"Recent posts
#1
25.7, 25.10 Series / Re: Reporting logs: comma in t...
Last post by passeri - Today at 11:19:05 PMQuote from: SenseX on Today at 11:09:39 AMAh, the not-a-comma commas :-)Quote from: passeri on December 13, 2025, 10:39:08 PMAre you referring to the comma after the date number, "December 11, 2025"? Are there other commas I am not seeing in the images?Hi,
That is one of the standard (i.e. common) date formats.
It's not the date. The other numbers: First image:
user: 2,304 <------ 2,3 or 2304?
#2
25.7, 25.10 Series / Re: Reporting logs: comma in t...
Last post by SenseX - Today at 10:01:33 PMQuote from: franco on Today at 08:46:12 PMHi,Quote from: SenseX on Today at 11:09:39 AMuser: 2,304 <------ 2,3 or 2304?
nice: 0
system: 1,59 <------ 1,59 or 159 ?
interrupt: 0
processes: 370,081 <------ What is this, 370 or 370,081 (three hundred seventy thousand and eighty-one)
Looking at the screenshot I would assume I see a decimal point. Looking at your post I see commas that add to the confusion. RRD/system health uses averages so it's very likely decimal points as shown in the GUI.
Cheers,
Franco
Sorry about that, I did use commas in my previous post, but I actually meant decimals.
user: 2.304 <------ 2.3 or 2304?
nice: 0
system: 1.59 <------ 1.59 or 159 ?
interrupt: 0
processes: 370.081 <------ What is this, 370 or 370.081 (three hundred seventy thousand and eighty-one) <---- That seems like a lot of processes.
I was hoping I could found some health report of the RTT (ping gateway) like the widget in the dashbord of Gateway.
But the health report is showing "delay" 0.002 and this number doesn't mean anything to me :)
I was hoping it was showing the RTT/ping gateway in "ms" in my case 2.3 ms
#3
General Discussion / Re: PSA: recent Comcast firmwa...
Last post by allan - Today at 09:16:47 PMQuote from: OPNenthu on Today at 05:51:21 AMI have no evidence of this, but I am guessing business and residential accounts all go thru the same support structure. We just get a different modem and our techs wear shirts and drive trucks that say Comcast Business. We also had AT&T's different broadband offerings going back to DSL in the 90s and we had similar experiences there as well. None of them had a way for technically savvy customers to help them troubleshoot. DSL Reports forums were a lifeline back then.Quote from: allan on December 13, 2025, 12:45:57 AMIPv6-PD is not commonly used and it is not actively monitored-at least by Tier 1 support since they told me their diagnostics all show green.If that's the case for business accounts... then the fact that IPv6-PD works at all for my home connection is something of a miracle and I'm on my own.
Great.
#4
General Discussion / Re: IPv6 Selective Routing Fai...
Last post by Maurice - Today at 09:08:21 PMLooks like an ISP issue, agreed. Have you tried reverse trace routes, too (e. g. from public looking glass services to your own system at home)?
RIPE Atlas is also a good tool to identify ISP-wide issues.
Getting past level 1 support can be challenging. When an ISP I once was with had routing issues, I might have had success with looking up an email address of their NIC an emailing them directly. They didn't respond, but the issue was fixed soon after.
Don't make it sound like a support request. Just a brief heads-up "hey, you have this exact routing issue, this is how to reproduce it". The correct people might read it and silently fix the issue.
Cheers
Maurice
RIPE Atlas is also a good tool to identify ISP-wide issues.
Getting past level 1 support can be challenging. When an ISP I once was with had routing issues, I might have had success with looking up an email address of their NIC an emailing them directly. They didn't respond, but the issue was fixed soon after.
Don't make it sound like a support request. Just a brief heads-up "hey, you have this exact routing issue, this is how to reproduce it". The correct people might read it and silently fix the issue.
Cheers
Maurice
#5
25.7, 25.10 Series / Re: random sFTP connection att...
Last post by Patrick M. Hausen - Today at 08:49:01 PMIt's just "contra-productive" for their specific use case and I cannot find anything in that post claiming anything different. A configurable time of day would be a nice feature, I think. That's all.
#6
25.7, 25.10 Series / Re: Reporting logs: comma in t...
Last post by franco - Today at 08:46:12 PMQuote from: SenseX on Today at 11:09:39 AMuser: 2,304 <------ 2,3 or 2304?
nice: 0
system: 1,59 <------ 1,59 or 159 ?
interrupt: 0
processes: 370,081 <------ What is this, 370 or 370,081 (three hundred seventy thousand and eighty-one)
Looking at the screenshot I would assume I see a decimal point. Looking at your post I see commas that add to the confusion. RRD/system health uses averages so it's very likely decimal points as shown in the GUI.
Cheers,
Franco
#7
General Discussion / Re: Native NAT64 support
Last post by Maurice - Today at 08:39:23 PMI've experimented with WiFi Calling over NAT64 in the past and never got it to work. If anyone had success with this (with any NAT64), I'd be interested. But I'd say it's up to the MNOs to add IPv6 support to their ePDGs.
The new pf 'af-to' feature in FreeBSD 15 indeed makes native NAT64 in OPNsense realistic in the near future. From a quick look, it seems that's what pfSense uses, too (by using FreeBSD prerelease code?). But I'm not very confident this solves the WiFi Calling use case (although I'd be happy to be proven wrong).
@Monviech For general purpose networks, directly switching from Dual Stack to IPv6-only without NAT64 seems unrealistic anytime soon. Some IPv4-only services will be around for many, many years. So IPv6-only with NAT64 is a sensible intermediate step. Among other reasons, it eliminates the management and troubleshooting overhead of Dual Stack while maintaining compatibility with legacy IP.
If you're more conservative, you can go Dual Stack with IPv6-only preferred first, but this requires NAT64, too.
@patient0 apalrd has mentioned being an OPNsense user, but I'm not sure whether he uses the OPNsense Tayga plugin or Tayga on a dedicated Linux system.
Cheers
Maurice
The new pf 'af-to' feature in FreeBSD 15 indeed makes native NAT64 in OPNsense realistic in the near future. From a quick look, it seems that's what pfSense uses, too (by using FreeBSD prerelease code?). But I'm not very confident this solves the WiFi Calling use case (although I'd be happy to be proven wrong).
@Monviech For general purpose networks, directly switching from Dual Stack to IPv6-only without NAT64 seems unrealistic anytime soon. Some IPv4-only services will be around for many, many years. So IPv6-only with NAT64 is a sensible intermediate step. Among other reasons, it eliminates the management and troubleshooting overhead of Dual Stack while maintaining compatibility with legacy IP.
If you're more conservative, you can go Dual Stack with IPv6-only preferred first, but this requires NAT64, too.
@patient0 apalrd has mentioned being an OPNsense user, but I'm not sure whether he uses the OPNsense Tayga plugin or Tayga on a dedicated Linux system.
Cheers
Maurice
#8
25.7, 25.10 Series / Re: "Danger. Unexpected error,...
Last post by franco - Today at 08:38:46 PMThis sequence is certainly bad, but I don't know why it would happen since it was fixed by the revision 1 of 2.3.1 in the first place.
[24/79] Deinstalling opnsense-business-25.10_2...
Stopping configd...done
Resetting root shell
Updating /etc/shells
Unhooking from /etc/rc
Unhooking from /etc/rc.shutdown
[24/79] Deleting files for opnsense-business-25.10_2: .......... done
(does update headless)
[79/79] Installing opnsense-business-25.10.1...
[79/79] Extracting opnsense-business-25.10.1: .......... done
Updating /etc/shells
Registering root shell
Hooking into /etc/rc
Hooking into /etc/rc.shutdown
Starting configd.
(proceeds to install the business package as the last step)
So far we're not overly happy with the jump of pkg from 1 to 2, but there is not a lot we can do. But I'll try to improve the recovery procedure which clearly stops when it should but it should then check if a core package is actually found or not and attempt to reinstall it, which could possibly break because pkg decided to remove a "vital" package for no visible reason. I just keep wondering how badly this would impact FreeBSD on pkg-base as well, but we're going to have to see what 2026 brings.
Cheers,
Franco
[24/79] Deinstalling opnsense-business-25.10_2...
Stopping configd...done
Resetting root shell
Updating /etc/shells
Unhooking from /etc/rc
Unhooking from /etc/rc.shutdown
[24/79] Deleting files for opnsense-business-25.10_2: .......... done
(does update headless)
[79/79] Installing opnsense-business-25.10.1...
[79/79] Extracting opnsense-business-25.10.1: .......... done
Updating /etc/shells
Registering root shell
Hooking into /etc/rc
Hooking into /etc/rc.shutdown
Starting configd.
(proceeds to install the business package as the last step)
So far we're not overly happy with the jump of pkg from 1 to 2, but there is not a lot we can do. But I'll try to improve the recovery procedure which clearly stops when it should but it should then check if a core package is actually found or not and attempt to reinstall it, which could possibly break because pkg decided to remove a "vital" package for no visible reason. I just keep wondering how badly this would impact FreeBSD on pkg-base as well, but we're going to have to see what 2026 brings.
Cheers,
Franco
#9
25.7, 25.10 Series / Re: random sFTP connection att...
Last post by franco - Today at 08:34:17 PMWhy would the documented default be counter productive to other users using it sucessfully?
Cheers,
Franco
Cheers,
Franco
#10
25.7, 25.10 Series / Re: Unbound: Help with mystery...
Last post by Boxer - Today at 08:10:42 PMFirefox by default uses DoH (Cloudflare) but can be turned off to use system DNS. May be worth flushing the browser and system dns caches and testing again.
