Messages

hm... Sorry for the conductivity. I also testing it with multimeter now...
"Made With 99.9% Pure Silver" made me suspitious. Obviously the silver in the paste is not so much.

Ceramic 2 is an average in thermal conductivity.

Ceramic 2 is an average. Take down the heatsink and see if there is close components exposed next to the CPU crystal die that may be shorted out if the Arctic Silver 5 is too much. And usual amout that is needed is about half to full rice bean. Pea sized sounds too much.

Keep in mind, that Arctic Silver 5 is electro-conductive compound!
I can't see the CPU because of the heatsink, but if you have MX-4 it's safer choice.

Thanks, mb, and keep up with good work!

Is "VLAN child interfaces support *with OPNsense 19.1.x" means that filtering on VLANs work without netmap kernel?

I had this issue before more than a year with Linux based firewall IPFire. Was a bad Intel driver with some of the updates of the firewall.

Here is the workaround:

https://forum.ipfire.org/viewtopic.php?f=50&t=17549&p=111842#p111842

Denverton board will be good with 2+ 10 gigabit interfaces and with CPU with good QAT rate (8 core+). But according to high prices are too early for wide use.

OVPN performace is important, but it's not all when it comes to netmap enabled IPS/Sensei build. For a total of 8GB memory ECC is not viable as in ZFS ARC cache in Proxmox. So for a price/performacne, N3710 is far better for me as a baremetal full-blown OPNsense router. Especially with the prices of LPDDR3/ECC DDR4...

The strange is that in some the charts of the review in STH figures N3700 which is always sits better than C3338.
And N3710 is even faster...
I am a bit confused...

Did you tried to set promiscuous mode on the bridges that OPNsense is connected to?

Code Select Expand

ip link set vmbr0 promisc on

change 'vmbr0' with yours...

Will drop Fujitsu boars for now. All are with one Relatek LAN.
Found another budget solution:
https://www.supermicro.com/products/motherboard/X11/X11SBA-LN4F.cfm

Any known problems with Braswell CPUs?

The Fujitsu boards accepts 8-36V DC via DC barrel jack or via 4 pin socket.
There is other problem: one of the ethernets is Realtek :(

Found it in german site if anyone is interested. Now negotiating shipping and price...

https://www.rutronik24.com/search-result/nojs:1337/qs:D3543-S/reset:0

I also use OPNsense not only baremetal, but on ESXi and Proxmox in different scenarios.

Dockers are very popular now and if there was an option to add some dockers to baremetal OPNsense will be more versatile.

Firs of all always change the default port (as security measure) and try not to assign used ports on any side of the router.
More than one VPN server needed to access different parts of the internal network or is one is site-to-site and the other is for road warriors(single clients)
And - yes, they can share single SSL certificate.
On my shop i have one for road warriors to acces entire network, and other for clients to access only specific server. They are on high random ports 10000-50000 and both works without issues.

All of the routers that are in front of the NVR/DVRs are with enabled UPnP and i have no problem to access them from anywhere else. The problem is when i try to access them when i am behind OPNsense firewall. If i am behind plastic router or mobile network or even IPFire i have no problem. Default deny rule - rulenr 6 or rulenr 8 :(