"Recent posts
#1
26.1, 26,4 Series / My WAN IP keeps dropping
Last post by lowfuriouysISP - Today at 12:35:52 AMHello everyone, im new to Opnsense. I have recently set up my Dell Optiplex as my opnsense box, I have a Intel x550-T2 dual Nic 10GbE as my wan and lan ports. I have a netgear CAX30 on bridged mode acting as my modem. Also my ISP is Cox. The setup works fine for the first 10 minutes then it drops both IPv4 and IPv6 public addresses, then it comes back in 2 minutes and it just keeps looping. So my workoaround was to set it up as double NAT, but of course it's not ideal. Any suggestions would be really helpful.
Thanks :)
Thanks :)
#2
26.1, 26,4 Series / Re: Opnsense randomly (?) cras...
Last post by nero355 - Today at 12:14:41 AMQuote from: meikel on June 05, 2026, 06:31:57 PMIt's an SAMSUNG EVO 850 250gb - it's used but when this issue happens again I'm fine with downtime. I may move to a raid1 at some point but it's not worth the hustle right now as there is no dedicated space for another ssd.I have seen the Evo 830 or 840 being written to death way past what the specifications officially stated so I hope you never have to replace it ever again :)
It's not the greatest thing, but I think it should last a long time!
Quote from: Nullman on June 05, 2026, 05:58:58 PMThese results are quite confusing. S.M.A.R.T parameters are clearly indicating that SSD is pretty much dead. Confusing part is the fact that machine still crashed running Debian live. This indicates another issue beside dead drive.IMO it's 100% to be expected and probably the cause of all the issues...
#3
Hardware and Performance / Re: cpu-microcode-intel: no ma...
Last post by OPNenthu - Today at 12:14:15 AMYou're correct @meyergru:
# cpucontrol -m 0x8b /dev/cpuctl0
MSR 0x8b: 0x24000026 0x00000000
I had done an update around December last year for this one. I guess the microcode updates aren't as frequent as I'm expecting.
# cpucontrol -m 0x8b /dev/cpuctl0
MSR 0x8b: 0x24000026 0x00000000
I had done an update around December last year for this one. I guess the microcode updates aren't as frequent as I'm expecting.
#4
Hardware and Performance / Re: cpu-microcode-intel: no ma...
Last post by meyergru - June 05, 2026, 11:58:54 PMNow that is really strange:
I can only imagine that your BIOS already has version 0x24000026 included. FWIW, the current package has the correct update for the N5105.
Code Select
# dmesg | grep -i microcode
[1] CPU microcode: updated from 0x1d to 0x24000026
# sysctl -a | grep hw.model
hw.model: Intel(R) Celeron(R) N5105 @ 2.00GHz
I can only imagine that your BIOS already has version 0x24000026 included. FWIW, the current package has the correct update for the N5105.
#5
Hardware and Performance / Re: cpu-microcode-intel: no ma...
Last post by OPNenthu - June 05, 2026, 11:37:52 PMFrom: https://reviews.freebsd.org/D57046
I guess Jasper Lake falls into this as well. I'm seeing the same symptom on the Protectli V1410.
# dmesg | grep -i micro
[1] CPU microcode: no matching update found
# sysctl -a | grep hw.model
hw.model: Intel(R) Celeron(R) N5105 @ 2.00GHz
Thanks for the heads up. Will keep an eye on the updates.
QuoteThis affected a number of CPU families in the current release, including
Raptor Lake (06-bf-02/05/06/07, Core Gen13/Gen14), Sapphire Rapids
steppings E0-E3 (06-8f-04 through 06-8f-07), Arrow Lake-H (06-c5-02),
Panther Lake (06-cc-02/03), and others.
I guess Jasper Lake falls into this as well. I'm seeing the same symptom on the Protectli V1410.
# dmesg | grep -i micro
[1] CPU microcode: no matching update found
# sysctl -a | grep hw.model
hw.model: Intel(R) Celeron(R) N5105 @ 2.00GHz
Thanks for the heads up. Will keep an eye on the updates.
#6
26.1, 26,4 Series / Re: factory configuration does...
Last post by franco - June 05, 2026, 11:36:56 PMI think I know what you're indicating here: the default configurations in the factory images are insufficient. Let me discuss with my colleagues and update them accordingly next week.
Cheers,
Franco
Cheers,
Franco
#7
26.1, 26,4 Series / Re: Autoscroll in the update l...
Last post by franco - June 05, 2026, 11:34:01 PMI think this was a regression in 26.1.8 that went unnoticed until I tested the 26.1.9 update for which the actual fix was too late: https://github.com/opnsense/core/commit/5de581cd4 -- it's not great but it's also cosmetic only.
Cheers,
Franco
Cheers,
Franco
#8
26.1, 26,4 Series / Re: Cleaning up old Tunables
Last post by franco - June 05, 2026, 11:32:21 PMBasically, yes, but it's complicated.
In the old days almost all sane defaults were set from the config.xml, but that was a persistence issue across versions if these values needed to change. Some sysctls were set opportunistically from unrelated components for related reasons, too.
Since a number of years these defaults went out of the config.xml into a "softcoded" list of default tunables that are required by the system even though they are not set by the config. Adding them to the config (and overriding them) is possible, but in most cases that's unneeded.
So eventually we removed all config.xml bound sysctls from the community defaults without losing the ability to steer required tunables with default values in any case.
Cheers,
Franco
In the old days almost all sane defaults were set from the config.xml, but that was a persistence issue across versions if these values needed to change. Some sysctls were set opportunistically from unrelated components for related reasons, too.
Since a number of years these defaults went out of the config.xml into a "softcoded" list of default tunables that are required by the system even though they are not set by the config. Adding them to the config (and overriding them) is possible, but in most cases that's unneeded.
So eventually we removed all config.xml bound sysctls from the community defaults without losing the ability to steer required tunables with default values in any case.
Cheers,
Franco
#9
German - Deutsch / Re: Protectli VP2430 – 4x 2.5G...
Last post by ziegler - June 05, 2026, 10:38:05 PMIch werde mir jetzt die VP2430 kaufen und meine RAM testen.
Protectli hat den nicht getestet und auf die getesteten Modelle verwiesen.
Coreboot ist aber glaube ich die Empfelung von Protectli.
Protectli hat den nicht getestet und auf die getesteten Modelle verwiesen.
Coreboot ist aber glaube ich die Empfelung von Protectli.
#10
General Discussion / Re: WAN Failover Gateway
Last post by Bishop527 - June 05, 2026, 10:15:49 PMThank you for your response,
Yes, I turned the any-to-any rule into a policy routing rule and I've added an additional pass rule by creating a alias that included to Vlan networks moved that rule above the any-to-any rule under the LAN interface. But when I change my gateway from default to the Group gateway I'm unable to ping any devices that are in those Vlans. I'll send you a example of one of the VLAN rules:
This is a VLAN that I'm unable to ping from the LAN network when I select the group gateway in my LAN - Default Allow LAN to any Rule.
Again thank you for your assistance.
Yes, I turned the any-to-any rule into a policy routing rule and I've added an additional pass rule by creating a alias that included to Vlan networks moved that rule above the any-to-any rule under the LAN interface. But when I change my gateway from default to the Group gateway I'm unable to ping any devices that are in those Vlans. I'll send you a example of one of the VLAN rules:
This is a VLAN that I'm unable to ping from the LAN network when I select the group gateway in my LAN - Default Allow LAN to any Rule.
Again thank you for your assistance.
