Messages

Turns out it does log, to /var/log/ppps.log, not sure why though as this is not what is configured in syslog.conf.

I'm still fighting with my ppp issue here https://forum.opnsense.org/index.php?topic=15187.0

Now I switched from mpd to ppp to see if the problem shows up there as well. Turns out it does but ppp seems to handle it much better.

I now have a working ppp config for my Sierra Wireless LTE modem & everything works fine, even autostart with an improvised rc script plus NAT handled by ppp. However, I can't seem to log to syslog. By default ppp should log there and I enabled logging accordingly in the ppp config. In syslog conf I also see entries for ppp but they never show up in either syslog or a separate log.

I had a look at the log config options but not sure what should happen with a non-standard service like mine, is there anything special I have to do to get logging working for ppp?

Latest update: It is stable for 2 days no and I do not see the LCP errors anymore. Also upload speed is much better.

Strange thing is that I did not change anything IMO, maybe provider glitch.

Thanks for the tip, however this seems disabled by default on PPP according to what I see in System->Gateways.

However, I see this in mpd_wan.conf:

set link keep-alive 10 60

This seems related to the

LCP: no reply to 1 echo request

messages I see in the log before the link goes down. Setting this to 0 should disable the check according to the mpd docs.

However, I can't seem to override this as the file gets recreated on every restart.

kill HUP does not help either, mpd seems to get killed that way, not re-configured.

Anyone has an idea how I can override that for testing? can't find it in the UI so I guess this is hard coded.

Update: Tested the same setup on pfSense as well, same behavior. I start to suspect this is the u3g driver acting up.

I have a super weird behavior with my PcEngines APU & LTE based ppp WAN connection (Sierra Wireless MC7430 Qualcomm Snapdragon X7 LTE-A):

I get the connection to work just fine, sets up fast after a reboot and I get a IPv4 address (no v6 and v4 is private IP). I can resolve names & do tcp/udp just fine.

When I do speedtest, download is fine, not as fast as my Wifi router but ok. When I do upload, the connection is slow and drops to zero very fast. After that my link is in nirvana mode for a while, still shown as ppp0 interface but can't do anything anymore. While monitoring the network I figured it happens after around 2.5MB outgoing traffic in general.

In ppps.log I see this the moment the link stalls: https://pastebin.com/tA6kystN

system.log:

Dec  3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: IP renewal is starting on 'ppp0'
Dec  3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: On (IP address: 10.131.180.114) (interface: WAN[wan]) (real interface: ppp0).
Dec  3 01:28:12 bidul opnsense: plugins_configure hosts ()
Dec  3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'wan'
Dec  3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan
Dec  3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: setting IPv4 default route to 10.64.64.0
Dec  3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: keeping current default gateway '10.64.64.0'
Dec  3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to wan
Dec  3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route
Dec  3 01:28:12 bidul opnsense: plugins_configure monitor ()
Dec  3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: The WAN_DHCP6 monitor address is empty, skipping.
Dec  3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: The WAN_PPP monitor address is empty, skipping.

The link seems to come back after a while but I can very easily trigger it again. I am quite convinced that it's related to how much traffic I *upload*, not to what I download. After around 2MB of outgoing traffic it goes down again, quickly tested it by scp-ing a file to a server.

When I have large downloads it happens at one point as well but I'm quite sure that's when I hit the ~2MB on ACKs or alike.

The interesting thing is that there seems to be something related to ICMP as well. Sometimes I can ping hosts in the Internet, sometimes not. But even if I can after a fresh reboot (and it's not always like this for whatever reason) I definitely won't be able to ping anything *after* the link went down the first time. I see outgoing echo requests on the ppp interface but never an answer.

I'm a bit lost here, this hardware used to work fine before. I recently started from scratch as it was not used for about a year and the only difference IMO is that I'm on a more recent opnsense release. I think the last one was not hardenedBSD yet, could that be a reason? If so, do we still have images I can get pre-hardened so I could test?

FWIW I've also updated the firmware on my LTE card, it was almost 3 years old. But same behavior with the latest release. LTE Signal is in general very good, MIMO antenna attached to it. All values are in Good or Excellent range (tx & rx).

The "start" script works great, thanks @franco!

thanks, I just assumed it's the variable I would have to take, or are they "registered" somewhere? My guess was it has to be named like the rc-script I created.

"start" looks great, will check that out thanks

I have a machine in a mobile carrier network with a private IP as WAN address. To be able to remotely connect to the machine I use autossh, which seems to work fine. I've created the following /usr/local/etc/rc.autossh script:

#!/bin/sh
autossh -M 19984 -N -f -o "PubkeyAuthentication=yes" -o "PasswordAuthentication=no" -i /root/.ssh/id_rsa -R 24385:localhost:22 remote-ip.somewhere.org -l remoteuser &

For starting it I did:

cat /etc/rc.conf.d/autossh
autossh_enable="YES"

When I reboot the box, this script does not seem to be up. Did I miss something or might this be because there is no default gw yet at the stage where it gets triggered?

If so, is there any way I can let the script get executed once I have a WAN IP & GW?

Thanks, I went through all the remaining devices (there are 4) but none of them seems to react on AT, I never get an OK back. Except the one I configured as device, which is obviously busy now.

Any other ideas?

I'm setting up a PC Engines based GW for my second home in Asia, which will run on LTE connection. So far so good, I seem to get an IP and now I start playing with my Sierra Wireless card to figure out how to optimize it.

Main issue I have is that as soon as my PPP connection is up, I cannot connect to /dev/cuaU0.2 anymore, as the device is busy. Is there a way that the PPP connection can be up but at the same time I can check & change stuff on my PPP card using specific AT commands? In particular I want to figure out on what LTE band I am, what the antenna settings are etc. All stuff I can do as long as the PPP connection is not up.

Also I did not really figure out what process is doing the PPP connection in OPNsense, how/where is that done?

[How to install:]

It looks like there are some issues with installing current OPNsense on PC Engines APU2/APU3 boards on an SD card so I thought I will summarize what worked and what doesn't so others can save some time.

What does NOT work: I first tried to dd the NANO image directly to the SD card. While it does boot it screws up on the next reboot. As soon as I rebooted with a proper configuration I got tons of READ errors from the SD card very early in the boot process. Apparently something goes wrong with the disk layout and breaks the install.

This process was how I did it the past years since I started on PFsense and I guess many were used to this. It did work with OPNsense as well until recently.


How to install:

• Install the AMD64 "serial" image on an USB stick. dd is your friend
• Plug serial console to your device
• Put the USB stick into the USB port and boot. If it does not boot from the stick directly, press F10 in the beginning and choose USB
• Login with install user
• Plug your SD card and start the install process (guided worked fine for me)
• Select the SDHC card as target
• Select GPT/UEFI mode
• Finish install & reboot without USB stick

That's it, like this I did not had any problems booting from SD card anymore. Hope this works for everyone.

FYI I created an issue and asked if the FreeBSD driver could be included in OPNsense:

https://github.com/opnsense/core/issues/2114