"Recent posts
#61
26.1 Series / Re: zfs and sqlite
Last post by franco - February 12, 2026, 08:58:28 PMYep, if you want the complaint gone just reinstall it from the packages tab.
#62
Development and Code Review / Re: RFC: Kea DHCP Dynamic DNS ...
Last post by Monviech (Cedrik) - February 12, 2026, 08:54:45 PMJust for reference there is already a competing PR open for that feature:
https://github.com/opnsense/core/pull/9401
You can read for the general feedback in there and compare it to your approach.
https://github.com/opnsense/core/pull/9401
You can read for the general feedback in there and compare it to your approach.
#63
Development and Code Review / RFC: Kea DHCP Dynamic DNS (DDN...
Last post by brendanbank - February 12, 2026, 08:49:40 PMHi all,
I've been working on adding Dynamic DNS (DDNS) support to the Kea DHCP plugin in OPNsense and would love to get feedback before submitting a pull request.
Why this feature?
I'm in the process of migrating from ISC DHCP to Kea DHCP, but one of the blockers for me (and I suspect others) is the lack of DDNS support — the ability to automatically register forward (A) and reverse (PTR) DNS records when leases are handed out. This was available in ISC DHCP via nsupdate and is something I rely on in my network. With ISC DHCP reaching end-of-life, having feature parity in Kea is important for a smooth migration.
What it does
Future plans
IPv6 (DHCPv6) DDNS support with AAAA and ip6.arpa PTR records is planned as a follow-up.
Code and documentation
A note on the implementation: I'm proficient in Python but not so much in PHP, so I've used Claude Code to help write the PHP code. The implementation follows the existing OPNsense MVC patterns and has been tested on a production firewall with BIND9 as the DNS server, with both forward and reverse updates working correctly across multiple subnets with TSIG authentication. That said, an extra pair of eyes on the PHP would be very welcome.
I'd appreciate any feedback on the approach, the UI/UX, or the code itself before I open a PR against the main repos.
Thanks,
Brendan
I've been working on adding Dynamic DNS (DDNS) support to the Kea DHCP plugin in OPNsense and would love to get feedback before submitting a pull request.
Why this feature?
I'm in the process of migrating from ISC DHCP to Kea DHCP, but one of the blockers for me (and I suspect others) is the lack of DDNS support — the ability to automatically register forward (A) and reverse (PTR) DNS records when leases are handed out. This was available in ISC DHCP via nsupdate and is something I rely on in my network. With ISC DHCP reaching end-of-life, having feature parity in Kea is important for a smooth migration.
What it does
- Integrates the Kea DHCP-DDNS daemon (D2) with the existing Kea DHCPv4 plugin
- TSIG key management (HMAC-SHA256, HMAC-SHA512, etc.) for authenticated DNS updates (RFC 2845)
- DDNS domain profiles with configurable forward and reverse zones, DNS server addresses, and per-zone TSIG keys
- Per-subnet DDNS configuration with automatic hostname prefix options:
Network name — uses the OPNsense interface description (e.g. mylan.dyn.example.com)
Interface name — uses the physical interface name (e.g. vlan0.021.dyn.example.com)
Custom prefix — free-form input
No prefix — hostnames placed directly under the zone - Reverse zone auto-computation from subnet CIDR, with manual override for non-standard delegations (e.g. 10.in-addr.arpa instead of per-/24 zones)
- DHCID conflict resolution (RFC 4703) enabled by default
Future plans
IPv6 (DHCPv6) DDNS support with AAAA and ip6.arpa PTR records is planned as a follow-up.
Code and documentation
- Core implementation: brendanbank/core feature/kea-ddns
- Documentation: brendanbank/docs feature/kea-ddns-docs
A note on the implementation: I'm proficient in Python but not so much in PHP, so I've used Claude Code to help write the PHP code. The implementation follows the existing OPNsense MVC patterns and has been tested on a production firewall with BIND9 as the DNS server, with both forward and reverse updates working correctly across multiple subnets with TSIG authentication. That said, an extra pair of eyes on the PHP would be very welcome.
I'd appreciate any feedback on the approach, the UI/UX, or the code itself before I open a PR against the main repos.
Thanks,
Brendan
#64
25.7, 25.10 Series / Re: Midnight Commander missing
Last post by tam - February 12, 2026, 08:48:57 PMThanks Franco. I was looking in the webinterface /ui/core/firmware#package
from ssh did the trick.
Code Select
pkg install mcfrom ssh did the trick.
#65
Hardware and Performance / Re: [solved] Intel i226 Firmwa...
Last post by BrandyWine - February 12, 2026, 08:34:47 PMThere is FreeBSD util in the Intel bundle, you need to dig it out of the I210 TGZ zip that's in the I210 folder.
\Release_30.6.zip\NVMUpdatePackage\I210\I210_NVMUpdatePackage_v2_00_Linux.tar.gz\I210_NVMUpdatePackage_v2_00_Linux.tar\I210\Linux_x64\
2nd, please post your nvm cfg file you are using with flash util.
3rd, with a hyper-v, do not flash from a vm, flash only from the host OS.
\Release_30.6.zip\NVMUpdatePackage\I210\I210_NVMUpdatePackage_v2_00_Linux.tar.gz\I210_NVMUpdatePackage_v2_00_Linux.tar\I210\Linux_x64\
2nd, please post your nvm cfg file you are using with flash util.
3rd, with a hyper-v, do not flash from a vm, flash only from the host OS.
#66
26.1 Series / Re: zfs and sqlite
Last post by OPNenthu - February 12, 2026, 08:15:28 PMI upgraded to 26.1.2 now and then ran a health check. Saw this message:
Maybe it's related to the manual patch I had done above. Do I just ignore it?
Thanks!
Quote>>> Check for core packages consistency
Core package "opnsense" at 26.1.2 has 67 dependencies to check.
Checking packages: .............
hostwatch-1.0.12 repository mismatch: unknown-repository
Checking packages: ....................................................... done
***DONE***
Maybe it's related to the manual patch I had done above. Do I just ignore it?
Thanks!
#67
General Discussion / Re: upgrade from 21.7.8 failed
Last post by franco - February 12, 2026, 08:14:35 PMHi Thierry,
21.x is so old it's difficult to give proper instructions on recovery with historic tools that likely don't support this or that magic we've added over the years.
This may help... there's still a lot of stuck old binary packages while you are on a newer base system:
# pkg bootstrap -f
Cheers,
Franco
21.x is so old it's difficult to give proper instructions on recovery with historic tools that likely don't support this or that magic we've added over the years.
This may help... there's still a lot of stuck old binary packages while you are on a newer base system:
# pkg bootstrap -f
Cheers,
Franco
#68
General Discussion / Re: http_proxy for bogons-upda...
Last post by franco - February 12, 2026, 08:06:50 PMUsing configctl should work at the loss of the output sometimes, but as far as I know bogons fetch writes elaborate logs about its progress:
# /usr/local/sbin/configctl filter update bogons
# opnsense-log | grep -i bogons
If you find anything weird with that I'm happy for any feedback. I'm not doubting this area/type of setup can use a few tweaks to work better.
Thanks for looking into OPNsense and good luck :)
Cheers,
Franco
# /usr/local/sbin/configctl filter update bogons
# opnsense-log | grep -i bogons
If you find anything weird with that I'm happy for any feedback. I'm not doubting this area/type of setup can use a few tweaks to work better.
Thanks for looking into OPNsense and good luck :)
Cheers,
Franco
#69
25.7, 25.10 Series / Re: Midnight Commander missing
Last post by franco - February 12, 2026, 08:00:13 PMIt's package "mc". I think FreeBSD ports decided to drop the flavours and disable X11 support completely.
Cheers,
Franco
Cheers,
Franco
#70
Hardware and Performance / Re: Warning about RealTek adap...
Last post by meyergru - February 12, 2026, 08:00:04 PMCorrect. But problems with Intel chipset have been reported earlier:
https://www.hwcooling.net/en/realtek-rtl8126-suffers-from-instability-no-5-0gb-s-ethernet-this-year/
It is also clear that the cards have a problem with ASPM:
https://forums.servethehome.com/index.php?threads/realtek-10-gbe-usb-adapters-might-be-on-the-way.47683/post-489414
Wanna buy my adapters?
https://www.hwcooling.net/en/realtek-rtl8126-suffers-from-instability-no-5-0gb-s-ethernet-this-year/
It is also clear that the cards have a problem with ASPM:
https://forums.servethehome.com/index.php?threads/realtek-10-gbe-usb-adapters-might-be-on-the-way.47683/post-489414
Wanna buy my adapters?
