"Recent posts
#1
Hardware and Performance / Re: TOPTON Mini PC Running OPN...
Last post by Irredio_Revancho - Today at 01:13:45 AMif it fails memtest86, maybe try again with big fan directed onto the top of the Topton. Then try regular deployed use with the big fan blowing on it. Do you see the same results, or different?
I have been interested in mini-pc devices like this, such as Protectli Vault models, but the lack of active cooling always makes hesitate. I wonder, can it really be stable and provide high uptimes? I have no experience with these tiny PC models myself, so I hesitate and search for testimonials. More than once I was just about to click BUY!!! on similar items while browsing Amazon, and just in the corner of my eye I then see "frequently returned item." Yes, well perhaps I can guess why that might be, I think, and it all comes to a screeching halt.
On at least some models, Protectli includes tightly fitted slabs of aluminum heat transfer blocks between critical components and the topside heat sink. Are blocks like these present inside the Topton models? I have no idea. If they aren't present they could be fabricated by a sufficiently OCD afflicted owner. (TBH I would set about this at once without asking myself why really, or consulting with a licensed therapist) But if I were advising someone else, I would say, can lowering the operating temperature by increasing airflow across the heat sink improve system stability at all? If it does then maybe we're onto the cause of the instability, but if it doesn't significantly change things then it's going to be down to something else.
I have been interested in mini-pc devices like this, such as Protectli Vault models, but the lack of active cooling always makes hesitate. I wonder, can it really be stable and provide high uptimes? I have no experience with these tiny PC models myself, so I hesitate and search for testimonials. More than once I was just about to click BUY!!! on similar items while browsing Amazon, and just in the corner of my eye I then see "frequently returned item." Yes, well perhaps I can guess why that might be, I think, and it all comes to a screeching halt.
On at least some models, Protectli includes tightly fitted slabs of aluminum heat transfer blocks between critical components and the topside heat sink. Are blocks like these present inside the Topton models? I have no idea. If they aren't present they could be fabricated by a sufficiently OCD afflicted owner. (TBH I would set about this at once without asking myself why really, or consulting with a licensed therapist) But if I were advising someone else, I would say, can lowering the operating temperature by increasing airflow across the heat sink improve system stability at all? If it does then maybe we're onto the cause of the instability, but if it doesn't significantly change things then it's going to be down to something else.
#2
German - Deutsch / Re: Empfehlungen für den Umsti...
Last post by Jayfrog - Today at 12:13:31 AMQuote from: meyergru on May 10, 2026, 04:54:53 PMWas ist so schwierig daran, einen CSV-Export aus den ISC Reservierungen und danach einen CSV-Import in den Kea Reservierungen durchzuführen?
Aber bitte: https://homenetworkguy.com/how-to/migrate-from-isc-dhcp-to-dnsmasq-or-kea-dhcp-in-opnsense/
Danke für den Artikel, der ist top!
Warum ich nicht genau wusste was du meinst, hängt damit zusammen, dass ich meine Einträge unter ISC DHCPv6 kannte und ich wusste
das dort nie was stand, weil es ja deaktiviert war und IPv6 dennoch ging.
Ich hatte deine Worte dazu also nicht verstanden nach Schema:
Wenn du Reservierungen hast, dann kannst du die mit rübernehmen, sondern, du musst das machen damit die Migration funktioniert.
Ich hab also gedacht das ISC noch versteckt ein paar Settings hat, die ich dann ex und importieren muss und genau da hätte ich nicht gewusst
wie man das macht.
Kann auch sein das es ich es immer noch verstanden haben, von daher sehe mir meine Noobhaftigkeit bitte etwas nach. :DD
So einen einfach Export hätte ich natürlich ergoogln können, weil bisher hatte ich das tatsächlich noch nicht, nur Backups.
#3
26.1, 26,4 Series / Re: KEA is still a mess IMHO
Last post by nero355 - May 10, 2026, 11:40:19 PMQuote from: Monviech (Cedrik) on May 10, 2026, 07:24:09 PMCan we let this thread die now please? Its not about KEA anymore. For general discussions about IPv6 please open a new thread.Why not just move it to the General Discussion sub-forum ?!
#4
Virtual private networks / Re: Always On VPN (Wireguard) ...
Last post by Kinerg - May 10, 2026, 09:34:28 PMQuote from: keeka on May 10, 2026, 08:55:25 PMIIRC that was a consideration when I set up openvpn prior to trying wireguard. It was a while ago and my memory is not great but I do remember deciding against using NAT reflection anywhere after reading the caveats in the docs. Preferring instead to use split DNS or in this case explicit port forwards.
I'm not aware of any drawbacks for this use, but choose whichever option is easier to implement for your use case.
#5
26.1, 26,4 Series / Re: KEA is still a mess IMHO
Last post by JamesFrisch - May 10, 2026, 08:57:40 PMQuote from: Patrick M. Hausen on May 08, 2026, 08:01:56 AMAll my servers use SLAAC. The addresses are stable unless I change the MAC address of the server for some reason. I can then point Caddy (or NginX in your case) at these addresses. DHCPv6 is rarely needed.
Interesting, I thought that I had changing IPv6, but that was in the beginning of my journey. So maybe I looked at the privacy extended IPv6 back then. So in theory, I could ditch DHCPv6, and go with SLAAC only you think?
Hmm... I have to think about that, I quiet liked to have 10.10.50.4 and 2000:2000:2000:50::4 for simplicity.
#6
Virtual private networks / Re: Always On VPN (Wireguard) ...
Last post by keeka - May 10, 2026, 08:55:25 PMQuote from: Kinerg on May 10, 2026, 04:19:07 PMYou need to set up NAT reflection:
https://docs.opnsense.org/manual/how-tos/nat_reflection.html
IIRC that was a consideration when I set up openvpn prior to trying wireguard. It was a while ago and my memory is not great but I do remember deciding against using NAT reflection anywhere after reading the caveats in the docs. Preferring instead to use split DNS or in this case explicit port forwards.
#7
German - Deutsch / Speedtest-Ergebnisse an Home A...
Last post by mzurhorst - May 10, 2026, 07:41:40 PMHallo zusammen.
Ich lasse in OPNsense seit drei Jahren mehrmals am Tag einen Speedtest durchführen, und der wird auch munter gesammelt in der Firewall.
Nun habe ich aber gerade mit Erschrecken festgestellt, dass ich schon seit einigen Wochen einen deutlichen Einbruch im Download habe.
Das war wohl nicht so ganz dramatisch, dass ich es jemals in der Firewall probiert hätte. Internet fühlte sich manchmal etwas zäh an, aber nie schlimm genug, dass ich dann akut Zeit oder Not hatte, mich drum zu kümmern.
Long story short: Wie kann ich denn diese Messwerte irgendwie automatisiert nutzen für Benachrichtungen?
Home Assistant wäre für mich erste Wahl, weil ich da alles parat habe, um die Benachrichtungen und Automationen zu erstellen nach gusto.
Hat jemand eine Idee? Oder das evtl. sogar schon mal gemacht?
Danke & Grüße,
Marcus
Ich lasse in OPNsense seit drei Jahren mehrmals am Tag einen Speedtest durchführen, und der wird auch munter gesammelt in der Firewall.
Nun habe ich aber gerade mit Erschrecken festgestellt, dass ich schon seit einigen Wochen einen deutlichen Einbruch im Download habe.
Das war wohl nicht so ganz dramatisch, dass ich es jemals in der Firewall probiert hätte. Internet fühlte sich manchmal etwas zäh an, aber nie schlimm genug, dass ich dann akut Zeit oder Not hatte, mich drum zu kümmern.
Long story short: Wie kann ich denn diese Messwerte irgendwie automatisiert nutzen für Benachrichtungen?
Home Assistant wäre für mich erste Wahl, weil ich da alles parat habe, um die Benachrichtungen und Automationen zu erstellen nach gusto.
Hat jemand eine Idee? Oder das evtl. sogar schon mal gemacht?
Danke & Grüße,
Marcus
#8
26.1, 26,4 Series / Re: KEA is still a mess IMHO
Last post by Monviech (Cedrik) - May 10, 2026, 07:24:09 PMCan we let this thread die now please? Its not about KEA anymore. For general discussions about IPv6 please open a new thread.
Since I develop a lot in the current KEA implementation I'd like actionable tickets that can be solved.
Thank you :)
Since I develop a lot in the current KEA implementation I'd like actionable tickets that can be solved.
Thank you :)
#9
General Discussion / Re: Help with GeoIP and csv fo...
Last post by meyergru - May 10, 2026, 07:13:05 PMBecause ip66.dev is what the OP mentioned. IPinfo was thrown into the mix only after that.
As I said, I only though that the ASN columns were needed. In fact, they are not from the GeoIP data at all. It was all down to having to set the HTTP header if you want to coerce OpnSense to read a .csv.gz file like the one from IPinfo.
As I said, I only though that the ASN columns were needed. In fact, they are not from the GeoIP data at all. It was all down to having to set the HTTP header if you want to coerce OpnSense to read a .csv.gz file like the one from IPinfo.
#10
General Discussion / Re: Help with GeoIP and csv fo...
Last post by Patrick M. Hausen - May 10, 2026, 07:03:13 PM@meyergru If you run your own local Elastiflow instance you can enrich the data with Maxmind's GeoIP info by configuring the flow collector like so:
As you can see the configuration points to the full path to the database file. The setup of acquiring that file and regular updates is completely outside of Elastiflow and in my case handled by the geoipupdate package on Ubuntu.
Question is: does IPinfo use the same file format and can I replace the Maxmind database with the IPinfo one?
If not, are there tools to convert?
I don't understand why you bring in IP66 - I don't even know what that is ;-)
Kind regards,
Patrick
Code Select
EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_ENABLE: "true"
EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_ASN_PATH: /etc/elastiflow/maxmind/GeoLite2-ASN.mmdb
As you can see the configuration points to the full path to the database file. The setup of acquiring that file and regular updates is completely outside of Elastiflow and in my case handled by the geoipupdate package on Ubuntu.
Question is: does IPinfo use the same file format and can I replace the Maxmind database with the IPinfo one?
If not, are there tools to convert?
I don't understand why you bring in IP66 - I don't even know what that is ;-)
Kind regards,
Patrick
