Recent posts

#1

25.7, 25.10 Series / Re: [SOLVED] hostwatch at 100%...

Last post by LHoust - Today at 06:26:53 AM

I was also observing hostwatch running at nearly 100% CPU...

I Proof my OPNsense Updates within a VirtualBox VM running on an Ubuntu 24.04.3 Host, where my /home Partition sits on a HDD...

With 25.7.11_2 I was also observing a Serious Level of HDD Thrashing, until I disabled Automatic Discovery!!!

For Proofing Updates, I also run OPNsense 25.7 within a Workstation VMPlayer VM: Host is Windows 11 (C: Drive is a SSD)...

Everthing seems "Quite" HERE??

#2

25.7, 25.10 Series / Re: [SOLVED] hostwatch at 100%...

Last post by passeri - Today at 05:25:27 AM

Just to mention, on one test box and two operational boxes, all bare metal Intel and AMD, hostwatch trots along quietly with no untoward CPU spikes or log writes. Three principal subnets (no vlans), all IPv4, around 25 devices.

#3

25.7, 25.10 Series / Dnsmasq logging configuration ...

Last post by Deckard - Today at 04:53:36 AM

Hi, I don't know if this has been reported before.  I recently switched from ISC to dnsmasq and today noticed a plethora of log overflow errors, so I attempted to adjust the logging level.

Code Select Expand

2026-01-20T15:37:42-08:00 Warning dnsmasq overflow: 15 log entries lost
2026-01-20T15:37:42-08:00 Warning dnsmasq overflow: 4 log entries lost
2026-01-20T15:37:42-08:00 Warning dnsmasq overflow: 15 log entries lost
2026-01-20T15:09:39-08:00 Warning dnsmasq overflow: 9 log entries lost

I had enabled "Log DHCP options and tags" and was seeing those when viewing informational logs, so I disabled the option and saved settings.  However, the logging did not change.

It appears that no matter what log settings are selected in the configuration, the logging options in the dnsmasq.conf file do not change.  Other settings such as 'no-hosts' apply correctl.

/conf/config.xml fragment:

Code Select Expand

    <dhcp>
      <no_interface/>
      <fqdn>1</fqdn>
      <domain/>
      <local>1</local>
      <lease_max/>
      <authoritative>1</authoritative>
      <default_fw_rules>1</default_fw_rules>
      <reply_delay/>
      <enable_ra>1</enable_ra>
      <nosync>0</nosync>
      <log_dhcp>0</log_dhcp>
      <log_quiet>0</log_quiet>
    </dhcp>

Code fragment from the template /usr/local/opnsense/service/templates/OPNsense/Dnsmasq/dnsmasq.conf:

Code Select Expand

{% if dnsmasq.dhcp.log_dhcp %}
log-dhcp
{% endif %}
{% if dnsmasq.dhcp.log_quiet %}
quiet-dhcp
quiet-dhcp6
quiet-ra
quiet-tftp
{% endif %}
Template output from /usr/local/etc/dnsmasq.conf:

Code Select Expand

log-dhcp
quiet-dhcp
quiet-dhcp6
quiet-ra
quiet-tftp


#4

25.7, 25.10 Series / Re: [SOLVED] hostwatch at 100%...

Last post by LHoust - Today at 04:37:25 AM

I was also observing hostwatch running at nearly 100% CPU...

I Proof my OPNsense Updates within a VirtualBox VM running on an Ubuntu 24.04.3 Host, where my /home Partition sits on a HDD...

With 25.7.11_2 I was also observing a Serious Level of HDD Thrashing, until I disabled Automatic Discovery!!!

#5

25.7, 25.10 Series / Re: Dnsmasq stops occasionaly

Last post by ligand - Today at 03:33:32 AM

Message sent to the list.  Will keep everyone posted.

#6

25.7, 25.10 Series / Re: New site PPPoE PMTU woes

Last post by ToasterPC - Today at 03:04:02 AM

In theory, MSS should be set to MTU-40, but OpnSense does some trickery with the input value, so I would not set it at all.

Set it to the MTU and OPNsense will use MTU - 40 for IPv4 and MTU - 60 for IPv6 which is the reason why you do not put the effective MSS in that field. Because that is different for both protocols.

Okay, so from what I'm gathering, only the MTU should be set in OPNsense itself, and both the Proxmox VirtIO interfaces and their bridges (in WAN and LAN) should stay at the default 1500 MTU value in order to have OPNsense make the corresponding calculations for each protocol.

Do I have the right of it?

#7

General Discussion / Re: Native NAT64 support

Last post by Maurice - Today at 01:46:47 AM

Thanks a lot for your detailed explanation, apalrd!

I've now used the OPNsense Tayga plugin with 'udp-cksum-mode fwd' for about a week and didn't notice any side effects. Before creating a pull request, it would be great if we could get a few more testers. @bestboy, it would be particularly interesting if this fixes VoWiFi for you.

Code Select Expand

opnsense-patch -c plugins 3be934f
You have to re-apply the Tayga config (Services: Tayga: Apply) or reboot OPNsense after applying the patch. Restarting Tayga isn't sufficient.

Cheers
Maurice

#8

25.7, 25.10 Series / Re: GeoIP list no more correct...

Last post by IPinfo - Today at 12:51:50 AM

Hi,

I work for IPinfo.

Please contact our support team at https://ipinfo.io/support. They will need the user's IP address to investigate the issue.

In your message, include the list of IP addresses, please.

— Abdullah | DevRel, IPinfo

#9

25.7, 25.10 Series / Re: Tailscale and OPNSense Web...

Last post by willj8823 - Today at 12:31:48 AM

Same here. On my active OPNsense setup (version 25.7.11_1), I can access the OPNsense web interface using the tailscale URL. However, on my test setup (version 25.7.11_2), I am unable to access the OPNsense web interface using the tailscale url. After restarting the WebGUI, access via the tailscale URL works.

Will

#10

German - Deutsch / Re: Welches DSL-Modem für VDSL...

Last post by k0ns0l3 - Today at 12:03:58 AM

gibt es eine beschreibung wie man das macht leider kein erfahrung,

Wie immer, in der Tutorial-Sektion: https://forum.opnsense.org/index.php?topic=36936.0 oder auch hier, Punkt 11.

gibt es eine beschreibung wie man das macht leider kein erfahrung,

Wie immer, in der Tutorial-Sektion: https://forum.opnsense.org/index.php?topic=36936.0 oder auch hier, Punkt 11.

Danke, melde mich bald wieder 😉

Lg