IPv6 Prefix ID to 1 for the first interface (and 2 for the second LAN). Now I have IPv6 addresses on both interfaces. But I'm a bit confused as the networks don't match the WAN interface or the dhcp6dump interface. I have 2001:... on the WAN and in the dump. But I have 2601:... on the LANs. Hmm, they do belong to Comcast (my ISP) so that checks. But when I attempt tp ping6 google.com from the LAN hosts, it stops at the router's LAN interface (I used traceroute6 to figure that out). Now I'm stuck, but at a new place.

9

22.1 Legacy Series / Re: IPv6 working properly???

« on: February 24, 2022, 07:42:29 am »

Probably because you have configured DHCPv6 for LAN

Is OPNsense sitting behind an ISP router? Possible that the ISP router is pinching the prefix

I don't think so, I had IPv6 working with pfsense. My cable modem's routing and WiFi are disabled. I switched to get support for a Realtek NBaseT card that pfsense won't support.

Now it is possible that I have Opnsense setup incorrectly. The current version is a bit different than the GUI dicussed on most of the search responses.

10

22.1 Legacy Series / Re: IPv6 working properly???

« on: February 24, 2022, 04:23:24 am »

....
I've seen several message that suggest changing settings under Service > Router Advertisements but I don't have the menu option.
...

You need to tick "Allow manual adjustment of DHCPv6 and Router Advertisements" in the LAN interface option to see Router Advertisements.
...

I do not have that option  on the Interface > LAN page

11

22.1 Legacy Series / Re: IPv6 working properly???

« on: February 23, 2022, 07:00:52 pm »

Was going to start a similar sounding thread but will post here. I should do otherwise, please let me know.

I was going to title mine:
Trying to get IPv6 working, can't find Services > Router Advertisement

I have my LAN (/64) and WAN (/56) set to dhcpv6, set Send IPv6 prefix hint & not set Use IPv4 connectivity (Xfinity). The WAN gets a /128 IPv6 address but that's it. Nothing on the LAN or the OPT1 interface (not important).

I've seen several message that suggest changing settings under Service > Router Advertisements but I don't have the menu option.

Versions   OPNsense 22.1.1_3-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1m 14 Dec 2021

CPU type   Intel(R) Xeon(R) CPU E3-1270 v3 @ 3.50GHz (4 cores, 8 threads)

My IPv4 is still working so I'm not in a rush but I'll help out if I can.

Thanks

12

22.1 Legacy Series / Re: [Solved] Last night's updates did not go well

« on: February 23, 2022, 06:33:12 pm »

Thanks Franco, RedVortex, that solves the problem. I now have re0 and 2.5G media setting.

Solution: install the os-realtek-re plugin

13

22.1 Legacy Series / Re: Last night's updates did not go well

« on: February 21, 2022, 09:53:55 pm »

Can your issue be related to this release note ?

o The Realtek vendor driver is no longer bundled with the updated FreeBSD kernel.  If unsure whether FreeBSD 13 supports your Realtek NIC please install the os-realtek-re plugin prior to upgrading to retain operability of your NICs.

Oops, looks like I deserve a public whipping with a cat6-o-802.3 tails 

Thanks, I'll install the os-realtek-re. I had installed the if_re package about a week ago and it was working. Didn't think to read the release notes for drivers updates.

14

22.1 Legacy Series / [Solved] Last night's updates did not go well

« on: February 21, 2022, 06:23:03 pm »

Last night I saw that there was an update (from 22.1 to 22.1 ?) to various software and decided to run the update. Well that didn't go well. Seems my if_re.ko was removed from the /boot/loader.conf (I've put it in /boot/loader.conf.d/if_re.config). This lead to all sorts of problems as re0 was my WAN.  Any I can't quite restore from a backup as I can't get re0 to be recognized. Can anyone suggest how I go about diagnosing this problem. I'm new to OpenBSD and so far I know I can see the card:

Code: [Select]

none2@pci0:3:0:0:       class=0x020000 rev=0x00 hdr=0x00 vendor=0x10ec device=0x8125 subvendor=0x10ec subdevice=0x0123
    vendor     = 'Realtek Semiconductor Co., Ltd.'
    device     = 'RTL8125 2.5GbE Controller'
    class      = network
    subclass   = ethernet

Not an emergency as I've fallen back to a 1G interface so I can reach the internet just can't get re0 up.