"Recent posts
#1
26.1 Series / Re: What is ip6 equivalent of ...
Last post by OPNenthu - Today at 08:39:22 AMCan you paste your NAT rule for comparison?
Here are some screenshots of what works for me (on 26.1.2). I have Unbound set to listen on All interfaces. Not shown is the manual pass rule for the NAT rdr that was imported from my legacy ruleset into the new rules UI, but the firewall log shows it passing the traffic.
I wonder if there's maybe an issue with IPv6 literal addresses in the NAT rule? I use an alias because I have this VIP referenced in several places, but I haven't tried without it.
Here are some screenshots of what works for me (on 26.1.2). I have Unbound set to listen on All interfaces. Not shown is the manual pass rule for the NAT rdr that was imported from my legacy ruleset into the new rules UI, but the firewall log shows it passing the traffic.
I wonder if there's maybe an issue with IPv6 literal addresses in the NAT rule? I use an alias because I have this VIP referenced in several places, but I haven't tried without it.
#2
General Discussion / Re: Intermittent Packet Loss o...
Last post by gusto - Today at 08:38:19 AMYeah, as shown in my VM config in the original post (4 queues for each linux bridge).
Do I have to enable multiqueue on the proxmox host side as well, for the physical interfaces?
Do I have to enable multiqueue on the proxmox host side as well, for the physical interfaces?
#3
Hardware and Performance / Re: Warning about RealTek adap...
Last post by Stormscape - Today at 08:05:40 AMYeah, I had been hoping for something PCIe 4.0 that I could use in a 1x slot on my B550 with my Linux desktop. Guess I'll just stick with the SolarFlare in a 4x slot for now.
#4
26.1 Series / Re: What is ip6 equivalent of ...
Last post by opnseeker - Today at 07:58:54 AMQuote from: OPNenthu on February 13, 2026, 11:33:27 PMYou can't use ::1 but the ULA should work.
In my setup I assigned a ULA VIP to the Loopback interface where Unbound also listens, then with a DNAT rule I forward outbound DNS on port 53 to that ULA IP. Slightly different use case (to trap and redirect unencrypted DNS escapes) but same principle. Seems to work OK.
My use case is the same but doesn't work for IP6 even with ULA on 26.x.x. It worked until 25.x.x.
#5
26.1 Series / Re: What is ip6 equivalent of ...
Last post by opnseeker - Today at 07:56:28 AMUp to 25.x.x, Port Forward to another port on Opnsense worked.
This issue is new in 26.x.x with thd new Dest NAT section.
This issue is new in 26.x.x with thd new Dest NAT section.
#6
25.7, 25.10 Series / Re: CALL FOR TESTING: IPv6 imp...
Last post by Greelan - Today at 04:56:14 AMJust wanted to chime in to say kudos to Franco for having the courage to overhaul dhcp6c. It's been a long-neglected part of the nix/bsd universe and was in need of some tlc. It just staggers me that this hasn't happened already at an industry level
#7
German - Deutsch / IPV6 Tunnel mit Route64
Last post by Swtrse - Today at 02:46:02 AMHallo,
Ich bin am ende mit meinem Latein und Copilot schickt mich auch nur noch im Kreis ^^.
Ich habe ein Setup mit PPPoE. Mein "Steinzeit"-Provider (A1) Bietet kein IPv6 auf meinem Anschluss also habe ich einen GIF Tunnel mit Rout64 eingerichtet.
Mein Problem
Nach einem Reboot der Firewall funktioniert IPv6 ~120 Sekunden lang dann bekomme ich nur noch timeouts.
Was Copilot mir vorgeschlagen hat und umgesetzt wurde (ohne Erfolg):
Gateway monitoring deaktiviert
Statische Route gesetzt zur Endadresse von Rout64 (Weil ich nicht die eigenliche Tunneladresse verwende sondern das ebenfalls geroutete /56 subnetz)
Eine Allow All Rule auf dem Interace für den GIF Tunnel
Bei der Regel auf dem Wan Interface ür Protocol 41 ["Antwort-an" deaktivieren] angehackt und [Status-Typ] auf "Kein Zustand" gestellt.
MTU alles mögliche und MSS auch.
Sobald meine Pings nur noch timeouts werfen. Sehe ich selbst bei der Paketaufzeichnung nichts.
Ich bin am ende mit meinem Latein und Copilot schickt mich auch nur noch im Kreis ^^.
Ich habe ein Setup mit PPPoE. Mein "Steinzeit"-Provider (A1) Bietet kein IPv6 auf meinem Anschluss also habe ich einen GIF Tunnel mit Rout64 eingerichtet.
Mein Problem
Nach einem Reboot der Firewall funktioniert IPv6 ~120 Sekunden lang dann bekomme ich nur noch timeouts.
Was Copilot mir vorgeschlagen hat und umgesetzt wurde (ohne Erfolg):
Gateway monitoring deaktiviert
Statische Route gesetzt zur Endadresse von Rout64 (Weil ich nicht die eigenliche Tunneladresse verwende sondern das ebenfalls geroutete /56 subnetz)
Eine Allow All Rule auf dem Interace für den GIF Tunnel
Bei der Regel auf dem Wan Interface ür Protocol 41 ["Antwort-an" deaktivieren] angehackt und [Status-Typ] auf "Kein Zustand" gestellt.
MTU alles mögliche und MSS auch.
Sobald meine Pings nur noch timeouts werfen. Sehe ich selbst bei der Paketaufzeichnung nichts.
#8
Hardware and Performance / Re: [solved] Intel i226 Firmwa...
Last post by BrandyWine - Today at 02:44:48 AMpromox is debian linux, so you need the linux tool, not the freeBSD tool.
You can find the etrackID of your existing nvm, so find it and put that in cfg for replaces. Inventory and log using the util tool, in there it should show etrackID.
Make sure everything in cfg is correct and spelling is good.
You can find the etrackID of your existing nvm, so find it and put that in cfg for replaces. Inventory and log using the util tool, in there it should show etrackID.
Make sure everything in cfg is correct and spelling is good.
#9
Hardware and Performance / Re: [HOWTO] Install OPNsense 2...
Last post by rumshot - Today at 02:17:46 AMHello Team,
I bought a EC-XS too and could figure out most of the steps, until arrive this thread.
My issue is due to the fact the device is not detecting my usb stick and im unable to boot from it and install opnsense.
I was wondering if someone face that or would have a tip to give me.
I could potentially install the opnsense in another computer with ec-xs hd, but i dont know if when i swap it back to ec-xs it will detect the interfaces and so on.
Any guidance its welcome.
ps.: im mac user, then maybe im struggling a little bit and not sure if my usb stick its really booting.
I bought a EC-XS too and could figure out most of the steps, until arrive this thread.
My issue is due to the fact the device is not detecting my usb stick and im unable to boot from it and install opnsense.
I was wondering if someone face that or would have a tip to give me.
I could potentially install the opnsense in another computer with ec-xs hd, but i dont know if when i swap it back to ec-xs it will detect the interfaces and so on.
Any guidance its welcome.
ps.: im mac user, then maybe im struggling a little bit and not sure if my usb stick its really booting.
#10
26.1 Series / Re: KEH reservations
Last post by passeri - Today at 02:11:23 AMReservations remain as you would expect.
Are your reservations outside your dynamic pools?
Did you miss an Apply somewhere along the line?
Are your reservations outside your dynamic pools?
Did you miss an Apply somewhere along the line?
