"Recent posts
#1
25.7, 25.10 Series / Re: OPNSense throwing multiple...
Last post by Patrick M. Hausen - Today at 11:35:58 PMI have only ever seen these:
with dying devices. If I saw that in a new unit I would never put that into production before I had successfully eliminated the cause. Timeouts in the CAM subsystem must not happen. If they do, something is broken. Never ignore them.
What do you mean by "vanilla" and "backwards compatible"? Save the configuration from your current unit, fix the hardware, install the very same version, restore configuration ...
Code Select
ahcicho 0: Timeout on slot 7 port 0
CAM Status: Command Timeout
Retrying command, 2 more tries remainwith dying devices. If I saw that in a new unit I would never put that into production before I had successfully eliminated the cause. Timeouts in the CAM subsystem must not happen. If they do, something is broken. Never ignore them.
What do you mean by "vanilla" and "backwards compatible"? Save the configuration from your current unit, fix the hardware, install the very same version, restore configuration ...
#2
25.7, 25.10 Series / Re: CALL FOR TESTING: IPv6 imp...
Last post by pataps - Today at 11:34:22 PMHey,
I've tried to test 1) but sadly dhcp6c fails to establish ipv6 connection despite fetching prefix correctly in the logs. It fails with following message: failed to parse options, malformed DHCP option: type 64, len 21. Revert fixes it of course. Might be something specific to my ISP?
I've tried to test 1) but sadly dhcp6c fails to establish ipv6 connection despite fetching prefix correctly in the logs. It fails with following message: failed to parse options, malformed DHCP option: type 64, len 21. Revert fixes it of course. Might be something specific to my ISP?
#3
25.7, 25.10 Series / Re: OPNSense throwing multiple...
Last post by BigFreddy - Today at 11:31:32 PMQuote from: Patrick M. Hausen on Today at 11:02:20 PMYour SSD/disk is dying. Save a configuration while you still can, replace the drive, reinstall, restore configuration.
Which part makes it obvious ? It's interesting because I always got the following errors (ahcicho 0: Timeout on slot 28 port 0, CAM Status: Command Timeout , Retrying command, 3 more tries remain) since I got the box and what it only caused was slower reboot time trying to do TRIMs I think which some SSDs don't support so I presumed my SSD didn't support that feature and only recently started causing issues, hopefully it's my SSD and nothing else.
Do you know if the vanilla configuration file is backwards compatible with older versions of OPNsense ?
#4
Virtual private networks / Re: Redirect dns traffic throu...
Last post by pitoucol - Today at 11:22:43 PMI already tried to deal with dns leaks. But at that time I wanted to redirect all my dns requests to wireguard gateway.
However I use now unbound and would like to know how to redirect all the dns traffic from unbound to the wireguard gateway in order to prevent dns leak.
But maybe this is not the right way to proceed ?
However I use now unbound and would like to know how to redirect all the dns traffic from unbound to the wireguard gateway in order to prevent dns leak.
But maybe this is not the right way to proceed ?
#5
25.7, 25.10 Series / Re: OPNSense throwing multiple...
Last post by Patrick M. Hausen - Today at 11:02:20 PMYour SSD/disk is dying. Save a configuration while you still can, replace the drive, reinstall, restore configuration.
#6
General Discussion / Re: NEED WITH HELP OPNSENSE CO...
Last post by Patrick M. Hausen - Today at 11:01:31 PMIf you change the IP address of OPNsense you also need to change a whole lot of other advanced stuff like the configuration of the DHCP service. And possibly connect your PC manually without DHCP before you can adjust it. Wich implies that you know how all of this works.
I am not wasting my time watching youtube videos, sorry. Everything one needs to know is in the documentation and help about network fundamentals can be got from this forum.
- start with a fresh default installation
- connect a PC to LAN
- make sure you can reach the UI at 192.168.1.1
- connect WAN
- configure WAN via the UI
--> if you did the last step correctly, your PC and your OPNsense now have Internet access, everything runs on secure defaults, you are essentially done.
*Then* disconnect your PC, connect a switch to LAN, connect PC and all wired devices to switch --> boom, all wired devices now have Internet in a secure manner.
*Then* connect an AP in bridge with a reasonably secure WPA3 password --> boom, all wireless devices now have Internet in a secure manner.
You do not need to change *any* IP address, *any* firewall rules, *anything* but the root password and the WAN configuration for your ISP.
Nothing, niente, nada. Whatever these youtubers are recommending must be a whole lot of BS - a "factory new" OPNsense needs exactly the WAN setup and nothing else.
I hope that clears it up - not your fault.
I am not wasting my time watching youtube videos, sorry. Everything one needs to know is in the documentation and help about network fundamentals can be got from this forum.
- start with a fresh default installation
- connect a PC to LAN
- make sure you can reach the UI at 192.168.1.1
- connect WAN
- configure WAN via the UI
--> if you did the last step correctly, your PC and your OPNsense now have Internet access, everything runs on secure defaults, you are essentially done.
*Then* disconnect your PC, connect a switch to LAN, connect PC and all wired devices to switch --> boom, all wired devices now have Internet in a secure manner.
*Then* connect an AP in bridge with a reasonably secure WPA3 password --> boom, all wireless devices now have Internet in a secure manner.
You do not need to change *any* IP address, *any* firewall rules, *anything* but the root password and the WAN configuration for your ISP.
Nothing, niente, nada. Whatever these youtubers are recommending must be a whole lot of BS - a "factory new" OPNsense needs exactly the WAN setup and nothing else.
I hope that clears it up - not your fault.
#7
General Discussion / Re: NEED WITH HELP OPNSENSE CO...
Last post by iwanttolearn - Today at 10:51:32 PMUnderstood.
Is there any specific reason why i should leave it at 192.168.1.1?
And if i already changed to something else should i leave it, do a reset or put it back to 192.168.1.1?
All other devices should be set to DHCP configuration: Isn't this what the HomeNetworkGuy also talks about in this video? Is that part and the part where he creates the firewall rules valid or should i disregard the whole video?
Is there any specific reason why i should leave it at 192.168.1.1?
And if i already changed to something else should i leave it, do a reset or put it back to 192.168.1.1?
All other devices should be set to DHCP configuration: Isn't this what the HomeNetworkGuy also talks about in this video? Is that part and the part where he creates the firewall rules valid or should i disregard the whole video?
#8
25.7, 25.10 Series / Re: OPNSense throwing multiple...
Last post by BigFreddy - Today at 10:50:23 PMQuote from: Patrick M. Hausen on Today at 04:02:40 PMYou type D M E S G followed by the ENTER key after logging in to the firewall via SSH or connected to the console and selecting "8" for a shell. All lower case letters.
I tried doing that and it only shows me the logs after the reboot took place I think.
Here are the errors I get when I view dmesg:
Code Select
WARNING: L1 data cache covers fewer APIC IDs than a core (0 < 1)
WARNING: Device "spkr" is Giant locked and may be deleted before FreeBSD 15.0.
acpi0: Power Button (fixed)
Unknown: I/O range not supported
cpu0: <ACPI CPU> on acpi0
atrtc0: <AT realtime clock> port 0x70-0x77 on acpi0
atrtc0: Warning: Couldn't map I/O
ns8250: UART FCR is broken (This one appears 3 times)
ahcicho 0: Timeout on slot 28 port 0
CAM Status: Command Timeout
Retrying command, 3 more tries remain
ahcicho 0: Timeout on slot 7 port 0
CAM Status: Command Timeout
Retrying command, 2 more tries remain
ahcicho 0: Timeout on slot 12 port 0
CAM Status: Command Timeout
Retrying command, 1 more tries remain
ahcicho 0: Timeout on slot 17 port 0
CAM Status: Command Timeout
Retrying command, 0 more tries remain
ahcicho 0: Timeout on slot 22 port 0
CAM Status: Command Timeout
Error 5, Retries exhausted
#9
German - Deutsch / Re: OpenSense Festplatte läuft...
Last post by Paul_Senger - Today at 10:44:24 PMDas ist natürlich eine Erklärung. :-)
Noch einen schönen Abend.
Noch einen schönen Abend.
#10
German - Deutsch / Re: OpenSense Festplatte läuft...
Last post by Patrick M. Hausen - Today at 10:39:02 PMKeine Ahnung - stop den Service und hau sie weg.
ZFS komprimiert transparent und Logfiles mit lauter identischen Zeilen komprimieren super. 🙂
ZFS komprimiert transparent und Logfiles mit lauter identischen Zeilen komprimieren super. 🙂
