"Recent posts
#21
26.1 Series / Cron script
Last post by FredFresh - March 31, 2026, 06:08:53 PMHi,
I created this working script for the Cron
[START]
command:traceroute -g 127.0.0.1 10.2.0.1
parameters:
type:script
message:Automatic traceroute to 10.2.0.1
description:Automatic traceroute to 10.2.0.1
How should I modify it in order to pass as parameterthe ip to trace route (10.2.0.1)?
Thank you
I created this working script for the Cron
[START]
command:traceroute -g 127.0.0.1 10.2.0.1
parameters:
type:script
message:Automatic traceroute to 10.2.0.1
description:Automatic traceroute to 10.2.0.1
How should I modify it in order to pass as parameterthe ip to trace route (10.2.0.1)?
Thank you
#22
Virtual private networks / Re: Wireguard client not recon...
Last post by ClearCode - March 31, 2026, 05:59:13 PMI'm on 25.10.2_8 BE and we have this issue since the update to 25.10 last year.
Quite similar to this issue:
https://github.com/opnsense/core/issues/9597
Someone any advices?
Quite similar to this issue:
https://github.com/opnsense/core/issues/9597
Someone any advices?
#23
German - Deutsch / Re: Wie kann HAProxy (Plugin) ...
Last post by cookiemonster - March 31, 2026, 05:49:44 PMperhaps you can still use this https://forum.opnsense.org/index.php?topic=44839.msg223882#msg223882 . I wrote a while ago and is still in operation after a couple of OPN upgrades. I get a lot of hits.
#24
26.1 Series / Re: After the Migration of Fir...
Last post by NorbertK - March 31, 2026, 04:20:58 PMQuote from: Patrick M. Hausen on March 31, 2026, 09:32:18 AMWeren't you offered that option?Maybe I overlooked something .
#25
26.1 Series / Configuration migration advise...
Last post by sbellon - March 31, 2026, 04:08:43 PMHi all,
I recently upgraded to OPNsense 26.1 and would like to plan for the migration away from old configuration to the newer preferred one, and I am seeking for some help and advise in doing so.
As background:
- I have a German Telekom PPPoE dual stack on WAN-side, IPv4 and IPv6 also configured on LAN side as follows.
- LAN IPv6 interface is set to Track Interface (WAN) with manual adjustment of DHCPv6 and RA.
- In Virtual IP, I have an IP Alias on LAN interface configured to some fd01:xxxx/64 ULA.
- In Router Advertisements for LAN, I have mode Stateless and OPNsense's LAN interface with the Virtual IP Alias prefix set as DNS server.
- ISC DHCPv6 is configured (to some range), also with OPNsense's LAN interface with Virtual IP Alias prefix set as DNS server.
- I am already using Dnsmasq for DNS and not Unbound.
Now my questions regarding how to migrate this setup "into the future":
1) IPv6 Configuration Type: if I understand things correctly, when doing separate DHCPv6 and RA configuration anyway, going from "Track Interface" to "Identity association" should be a simple and even recommended switch without anything else to consider?
2) Switching away from ISC DHCPv6: My question is, whether Dnsmasq is suited for (or even capable of) doing what I am doing.
Dnsmasq documentation reads: "There is support for doing address allocation (both DHCPv6 and RA) from subnets which are dynamically delegated via DHCPv6 prefix delegation."
Would that also include a Virtual IP Alias like the ULA one I am using? If not, would it work with Kea?
TIA.
Greetings,
Stefan
I recently upgraded to OPNsense 26.1 and would like to plan for the migration away from old configuration to the newer preferred one, and I am seeking for some help and advise in doing so.
As background:
- I have a German Telekom PPPoE dual stack on WAN-side, IPv4 and IPv6 also configured on LAN side as follows.
- LAN IPv6 interface is set to Track Interface (WAN) with manual adjustment of DHCPv6 and RA.
- In Virtual IP, I have an IP Alias on LAN interface configured to some fd01:xxxx/64 ULA.
- In Router Advertisements for LAN, I have mode Stateless and OPNsense's LAN interface with the Virtual IP Alias prefix set as DNS server.
- ISC DHCPv6 is configured (to some range), also with OPNsense's LAN interface with Virtual IP Alias prefix set as DNS server.
- I am already using Dnsmasq for DNS and not Unbound.
Now my questions regarding how to migrate this setup "into the future":
1) IPv6 Configuration Type: if I understand things correctly, when doing separate DHCPv6 and RA configuration anyway, going from "Track Interface" to "Identity association" should be a simple and even recommended switch without anything else to consider?
2) Switching away from ISC DHCPv6: My question is, whether Dnsmasq is suited for (or even capable of) doing what I am doing.
Dnsmasq documentation reads: "There is support for doing address allocation (both DHCPv6 and RA) from subnets which are dynamically delegated via DHCPv6 prefix delegation."
Would that also include a Virtual IP Alias like the ULA one I am using? If not, would it work with Kea?
TIA.
Greetings,
Stefan
#26
Hardware and Performance / Re: Throughput on WAN took a n...
Last post by nero355 - March 31, 2026, 03:42:38 PMQuote from: nullspace on March 31, 2026, 02:13:36 AMThis is system has run very well for around 2+ years and I kept it up to date weekly.What's the status on the cooling of the system :
- Dust free ?
- Cooling paste not too old ?
Just a thought since I don't see anything about the type of Server Hardware you are using :)
#27
German - Deutsch / Re: Probleme mit VLANs
Last post by viragomann - March 31, 2026, 03:38:53 PMToll dass du es so rasch beheben konntest.
Wünsche dann noch gutes Gelingen für deine weiteren Vorhaben mit OPNsense!
Wünsche dann noch gutes Gelingen für deine weiteren Vorhaben mit OPNsense!
#28
General Discussion / Re: Port OPNsense to Linux?
Last post by nero355 - March 31, 2026, 03:34:50 PMQuote from: Monviech (Cedrik) on March 31, 2026, 01:52:53 PMThere is also nothing quite like the whole ports ecosystem where you can build the whole system reproducibly and declaratively from source.Another thing that's really annoying in Linux : Distro Release X leaves you stuck with Application Release Y
While in FreeBSD I can simply do my own thing via the Ports and install a newer version :)
QuoteI also do not miss systemd in the slightest to be honest. :DAnother weird thing :
- The Linux distro uses SystemD.
- But it does not use it's networking component and uses NetworkManager instead for example.
Result : Sometimes the whole timing between the Network Interfaces coming UP and services bound to a specific IP Address like OpenSSH Server getting started miss their timing and things go horribly wrong...
There is a SysCtl workaround for this, but still... What the heck ?!?! :(
#29
German - Deutsch / Re: Probleme mit VLANs
Last post by rblztomek - March 31, 2026, 03:13:49 PMVielen Dank!
Meine Lösung bestand darin, das Plugin os-realtek-re zu installieren und anschließend die Firewall neu zu starten.
Ein großes Dankeschön an euch – ich bin wirklich positiv überrascht, wie schnell und professionell mir geholfen wurde.
Ich wünsche euch noch einen schönen Tag!
Meine Lösung bestand darin, das Plugin os-realtek-re zu installieren und anschließend die Firewall neu zu starten.
Ein großes Dankeschön an euch – ich bin wirklich positiv überrascht, wie schnell und professionell mir geholfen wurde.
Ich wünsche euch noch einen schönen Tag!
#30
Zenarmor (Sensei) / Re: Zenarmor performance @ Int...
Last post by nero355 - March 31, 2026, 03:08:28 PMQuote from: OPNenthu on March 31, 2026, 12:21:20 AMIt's the same crap like with Docker : https://github.com/containers/podman/blob/main/docs/tutorials/basic_networking.mdQuote from: nero355 on March 30, 2026, 11:00:56 PMPodman is just an alternative to Docker and something I don't feel like maintaining either :)That's the beauty of it: you don't manage anything. It manages itself, including updates. You don't touch a thing on the OS. From the user perspective it's just an app installer. You run it. It installs UOS. Done.
That wasn't the case in the past. You needed to install and maintain Docker yourself, as well as each container (MongoDB, Network) and their connections.
I don't need those additional Network Interfaces on my Host ;)
