1
19.7 Legacy Series / Re: Logging non-standard service to syslog
« on: December 11, 2019, 09:29:13 am »
Turns out it does log, to /var/log/ppps.log, not sure why though as this is not what is configured in syslog.conf.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
19.7 Legacy Series / Logging non-standard service to syslog
« on: December 10, 2019, 09:41:56 am »
I'm still fighting with my ppp issue here https://forum.opnsense.org/index.php?topic=15187.0
Now I switched from mpd to ppp to see if the problem shows up there as well. Turns out it does but ppp seems to handle it much better.
I now have a working ppp config for my Sierra Wireless LTE modem & everything works fine, even autostart with an improvised rc script plus NAT handled by ppp. However, I can't seem to log to syslog. By default ppp should log there and I enabled logging accordingly in the ppp config. In syslog conf I also see entries for ppp but they never show up in either syslog or a separate log.
I had a look at the log config options but not sure what should happen with a non-standard service like mine, is there anything special I have to do to get logging working for ppp?
Now I switched from mpd to ppp to see if the problem shows up there as well. Turns out it does but ppp seems to handle it much better.
I now have a working ppp config for my Sierra Wireless LTE modem & everything works fine, even autostart with an improvised rc script plus NAT handled by ppp. However, I can't seem to log to syslog. By default ppp should log there and I enabled logging accordingly in the ppp config. In syslog conf I also see entries for ppp but they never show up in either syslog or a separate log.
I had a look at the log config options but not sure what should happen with a non-standard service like mine, is there anything special I have to do to get logging working for ppp?
3
19.7 Legacy Series / Re: ppp LTE connection going down after certain MB of outgoing traffic, ICMP broken
« on: December 06, 2019, 09:26:25 am »
Latest update: It is stable for 2 days no and I do not see the LCP errors anymore. Also upload speed is much better.
Strange thing is that I did not change anything IMO, maybe provider glitch.
Strange thing is that I did not change anything IMO, maybe provider glitch.
4
19.7 Legacy Series / Re: ppp LTE connection going down after certain MB of outgoing traffic, ICMP broken
« on: December 03, 2019, 07:06:20 pm »
Thanks for the tip, however this seems disabled by default on PPP according to what I see in System->Gateways.
However, I see this in mpd_wan.conf:
set link keep-alive 10 60
This seems related to the
LCP: no reply to 1 echo request
messages I see in the log before the link goes down. Setting this to 0 should disable the check according to the mpd docs.
However, I can't seem to override this as the file gets recreated on every restart.
kill HUP does not help either, mpd seems to get killed that way, not re-configured.
Anyone has an idea how I can override that for testing? can't find it in the UI so I guess this is hard coded.
However, I see this in mpd_wan.conf:
set link keep-alive 10 60
This seems related to the
LCP: no reply to 1 echo request
messages I see in the log before the link goes down. Setting this to 0 should disable the check according to the mpd docs.
However, I can't seem to override this as the file gets recreated on every restart.
kill HUP does not help either, mpd seems to get killed that way, not re-configured.
Anyone has an idea how I can override that for testing? can't find it in the UI so I guess this is hard coded.
5
19.7 Legacy Series / Re: ppp LTE connection going down after certain MB of outgoing traffic, ICMP broken
« on: December 03, 2019, 07:18:07 am »
Update: Tested the same setup on pfSense as well, same behavior. I start to suspect this is the u3g driver acting up.
6
19.7 Legacy Series / ppp LTE connection going down after certain MB of outgoing traffic, ICMP broken
« on: December 02, 2019, 07:53:49 pm »
I have a super weird behavior with my PcEngines APU & LTE based ppp WAN connection (Sierra Wireless MC7430 Qualcomm Snapdragon X7 LTE-A):
I get the connection to work just fine, sets up fast after a reboot and I get a IPv4 address (no v6 and v4 is private IP). I can resolve names & do tcp/udp just fine.
When I do speedtest, download is fine, not as fast as my Wifi router but ok. When I do upload, the connection is slow and drops to zero very fast. After that my link is in nirvana mode for a while, still shown as ppp0 interface but can't do anything anymore. While monitoring the network I figured it happens after around 2.5MB outgoing traffic in general.
In ppps.log I see this the moment the link stalls: https://pastebin.com/tA6kystN
system.log:
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: IP renewal is starting on 'ppp0'
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: On (IP address: 10.131.180.114) (interface: WAN[wan]) (real interface: ppp0).
Dec 3 01:28:12 bidul opnsense: plugins_configure hosts ()
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'wan'
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: setting IPv4 default route to 10.64.64.0
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: keeping current default gateway '10.64.64.0'
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to wan
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route
Dec 3 01:28:12 bidul opnsense: plugins_configure monitor ()
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: The WAN_DHCP6 monitor address is empty, skipping.
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: The WAN_PPP monitor address is empty, skipping.
The link seems to come back after a while but I can very easily trigger it again. I am quite convinced that it's related to how much traffic I *upload*, not to what I download. After around 2MB of outgoing traffic it goes down again, quickly tested it by scp-ing a file to a server.
When I have large downloads it happens at one point as well but I'm quite sure that's when I hit the ~2MB on ACKs or alike.
The interesting thing is that there seems to be something related to ICMP as well. Sometimes I can ping hosts in the Internet, sometimes not. But even if I can after a fresh reboot (and it's not always like this for whatever reason) I definitely won't be able to ping anything *after* the link went down the first time. I see outgoing echo requests on the ppp interface but never an answer.
I'm a bit lost here, this hardware used to work fine before. I recently started from scratch as it was not used for about a year and the only difference IMO is that I'm on a more recent opnsense release. I think the last one was not hardenedBSD yet, could that be a reason? If so, do we still have images I can get pre-hardened so I could test?
FWIW I've also updated the firmware on my LTE card, it was almost 3 years old. But same behavior with the latest release. LTE Signal is in general very good, MIMO antenna attached to it. All values are in Good or Excellent range (tx & rx).
I get the connection to work just fine, sets up fast after a reboot and I get a IPv4 address (no v6 and v4 is private IP). I can resolve names & do tcp/udp just fine.
When I do speedtest, download is fine, not as fast as my Wifi router but ok. When I do upload, the connection is slow and drops to zero very fast. After that my link is in nirvana mode for a while, still shown as ppp0 interface but can't do anything anymore. While monitoring the network I figured it happens after around 2.5MB outgoing traffic in general.
In ppps.log I see this the moment the link stalls: https://pastebin.com/tA6kystN
system.log:
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: IP renewal is starting on 'ppp0'
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: On (IP address: 10.131.180.114) (interface: WAN[wan]) (real interface: ppp0).
Dec 3 01:28:12 bidul opnsense: plugins_configure hosts ()
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'wan'
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: setting IPv4 default route to 10.64.64.0
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: keeping current default gateway '10.64.64.0'
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to wan
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route
Dec 3 01:28:12 bidul opnsense: plugins_configure monitor ()
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: The WAN_DHCP6 monitor address is empty, skipping.
Dec 3 01:28:12 bidul opnsense: /usr/local/etc/rc.newwanip: The WAN_PPP monitor address is empty, skipping.
The link seems to come back after a while but I can very easily trigger it again. I am quite convinced that it's related to how much traffic I *upload*, not to what I download. After around 2MB of outgoing traffic it goes down again, quickly tested it by scp-ing a file to a server.
When I have large downloads it happens at one point as well but I'm quite sure that's when I hit the ~2MB on ACKs or alike.
The interesting thing is that there seems to be something related to ICMP as well. Sometimes I can ping hosts in the Internet, sometimes not. But even if I can after a fresh reboot (and it's not always like this for whatever reason) I definitely won't be able to ping anything *after* the link went down the first time. I see outgoing echo requests on the ppp interface but never an answer.
I'm a bit lost here, this hardware used to work fine before. I recently started from scratch as it was not used for about a year and the only difference IMO is that I'm on a more recent opnsense release. I think the last one was not hardenedBSD yet, could that be a reason? If so, do we still have images I can get pre-hardened so I could test?
FWIW I've also updated the firmware on my LTE card, it was almost 3 years old. But same behavior with the latest release. LTE Signal is in general very good, MIMO antenna attached to it. All values are in Good or Excellent range (tx & rx).
7
18.7 Legacy Series / Re: [SOLVED] Autostart a script after WAN connection is up
« on: November 10, 2018, 11:00:01 am »
The "start" script works great, thanks @franco!
8
18.7 Legacy Series / Re: Autostart a script after WAN connection is up
« on: November 10, 2018, 10:41:59 am »
thanks, I just assumed it's the variable I would have to take, or are they "registered" somewhere? My guess was it has to be named like the rc-script I created.
"start" looks great, will check that out thanks
"start" looks great, will check that out thanks
9
18.7 Legacy Series / [SOLVED] Autostart a script after WAN connection is up
« on: November 10, 2018, 09:34:11 am »
I have a machine in a mobile carrier network with a private IP as WAN address. To be able to remotely connect to the machine I use autossh, which seems to work fine. I've created the following /usr/local/etc/rc.autossh script:
#!/bin/sh
autossh -M 19984 -N -f -o "PubkeyAuthentication=yes" -o "PasswordAuthentication=no" -i /root/.ssh/id_rsa -R 24385:localhost:22 remote-ip.somewhere.org -l remoteuser &
For starting it I did:
cat /etc/rc.conf.d/autossh
autossh_enable="YES"
When I reboot the box, this script does not seem to be up. Did I miss something or might this be because there is no default gw yet at the stage where it gets triggered?
If so, is there any way I can let the script get executed once I have a WAN IP & GW?
#!/bin/sh
autossh -M 19984 -N -f -o "PubkeyAuthentication=yes" -o "PasswordAuthentication=no" -i /root/.ssh/id_rsa -R 24385:localhost:22 remote-ip.somewhere.org -l remoteuser &
For starting it I did:
cat /etc/rc.conf.d/autossh
autossh_enable="YES"
When I reboot the box, this script does not seem to be up. Did I miss something or might this be because there is no default gw yet at the stage where it gets triggered?
If so, is there any way I can let the script get executed once I have a WAN IP & GW?
10
18.7 Legacy Series / Re: PPP & LTE cards: How to access AT commands once interface is up?
« on: October 31, 2018, 06:58:30 pm »
Thanks, I went through all the remaining devices (there are 4) but none of them seems to react on AT, I never get an OK back. Except the one I configured as device, which is obviously busy now.
Any other ideas?
Any other ideas?
11
18.7 Legacy Series / PPP & LTE cards: How to access AT commands once interface is up?
« on: September 30, 2018, 12:41:32 pm »
I'm setting up a PC Engines based GW for my second home in Asia, which will run on LTE connection. So far so good, I seem to get an IP and now I start playing with my Sierra Wireless card to figure out how to optimize it.
Main issue I have is that as soon as my PPP connection is up, I cannot connect to /dev/cuaU0.2 anymore, as the device is busy. Is there a way that the PPP connection can be up but at the same time I can check & change stuff on my PPP card using specific AT commands? In particular I want to figure out on what LTE band I am, what the antenna settings are etc. All stuff I can do as long as the PPP connection is not up.
Also I did not really figure out what process is doing the PPP connection in OPNsense, how/where is that done?
Main issue I have is that as soon as my PPP connection is up, I cannot connect to /dev/cuaU0.2 anymore, as the device is busy. Is there a way that the PPP connection can be up but at the same time I can check & change stuff on my PPP card using specific AT commands? In particular I want to figure out on what LTE band I am, what the antenna settings are etc. All stuff I can do as long as the PPP connection is not up.
Also I did not really figure out what process is doing the PPP connection in OPNsense, how/where is that done?
12
Hardware and Performance / [HOWTO] Installing 17.7 (and probably above) on APU2/APU3 boards & SD card
« on: January 20, 2018, 11:20:50 am »
It looks like there are some issues with installing current OPNsense on PC Engines APU2/APU3 boards on an SD card so I thought I will summarize what worked and what doesn't so others can save some time.
What does NOT work: I first tried to dd the NANO image directly to the SD card. While it does boot it screws up on the next reboot. As soon as I rebooted with a proper configuration I got tons of READ errors from the SD card very early in the boot process. Apparently something goes wrong with the disk layout and breaks the install.
This process was how I did it the past years since I started on PFsense and I guess many were used to this. It did work with OPNsense as well until recently.
How to install:
That's it, like this I did not had any problems booting from SD card anymore. Hope this works for everyone.
What does NOT work: I first tried to dd the NANO image directly to the SD card. While it does boot it screws up on the next reboot. As soon as I rebooted with a proper configuration I got tons of READ errors from the SD card very early in the boot process. Apparently something goes wrong with the disk layout and breaks the install.
This process was how I did it the past years since I started on PFsense and I guess many were used to this. It did work with OPNsense as well until recently.
How to install:
- Install the AMD64 "serial" image on an USB stick. dd is your friend
- Plug serial console to your device
- Put the USB stick into the USB port and boot. If it does not boot from the stick directly, press F10 in the beginning and choose USB
- Login with install user
- Plug your SD card and start the install process (guided worked fine for me)
- Select the SDHC card as target
- Select GPT/UEFI mode
- Finish install & reboot without USB stick
That's it, like this I did not had any problems booting from SD card anymore. Hope this works for everyone.
13
17.7 Legacy Series / Re: APU2C4 - Usage of the onboard LEDs
« on: January 20, 2018, 11:03:07 am »
FYI I created an issue and asked if the FreeBSD driver could be included in OPNsense:
https://github.com/opnsense/core/issues/2114
https://github.com/opnsense/core/issues/2114
Pages: [1]