"Recent posts
#1
General Discussion / Re: Multi-wan with PPPoE not w...
Last post by charles - Today at 07:07:42 AMAlright, FIB is too complex for me.
I think I'll just deploy five OpenWrt instances to handle the PPPoE dialing
then connect them to OPNsense.
Thanks for all the replies!
I think I'll just deploy five OpenWrt instances to handle the PPPoE dialing
then connect them to OPNsense.
Thanks for all the replies!
#2
25.7, 25.10 Series / Re: Using Adguard Home and DNS...
Last post by julsssark - Today at 03:31:16 AMSee here and note the links that explain the privacy/reliability advantages: https://nlnetlabs.nl/projects/unbound/about/
While your ISP can't see your DNS requests because they are encrypted, my understanding is that Google/Cloudflare could. Similar to how you can log into your AdGuard console and can see all of the DNS requests coming into AdGuard from your local devices.
While your ISP can't see your DNS requests because they are encrypted, my understanding is that Google/Cloudflare could. Similar to how you can log into your AdGuard console and can see all of the DNS requests coming into AdGuard from your local devices.
#3
25.7, 25.10 Series / Re: Using Adguard Home and DNS...
Last post by JMini - Today at 01:36:59 AMYou can configure AdGuard and Unbound to forward to any upstream resolvers you want.
Right now I have AdGuard to use DNS over HTTPS to Cloudflare and Google. I'd like to try using a non-google DOH resolver as a second service though.
h3://cloudflare-dns.com/dns-query
https://dns.google/dns-query
My ISP isn't seeing ANY DNS requests and can't inspect the ones being sent to CloudFlare
Right now I have AdGuard to use DNS over HTTPS to Cloudflare and Google. I'd like to try using a non-google DOH resolver as a second service though.
h3://cloudflare-dns.com/dns-query
https://dns.google/dns-query
My ISP isn't seeing ANY DNS requests and can't inspect the ones being sent to CloudFlare
#4
General Discussion / Gateway Monitoring and Packet ...
Last post by Meg - Today at 01:13:05 AMHello: I recently started monitoring my gateway and noticed that I am getting intervals of packet loss. I am running opnsense 25.7.7_4 with adguard home and unbound as my recursive resolver. I am also using zenarmor. I was just wondering if anybody can explain what I am seeing here on the health/quality graph and what could be causing it. As I have never monitored this before I am not sure if this is normal behavior. See attached graph.
#5
25.7, 25.10 Series / Re: Using Adguard Home and DNS...
Last post by julsssark - November 25, 2025, 11:28:06 PMAs I understand it, Unbound provides more privacy than using AdGuard for your DNS service. Unbound is a resolver that directly queries authoritative nameservers, while AdGuard forwards requests to your ISP's (or Google's, etc.) DNS service. DOH will secure your request in transport, but the DNS service you are using will still know your DNS requests.
#6
General Discussion / Re: Multi-wan with PPPoE not w...
Last post by pfry - November 25, 2025, 11:23:24 PMQuote from: Monviech (Cedrik) on November 25, 2025, 09:34:12 AM[...]It would need multiple FIBs (aka virtual routing instances)
Speak of the devil... (Link included for future reference, not that anyone wants to look at it.)
Quote from: charles on November 25, 2025, 09:08:44 AM[...]I have 5 PPPoE lines from the same ISP.[...]
I have to say, when I said (paraphrasing) multiple FIB support would be useful, this isn't what I was thinking of. Ouch.
#7
General Discussion / Re: OPNsense DNS over TLS forw...
Last post by meyergru - November 25, 2025, 11:03:01 PMI already wondered how this was possible - for me, DoT works as expected as verified by a tcpdump. So it is only the column in the grid that display the wrong value, mainly a cosmetic problem.
#8
General Discussion / Re: OPNsense DNS over TLS forw...
Last post by cookiemonster - November 25, 2025, 10:55:57 PMQuote from: chemlud on November 25, 2025, 10:22:29 PMRelated:very well spotted. It seems the likely explanation.
https://github.com/opnsense/core/issues/8386
?
#9
General Discussion / Re: OPNsense DNS over TLS forw...
Last post by chemlud - November 25, 2025, 10:22:29 PM #10
Hardware and Performance / Re: N150 / N355 good fits?
Last post by meyergru - November 25, 2025, 09:36:02 PMForget those TDP numbers.
First off, for the Intel N series, these are most often "TDP down" values which no manufacturer uses for sake of higher performance ratings. Even the N100 is often configured at 25 Watts TDP and for some BIOSes, you need special tricks to bring these down, which you will need when you have a passively cooled system.
Second, with normal load on the system, the numbers are often lower - take the Minisforum. 100W TDP is only for the CPU, but at max load. In reality, the CPU will likely use 8-10 Watts and the rest of the system ~15W, so the real power draw will likely be more like 35 Watts.
An N1x0 will be more like 20-25 Watts, the N355 (estimated) ~30-35 Watts.
First off, for the Intel N series, these are most often "TDP down" values which no manufacturer uses for sake of higher performance ratings. Even the N100 is often configured at 25 Watts TDP and for some BIOSes, you need special tricks to bring these down, which you will need when you have a passively cooled system.
Second, with normal load on the system, the numbers are often lower - take the Minisforum. 100W TDP is only for the CPU, but at max load. In reality, the CPU will likely use 8-10 Watts and the rest of the system ~15W, so the real power draw will likely be more like 35 Watts.
An N1x0 will be more like 20-25 Watts, the N355 (estimated) ~30-35 Watts.
