Messages

[Unbound DNS -> General]

Throughout this thread, I kept reading "set Outbound interface to localhost in the unbound settings" and I want to make sure I'm understanding everyone.  I've attached what my Unbound DNS -> General page looks like.  Are you talking about the 2nd to last setting "Outgoing Network Interfaces" (which is set to "All (recommended)") being set to "LAN" instead?

Thanks.

I'm currently running:
OPNsense 17.7.6-amd64
FreeBSD 11.0-RELEASE-p12

#1
After entering that info and hitting "Apply", I leave the page and go to Insights and it says:

"Local data collection is not enabled at the moment, please configure netflow first
Go to netflow configuration"

When I go back there, those settings are blank again.  Rinse... repeat.   ;D

I tried a reset of the netflow data, but that doesn't appear to have fixed anything.

I will point out that, when I click "Apply" on the Netflow settings page, I get the spinning dots on that button, but no message at the top.  I don't know if that's expected behavior.

#2
If the system holds enough data and I need to manually export it on some frequency to analyze it in Excel or something, that would work for now.  But, I'll go ahead and create a ticket to see if it's something you guys want to pursue.

Thanks.

First, when I try to enter the settings according to the guide/wiki  (see 1st attachment) and hit apply, they apparently do not actually save.  I don't receive any errors, but if I leave that screen and come back, it's blank again.

I only see this in the logs:

Code Select Expand

Oct 23 11:05:48 configd.py: [0b1c1794-d0aa-4cf9-9478-d2522715fb86] returned exit status 1
Oct 23 11:05:48 configd.py: [0b1c1794-d0aa-4cf9-9478-d2522715fb86] stop netflow data aggregator
Oct 23 11:05:48 configd.py: [d9c2366f-4bfa-4c6d-ab85-65d445366031] returned exit status 1
Oct 23 11:05:48 configd.py: [d9c2366f-4bfa-4c6d-ab85-65d445366031] stop netflow collector
Oct 23 11:05:48 configd.py: [43f06e4c-e0c0-4281-b197-3fe1ec746210] start netflow
Oct 23 11:05:47 configd.py: [70453f52-b9c3-4e9c-8577-58036f3c1c86] stop netflow
Oct 23 11:05:47 configd.py: generate template container OPNsense/Netflow
Oct 23 11:05:47 configd.py: [d0586424-7a72-4ef6-90d4-582aa101f660] generate template OPNsense/Netflow
Oct 23 11:03:19 configd.py: [8967650a-8358-4728-8d7a-dc0bb750663d] request pfctl byte/packet counters

Second, this is on my home setup and I'd like to be able to track my monthly bandwidth usage, but I can't find anything which would allow me to see that much data.  I'm thinking that the local cache of 100MB isn't going to stretch very far, but the free collector software out there also doesn't seem to be up to the task.  I can't imagine that any of the "request a quote" options are going to be cost effective for household use.  Any suggestions there?

[VPNTraffic to VPN_DHCP]

I've been trying to get this working for months (seriously) and I keep running into DNS breaking.  One difference with my setup is that I'm not using a wireless router for DHCP, so I only added a single IP address into the VPNTraffic Aliases you had us create. That one computer is the only one I want to have its traffic forced over the VPN.  The other difference is that I use OPNsense as a private VPN server outside of the third party provider I set up using your instructions.

I've done a ton of testing and it is definitely only DNS which is broken. The internet connection itself is actually functioning; even Windows says as much.  For some reason, I can't get my networked computers to reach the DNS server (my OPNSense server, which is configured for OpenDNS). If I manually input a DNS server on the computers, everything works. I've tried disabling the OpenVPN firewall rule, as well as the private OpenVPN server without any change in DNS.

If I disable either the VPNTraffic to VPN_DHCP rule or the ANY to WAN_DHCP rule, DNS begins working again. Also, as expected, if I push the Default Allow Any rule above the rules I created using your guide, DNS works again.

Any insight would be greatly appreciated.

[Update:]

I'm having this issue, as well.  However, when I tried "fetch https://pkg.opnsense.org/sets/packages-17.1-OpenSSL-amd64.tar", I received a message that the file appears to be truncated.  I attempted it several times.

Update:  It took 3 hours of retrying to fetch that .tar file, but it finally downloaded completely.  I think I retried more than 50 times over those 3 hours.  After it completed, I was able to do the rest of the commands franco listed and complete the upgrade.