"Recent posts
#1
25.7, 25.10 Series / Re: "The release type "opnsens...
Last post by LGDL - Today at 07:54:37 PMQuoteThe system needed to upgrade the pkg tool first before it could use that to upgrade the rest of the system.
Well, yes, I can read that. Just not sure why this update would not be included in the installer.
#2
25.7, 25.10 Series / Re: unbound logger file increa...
Last post by Patrick M. Hausen - Today at 07:53:59 PMNo idea - I mean, that's just the memory size of the process you are showing, not a file.
#3
25.7, 25.10 Series / Re: unbound logger file increa...
Last post by aperezva - Today at 06:55:11 PMAny idea why?. Can I activate logs?. Its not normal 2 GB of oncrease in 5 minutes?. Right?
#4
General Discussion / Re: Trouble with VLAN setup on...
Last post by User074357 - Today at 06:47:06 PMQuote from: Patrick M. Hausen on Today at 12:55:44 AMYou are aware that value is editable?I was not aware. Good to know!
#5
25.7, 25.10 Series / Re: "The release type "opnsens...
Last post by Patrick M. Hausen - Today at 06:41:45 PMThe system needed to upgrade the pkg tool first before it could use that to upgrade the rest of the system.
#6
German - Deutsch / Re: IT Security Experte Floria...
Last post by Zapad - Today at 06:24:04 PMtut mir leid, habe da nix nützliches(was man nicht längst weiss) raushören können....
da macht sich einfach einer wichtig.... sowas wie Snowden für Arme.
da macht sich einfach einer wichtig.... sowas wie Snowden für Arme.
#7
25.7, 25.10 Series / Re: Danger. Unexpected error, ...
Last post by LGDL - Today at 05:47:36 PMHi, I'd suggest reinstalling, then attempting the upgrade again, and despite the error, let it sit for a while.
I reinstalled a few times before realizing this, it took ~15m for it to complete on a Velocloud 510 device.
See:
https://forum.opnsense.org/index.php?topic=49933.0
I reinstalled a few times before realizing this, it took ~15m for it to complete on a Velocloud 510 device.
See:
https://forum.opnsense.org/index.php?topic=49933.0
#8
25.7, 25.10 Series / Re: "Danger. Unexpected error,...
Last post by LGDL - Today at 05:46:08 PMIf this happens to you when attempting to upgrade 25.7 to 25.7.8 on a fresh install, see :
https://forum.opnsense.org/index.php?topic=49933.0
https://forum.opnsense.org/index.php?topic=49933.0
#9
25.7, 25.10 Series / Re: OPNsense with external DNS
Last post by meyergru - Today at 05:44:15 PMYou can actually achieve that effect in one of (at least) three ways:
1. You use DHCP to advertise the DNS server IP to the clients. How you do that depends on the DHCP service you use (ISC, Kea or DNSmasq). This does not change which DNS server OpnSense itself uses - also, you would have to set that DNS server in statically configured clients.
2. You configure an OpnSense DNS server, advertise this via DHCP, but forward the requests to your internal DNS. Again, you could use Unbound, DNSmasq or other DNS servers for this. You can look up each in the official docs.
3. You advertise OpnSense as the DNS server, but divert DNS requests on port 53 via port forwarding to your internal DNS server. There is a thread in the tutorial section on how to do this, but read it to the end. Also see https://forum.opnsense.org/index.php?topic=42985.0, point 29.
As you see, there is many ways that lead to Rome. We are talking a professional tool, not a consumer router here, so choose your poison.
1. You use DHCP to advertise the DNS server IP to the clients. How you do that depends on the DHCP service you use (ISC, Kea or DNSmasq). This does not change which DNS server OpnSense itself uses - also, you would have to set that DNS server in statically configured clients.
2. You configure an OpnSense DNS server, advertise this via DHCP, but forward the requests to your internal DNS. Again, you could use Unbound, DNSmasq or other DNS servers for this. You can look up each in the official docs.
3. You advertise OpnSense as the DNS server, but divert DNS requests on port 53 via port forwarding to your internal DNS server. There is a thread in the tutorial section on how to do this, but read it to the end. Also see https://forum.opnsense.org/index.php?topic=42985.0, point 29.
As you see, there is many ways that lead to Rome. We are talking a professional tool, not a consumer router here, so choose your poison.
#10
25.7, 25.10 Series / "Danger Unexpected error, chec...
Last post by LGDL - Today at 05:43:46 PMAfter checking twice for upgrades on a fresh 25.7 install (see https://forum.opnsense.org/index.php?topic=49932.0), the process started as usual.
After some time I got a red popup indicating:
Don't reload, reboot or otherwise do anything here - just wqait and monitor the log indicating progress. It took me a couple of reinstalls and leaving this alone by chance once to realize after more than 10 minutes the upgrade had resumed and finished.
The red error popup happened around this time in the upgrade:
Well, I tried to do that (check logs) but then accessing the web UI showed this instead:
After reinstalling and reaching the same stage in the upgrade, I noticed it resumed and kept going in the background (the log continued showing progress after a long time, at least 10 minutes).
I had enabled SSH access and connected during this process, everything looked normal with a busy pkg-static process indicating the upgrade continued.
Eventually as noted above the UI came back with the reboot message:
In the background the log indicated a completed upgrade.
Upon reboot after a few more minutes the UI came back again prompting for login.
So, other than the worrying red error message, this time around the upgrade required much more time than usual, waiting it out was unusual but required.
Plan for this downtime next time you upgrade. :)
I was lucky this particular router has an easily accessible serial interface so I could monitor and check boot sequence. I have 2 other devices I accidentally bricked because I didn't wait, but they will require HDMI + keyboard to be fully reset.
After some time I got a red popup indicating:
Code Select
Danger
Unexpected error, check log for detailsDon't reload, reboot or otherwise do anything here - just wqait and monitor the log indicating progress. It took me a couple of reinstalls and leaving this alone by chance once to realize after more than 10 minutes the upgrade had resumed and finished.
The red error popup happened around this time in the upgrade:
Code Select
[20/97] Extracting nss-3.118.1: .......... done
[21/97] Upgrading zstd from 1.5.7 to 1.5.7_1...
[21/97] Extracting zstd-1.5.7_1: .......... done
[22/97] Upgrading boost-libs from 1.88.0_1 to 1.89.0_1...
[22/97] Extracting boost-libs-1.89.0_1:
Well, I tried to do that (check logs) but then accessing the web UI showed this instead:
Code Select
403 ForbiddenAfter reinstalling and reaching the same stage in the upgrade, I noticed it resumed and kept going in the background (the log continued showing progress after a long time, at least 10 minutes).
I had enabled SSH access and connected during this process, everything looked normal with a busy pkg-static process indicating the upgrade continued.
Eventually as noted above the UI came back with the reboot message:
Code Select
The upgrade has finished and the system is being rebooted at the moment, please wait... In the background the log indicated a completed upgrade.
Upon reboot after a few more minutes the UI came back again prompting for login.
So, other than the worrying red error message, this time around the upgrade required much more time than usual, waiting it out was unusual but required.
Plan for this downtime next time you upgrade. :)
I was lucky this particular router has an easily accessible serial interface so I could monitor and check boot sequence. I have 2 other devices I accidentally bricked because I didn't wait, but they will require HDMI + keyboard to be fully reset.
