"Recent posts
#21
25.7, 25.10 Series / Re: 25.7.9: pkg exited on sign...
Last post by kozistan - Today at 11:04:51 AMThank you for the tip! I've performed diagnostics following point 23. Here are my findings:
I've tried:
Disabled ASPM by adding hw.pci.enable_aspm="0" to /boot/loader.conf → reboot
Cleared pkg cache: rm -rf /var/cache/pkg/*
Ran pkg update -f again and problem persists. The segmentation fault still occurs at exactly the same point:
This issue appeared only after upgrading to 25.7.9 (worked fine on previous versions)
Opnsense is installed on Vault Pro VP6650 – Intel i5 with X710 NIC's (ixl)
Any advice?
Code Select
PU: 12th Gen Intel Core i5-1235U (Alder Lake)
hw.pci.enable_aspm: 0 (disabled in /boot/loader.conf)
Microcode: no matching update foundI've tried:
Disabled ASPM by adding hw.pci.enable_aspm="0" to /boot/loader.conf → reboot
Cleared pkg cache: rm -rf /var/cache/pkg/*
Ran pkg update -f again and problem persists. The segmentation fault still occurs at exactly the same point:
Code Select
SunnyValley repository update completed. 66 packages processed.
All repositories are up to date.
Child process pid=58709 terminated abnormally: Segmentation fault
This issue appeared only after upgrading to 25.7.9 (worked fine on previous versions)
Opnsense is installed on Vault Pro VP6650 – Intel i5 with X710 NIC's (ixl)
Any advice?
#22
General Discussion / Re: Unbound strange behavior
Last post by ricksense - Today at 10:27:44 AMI realized that Unbound, in this scenario (without checking the "use name server" button), works intermittently and unpredictably.
#23
25.7, 25.10 Series / Re: KEA IPv6 Leases
Last post by meyergru - Today at 10:27:14 AMAs long as Kea DHCPv6 is not active for an interface, it is neither shown nor selectable in the interface filter of the "leases" display.
SLAAC is never shown at all, because those are no leases - the clients decide for themselves, which suffix they use. You would see SLAAC assigments in the NDP table only. If you ever had DHCPv6 leases, they will show up for a long time after they have been handed out, though.
SLAAC is never shown at all, because those are no leases - the clients decide for themselves, which suffix they use. You would see SLAAC assigments in the NDP table only. If you ever had DHCPv6 leases, they will show up for a long time after they have been handed out, though.
#24
Hardware and Performance / My Experience with the SG330 &...
Last post by famyfa - Today at 10:24:38 AMHi, i wanted to share my Experience with a Sophos SG330 Rev1. and Opnsense since other Posts, Knowledge on the Internet is a littlebit older.
Opnsense on an SG330 Works. well who tought elsewise.
Problems i occourd:
Installation: I had to remove the Drive and install Opnsense using a diffrent device. After that it booted opnsense.
Console Port doesn't work per default after the installation, you need to change it in the settings of Opnsense.
Interface Mappings: IGB(InterfaceNumber visible on the Device). So if you don't know which interface is what, check on the Device and you have the . . numbers.
LCD: you need the Plugin to get it working otherwise it shows "ALWAYS" Sophos Protection.
Interfaces: Im still trying to get the SFP+ Interfaces working. The Trancievers are working (Ooh a red light is shining in them) but i cant get the interface online so i might send an update for that in the Future.
Overall: I think this is a nice & cheap opertunity for some Homelabs to get a decent Firewall Appliance.
Opnsense on an SG330 Works. well who tought elsewise.
Problems i occourd:
Installation: I had to remove the Drive and install Opnsense using a diffrent device. After that it booted opnsense.
Console Port doesn't work per default after the installation, you need to change it in the settings of Opnsense.
Interface Mappings: IGB(InterfaceNumber visible on the Device). So if you don't know which interface is what, check on the Device and you have the . . numbers.
LCD: you need the Plugin to get it working otherwise it shows "ALWAYS" Sophos Protection.
Interfaces: Im still trying to get the SFP+ Interfaces working. The Trancievers are working (Ooh a red light is shining in them) but i cant get the interface online so i might send an update for that in the Future.
Overall: I think this is a nice & cheap opertunity for some Homelabs to get a decent Firewall Appliance.
#25
25.7, 25.10 Series / KEA, PiHole and IPv6
Last post by rjopn - Today at 10:22:28 AMHello,
is there a tutorial to integrate PiHole?
a) Docker/k3s-container on a server with IPv6 only and NAT64
b) IPv6 clients with SLAAC
c) IPv4 clients with KEA DHCP
No idea weather this should work.
is there a tutorial to integrate PiHole?
a) Docker/k3s-container on a server with IPv6 only and NAT64
b) IPv6 clients with SLAAC
c) IPv4 clients with KEA DHCP
No idea weather this should work.
#26
General Discussion / Re: Micron exits consumer mark...
Last post by meyergru - Today at 10:14:41 AMWhy wouldn't they? They want (some actually need) the party to go on.
#27
25.7, 25.10 Series / Re: KEA IPv6 Leases
Last post by rjopn - Today at 10:13:44 AMQuote from: Patrick M. Hausen on November 26, 2025, 09:04:05 PMQuote from: rjopn on November 26, 2025, 08:18:25 PMThanks. The IPv4 Web-GUI shows them "correct".
I meant probably all these leases ARE in the LAN interface. Can you tell for sure they belong anywhere else?
Thanks. I am now using SLAAC...
The DHCPv6 leases are coming from different interfaces:
HOME = ::10
IOT = ::20
but it shows only LAN.
#28
25.7, 25.10 Series / Re: 25.7.9: pkg exited on sign...
Last post by meyergru - Today at 10:11:12 AMUsing an Intel CPU? See this, point 23.
#29
25.7, 25.10 Series / Re: GeoIP with ipinfo stopped ...
Last post by reincoder - Today at 09:13:58 AMQuote from: Kayakero on December 05, 2025, 07:01:26 PMthe only thing I can assume is that ipinfo removed the "Content-Disposition" header ( it's hosted in cloudflare it doesn't make sense ).
Let us investigate this issue. I have escalated this to engineering.
— Abdullah | DevRel, IPinfo
#30
25.7, 25.10 Series / Re: GeoIP with ipinfo stopped ...
Last post by reincoder - Today at 09:11:59 AMHi,
I am Abdullah, the DevRel of IPinfo. I will try my best to help you here.
Our file format will never change to anything else without a significant amount of communication. Please understand that a file format change without alerting our user base is a catastrophic change that we will never make. So, I suspect this is some error message being interpreted as zip file or something.
I am not clear about the implementation of how the database is downloaded, but we do have a checksums API endpoint that you should use to verify the download.
Reference: https://ipinfo.io/developers/database-download
The download process requires you to go through a redirect path because the data is stored in a cloud storage bucket.
Reference: https://ipinfo.io/developers/ipinfo-lite-database (See the code section)
The API provides unlimited usage, but the data downloads are subject to rate limits. It permits 10 downloads per unique IP address multiplied by unique access token. This means that to reach the rate limit, you probably downloaded it 10 times using the token you are using from the same IP address.
Reference: https://community.ipinfo.io/t/announcement-we-are-adding-rate-limits-to-data-downloads/358
You have shared your API access token: `f2cbc8898bc30a` which according to our database is a not an active or assigned token.
---
Please let me know if this problem persists. We will be happy to take a look. Our community forum is available here: https://community.ipinfo.io/
— Abdullah | DevRel, IPinfo
I am Abdullah, the DevRel of IPinfo. I will try my best to help you here.
Our file format will never change to anything else without a significant amount of communication. Please understand that a file format change without alerting our user base is a catastrophic change that we will never make. So, I suspect this is some error message being interpreted as zip file or something.
I am not clear about the implementation of how the database is downloaded, but we do have a checksums API endpoint that you should use to verify the download.
Reference: https://ipinfo.io/developers/database-download
The download process requires you to go through a redirect path because the data is stored in a cloud storage bucket.
Reference: https://ipinfo.io/developers/ipinfo-lite-database (See the code section)
The API provides unlimited usage, but the data downloads are subject to rate limits. It permits 10 downloads per unique IP address multiplied by unique access token. This means that to reach the rate limit, you probably downloaded it 10 times using the token you are using from the same IP address.
Reference: https://community.ipinfo.io/t/announcement-we-are-adding-rate-limits-to-data-downloads/358
You have shared your API access token: `f2cbc8898bc30a` which according to our database is a not an active or assigned token.
---
Please let me know if this problem persists. We will be happy to take a look. Our community forum is available here: https://community.ipinfo.io/
— Abdullah | DevRel, IPinfo
