"Recent posts
#1
26.1 Series / Re: 26.1.3 and Intel X710 (ixl...
Last post by OPNenthu - Today at 02:19:40 PMNot to overstate the obvious, but have either of you contacted the vendor? What was the response?
#2
25.7, 25.10 Series / Re: Need help to configure my ...
Last post by hushcoden - Today at 02:09:46 PMMe again, today I switched to FTTP, but I cannot browse the Internet, and ISP confirmed I don't need any VLAN/Tag.
The interesting thing is as soon as I run the VPN on my laptop, I can browse, whys is that?
I suspect it might be a DNS issue because if SSH to the OPNsense, I can ping any sites with their IP addresses but not by name.
Can someone help me to understand what the problem may be?
Tia/
The interesting thing is as soon as I run the VPN on my laptop, I can browse, whys is that?
I suspect it might be a DNS issue because if SSH to the OPNsense, I can ping any sites with their IP addresses but not by name.
Can someone help me to understand what the problem may be?
Tia/
#3
German - Deutsch / Re: MSS Clamping IPv4 / IPv6
Last post by Monviech (Cedrik) - Today at 01:50:27 PMEntweder hier (MSS Feld in Interfaces -> LAN oder WAN z.b.)
https://github.com/opnsense/core/blob/3d615d6931dab905e17264792d347609385455d6/src/www/interfaces.php#L1822-L1823
Die dann automatisch erstellten scrub Regeln kann man dann in Firewall: Diagnostics: Statistics im rules tab bei filter rules sehen.
-------
Ansonsten in "Firewall: Settings: Normalization" bei einer Normalisierungsregel als "Protocol -> IPv6" wählen anstatt TCP.
Clamping ist nur für TCP wichtig, also die IPv4 Regel TCP, und die IPv6 Regel halt IPv6.
https://github.com/opnsense/core/blob/3d615d6931dab905e17264792d347609385455d6/src/www/interfaces.php#L1822-L1823
Die dann automatisch erstellten scrub Regeln kann man dann in Firewall: Diagnostics: Statistics im rules tab bei filter rules sehen.
-------
Ansonsten in "Firewall: Settings: Normalization" bei einer Normalisierungsregel als "Protocol -> IPv6" wählen anstatt TCP.
Clamping ist nur für TCP wichtig, also die IPv4 Regel TCP, und die IPv6 Regel halt IPv6.
#4
26.1 Series / Re: 26.1.3 and Intel X710 (ixl...
Last post by lechterpolntrien - Today at 01:47:28 PMQuote from: felipe0123 on March 09, 2026, 03:00:28 PMQuote from: lechterpolntrien on March 07, 2026, 05:18:06 AMI've been struggling with intermittent instability on my VP2440 since I got it, but I'm still on 25.7. I currently have a 25 day uptime, which is the longest uptime I've had since I got it - I'm sure it will fall over tonight now that I've thought about it.
I was considering a 26.1 upgrade to help with these problems...
Out of curiosity, what kind of issues do you see? VP2440 was never really stable for me until the last 25 release + all NIC firmware updates. 26 made it unstable again.
It's as you described: all interfaces suddenly lose connectivity. Im only using the x710 interfaces for wan & lan, but Ive tried connecting to the ethernet interfaces when this happens and they are affected too.
I have not touched the firmware on thes interfaces or coreboot since I got it. This latest 25.7 release is also the first time its been up for more than a week.
#5
German - Deutsch / MSS Clamping IPv4 / IPv6
Last post by bamf - Today at 01:43:46 PMHallo,
in den Normalization Settings kann man nicht zwischen IPv4 und IPv6 wählen. Wie kann ich unterschiedliche MSS Werte setzen?
Aktuell habe ich 1432 gesetzt und das greift für IPv4 und IPv6.
Eine Fritzbox z.B. macht automatisch: IPv4 1452, IPv6 1432.
Wie stellt man das in der OPNSense ein?
in den Normalization Settings kann man nicht zwischen IPv4 und IPv6 wählen. Wie kann ich unterschiedliche MSS Werte setzen?
Aktuell habe ich 1432 gesetzt und das greift für IPv4 und IPv6.
Eine Fritzbox z.B. macht automatisch: IPv4 1452, IPv6 1432.
Wie stellt man das in der OPNSense ein?
#6
26.1 Series / Re: 2.16.4: glib has a missing...
Last post by devilkin - Today at 01:16:37 PM #7
26.1 Series / 2.16.3: glib has a missing dep...
Last post by devilkin - Today at 01:14:42 PMUpdated to 21.6.3, and noticed this in the log:
Code Select
Checking for upgrades (3 candidates): ... done
Processing candidates (3 candidates): .
pkg: glib-bootstrap has a missing dependency: python311
pkg: glib has a missing dependency: python311
Processing candidates (3 candidates)... done
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***
#8
High availability / Re: CARP maintenance mode - no...
Last post by Monviech (Cedrik) - Today at 01:14:15 PMThe documentation is correct. In a default CARP setup where the environment works correctly, you don't need any tunables.
If you need that you have other issues to solve, check out the troubleshooting guide we wrote for CARP:
https://docs.opnsense.org/manual/how-tos/carp.html#troubleshooting
If you need that you have other issues to solve, check out the troubleshooting guide we wrote for CARP:
https://docs.opnsense.org/manual/how-tos/carp.html#troubleshooting
#9
High availability / Re: CARP maintenance mode - no...
Last post by GreenMatter - Today at 11:54:55 AMOk now works after enabling preemption and group interface failover by adding tunable:
To either both nodes or master and sync config. BTW, it is not present in docs: https://docs.opnsense.org/manual/how-tos/carp.html#configure-carp
Now, maintenance failover is instant!
- Code Select
net.inet.carp.preempt=1
To either both nodes or master and sync config. BTW, it is not present in docs: https://docs.opnsense.org/manual/how-tos/carp.html#configure-carp
Now, maintenance failover is instant!
#10
26.1 Series / Re: DHCP4 Legacy not showing a...
Last post by lmoore - Today at 11:24:15 AMIs the MAC address on your server still using the same one used prior to re-installing the OS?
ISC DHCP permits setting a static lease outside of the defined range, I've been doing this for years.
I don't use DHCP on my LAN interface in OPNsense as there is another DHCP server on that network.
I do use OPNsense ISC DHCPv4 (Legacy) on another interface and assign a static address to a device outside of the defined range. It appears in my Leases view. I should add, I have enabled the 'Deny unknown clients' setting on this interface.
I don't see any reason why the behaviour would be any different on the LAN interface. It's odd you're not seeing it in the Leases - have you enabled 'Show inactive', just in case it has become flagged as inactive.
In my configuration I've only entered the MAC, IP address, hostname, description, lease time and maximum lease time. Everything else is left blank.
Is the ISC DHCPv4 service running?
Cheers,
Larry.
ISC DHCP permits setting a static lease outside of the defined range, I've been doing this for years.
I don't use DHCP on my LAN interface in OPNsense as there is another DHCP server on that network.
I do use OPNsense ISC DHCPv4 (Legacy) on another interface and assign a static address to a device outside of the defined range. It appears in my Leases view. I should add, I have enabled the 'Deny unknown clients' setting on this interface.
I don't see any reason why the behaviour would be any different on the LAN interface. It's odd you're not seeing it in the Leases - have you enabled 'Show inactive', just in case it has become flagged as inactive.
In my configuration I've only entered the MAC, IP address, hostname, description, lease time and maximum lease time. Everything else is left blank.
Is the ISC DHCPv4 service running?
Cheers,
Larry.
