Messages

106

20.7 Legacy Series / Re: Updated Traffic Graphs

« on: January 28, 2021, 10:21:40 pm »

Really need this feature back in please.

Per IP or resolved hostname realtime bandwidth monitoring.
Basically what was in before and not just top talkers which has replaced it and really is horrible to use.

Can you please give us a reason why this was removed? Maybe then we could understand this better.

Thanks

107

20.7 Legacy Series / Re: Hostnames instead of IP addresses in traffic reporting?

« on: January 28, 2021, 06:43:49 am »

I second that.

Not sure why the old view was completely removed, but hoping there is a roadmap of great features to come in the traffic reporting area!

108

Zenarmor (Sensei) / Re: PPPoEeeeeeeee

« on: January 24, 2021, 09:48:47 pm »

Thanks for this @mb

Looking forward to it!

109

Zenarmor (Sensei) / PPPoEeeeeeeee

« on: January 22, 2021, 07:37:38 pm »

Is there any update on progress of netmap PPPoE support for Sensei and/or Suricata.

Or what the solution might look like.

Thanks

110

20.7 Legacy Series / Re: Reporting Traffic just got more awkward

« on: January 22, 2021, 07:33:45 pm »

Is the Reporting/Traffic aspect going to progress to where it was before or better?

OPNsense protects my home network which has about 50 plus devices behind it, any of which can be happily chewing my 100Mbit/20Mbit bandwidth for random reasons and ruining my experience.
Its a pretty simple configuration currently with a WAN and a LAN interface.

I had a specific need for the Traffic view to be able to quickly see what internal device is consuming my internet traffic.
This is not easily achieved anymore for me and I honestly do not actually see who could make good use of this new look.

My process would be:
Internet is slow for users
Log into OPNsense appliance and check Reporting/Traffic usage
If WAN usage is 100%
Top device in the list is usually the fault
Either complete further analysis using OPNsense or go directly to the device

Both the Graph and Top Talkers does not seem to help me with this.
I'm running the latest 20.7.8

111

20.7 Legacy Series / Re: Updated Traffic Graphs

« on: December 21, 2020, 04:36:05 am »

Just saw this myself,

This was my goto for a quick view of realtime top consumers in my network. Don't want to drop into CLI for this please.
Is there a roadmap for how this updated traffic view is going to proceed? It's definitely prettier and flows nicely, but its very hard to try to gain any useful info from it apart from overall usage. A lot of the functionality has been removed.
I'm guessing there was a discussion somewhere about it needing to change?

If this view is to be kept, I'd like to propose an option:

Within the in and out bps graphs, can you choose to overlay the top talkers.
The top talkers are available through a dynamic group of buttons with their name or IP address and the colour they will show as on the graph (dots and lines).
These buttons are toggles so you can quickly turn them on an off and have multiple on at the same time.

You could also choose a talker by entering its IP address manually.

This allows you to find out which talkers are requiring the most traffic out of your total quickly and in realtime.

112

Zenarmor (Sensei) / Re: Block YouTube App

« on: November 15, 2020, 03:11:54 am »

How are you selecting your devices to be managed.
The reason I ask is that Android devices randomised their MAC address so will likely get a new IP regularly.
This may put them outside of your policy.

113

20.7 Legacy Series / Re: Creating a bridge within virtualized OPNSense

« on: November 10, 2020, 05:52:16 am »

Happy to help and I was asking the exact same questions once!

Link Aggregation is quite a topic for reading and I would encourage you to investigate it well before proceeding.
In most scenarios that provide any real benefit you will need a managed switch where you can set this up first.
Read up on LACP.
If you have the equipment to do this and need the bandwidth/resiliency then you will be creating this between your Hyper-v hosts LAN switch and your physical switch.
Then all guests including OPNsense can benefit from this.

All good fun though!

114

20.7 Legacy Series / Re: Creating a bridge within virtualized OPNSense

« on: November 10, 2020, 03:31:23 am »

I think most of your confusion is to do with virtual networking rather than OPNsense. Would this be correct?

You 'physically' have a PC that connects to your modem.
This PC has multiple network interfaces.
One interface connects to the modem
One interface connects to the LAN switch 
When you setup Hyper-V on a PC, it creates a virtual switch and connects your existing LAN port to this switch. This is then shared by the host PC and the new virtual switch.
Any virtual machines you then create can also connect to this virtual switch and have access to the LAN.

You then want to create an additional 'external' virtual switch in Hyepr-v for WAN which connects to another port on your PC. Do NOT share this with the host. You plug your Modem cable into this port.

When you create your OPNsense VM you give it two interfaces. One connects to the WAN switch and one to the LAN. You might want to look at the MAC addresses presented from Hyper-v to match these up.

Anything that wants to connect from LAN to WAN has to go via the OPNsense router.

ALL LAN traffic will pass via your existing PC's LAN port to your switch.

If you want to later increase bandwidth or provide resiliency to this LAN connection, you can aggregate multiple ports together (Link Aggregation) LAG or in OPNsense LAGG.
 

115

20.7 Legacy Series / Re: Call for testing: netmap on 20.7

« on: November 10, 2020, 02:42:45 am »

Thanks @allebone and @mb

Just had to ask in the right place

116

20.7 Legacy Series / Re: Creating a bridge within virtualized OPNSense

« on: November 09, 2020, 10:32:08 pm »

Sorry if this is basic stuff I am asking here...

So you have a PC that is always on and is running Hyper-v
You have a guest that is OPNsense and is your perimeter firewall/router

I'm not sure why you are needing to use a bridge?
Are you trying to use your 4 port NIC as a LAN switch?
Is OPNsense providing DHCP for the 192.168.0.0/24 LAN network?

If you are not using VLAN's then you would have two physical ports used on your PC that attach to two virtual switches in Hyper-v.
One is WAN and goes to your internet, and one is LAN that connects to your LAN switch
Your OPNsense guest then has two interfaces, one WAN and one LAN that connect to your respective Hyper-v switches.
If you want multiple ports connecting to your LAN switch, have you considered a LAGG?
You would usually break out separate networks to separate interfaces on your firewall for network segmentation and separation.
 

117

20.7 Legacy Series / Re: Creating a bridge within virtualized OPNSense

« on: November 09, 2020, 08:53:03 pm »

Are you able to explain what your goal is with OPNsense and using a bridge?

Maybe I'm a bit confused as to what you are trying to achieve.

118

20.7 Legacy Series / Re: Creating a bridge within virtualized OPNSense

« on: November 09, 2020, 07:54:15 am »

Sorry I'm not sure I'll be much help as I haven't setup a bridge within OPNsense before.

After reading this from the manual

At this point you will need to swap your LAN cable from the existing LAN connection to one of the NICs that were added to the bridge interface, once connected then you must wait, it can take some time for the interface to come back up, but keep refreshing the web interface until it does.

Is it possible the web interface is starting on a different IP address?
Are you able to get onto the console of OPNsense through Hyper-v and see what its network config is from the shell?

I am assuming you are swapping cables by instead swapping interfaces presented by Hyper-v

119

20.7 Legacy Series / Re: Creating a bridge within virtualized OPNSense

« on: November 09, 2020, 01:09:14 am »

I have run OPNsense in Hyper-V successfully but have not created a bridge

Have you read this article
https://docs.opnsense.org/manual/how-tos/lan_bridge.html

120

20.7 Legacy Series / Re: OpnSense - WAN VLAN

« on: November 07, 2020, 10:21:12 pm »

A couple more questions:

Are you using Linux Bridges for your Proxmox Switches
If so, are they VLAN aware
Have you tried tagging your preferred VLAN to the Proxmox nic hardware associated to the guest. Do not setup a VLAN on that interface within the guest unless you are trunking VLANS's

Have a read of this
https://pve.proxmox.com/wiki/Network_Configuration#_vlan_802_1q