Recent posts

#71

26.1 Series / Re: IPv6 downstream router (Fr...

Last post by Monviech (Cedrik) - February 12, 2026, 06:32:56 PM

Thank you for providing info that helped to find a bug and verify the prefix delegation with KEA.

I feel like you were the first one trying (that I read), so the feedback was very valuable :)

#72

General Discussion / Re: DNS Processsing Time faste...

Last post by nero355 - February 12, 2026, 06:27:16 PM

Whatever the reason, you keep agreeing with me and fighting with yourself.

Dude you are being weird... I am just trying to help you and explain a few things... No need to be like that...

#73

26.1 Series / Re: IPv6 downstream router (Fr...

Last post by GerhardHeus - February 12, 2026, 06:17:56 PM

Dear Naurice and Cedrik, once again many thanks for your support and comments. It *seems* to work now with KEA with GUA + Legacy Track Interface + RA without configuration active for LAN. There were two things needed: 1) the route must be set up; this is now working fine after the patch and 2) I originally set the delegated length in KEA to a value lower than 64, knowing that Fritz needs at least 2 /64 prefixes. Then I read in some documentation that ISC DHCPv6 supplies prefixes in /64's; when I changed the delegated length in KEA to 64, also Fritz accepted the prefixes for both its guest and non-guest networks (the numbering is slightly different than in the ISC DHCPv6 case, but that doesn't matter.

It is running now for a few hours; maybe it is too early to give a definitive judgement, but I am alreay v ery happy about the result. Onve again, many thanks!

#74

General Discussion / Re: DNS Processsing Time faste...

Last post by coffeecup25 - February 12, 2026, 06:11:42 PM

Re your 'Geographical Donains' idea: Not possible. Adguard Home filters thousands of queries and hour when my streaming TV gets involved and I have several Roku Boxes in the house active at all times.

What do you mean exactly ?!

When you run Unbound as the Forward DNS Server for AdGuard you can experience such geographical delays and that's why they are shown in your statistics.

I can see the same thing in my Pi-Hole Query Log because I use Unbound as Forward DNS Server in Recursive DNS Server Mode and Unbound in OPNsense has the same function by default as far as I know.

This is my configuration : https://docs.pi-hole.net/guides/dns/unbound/#what-does-this-guide-provide
You can read there how a Recursive DNS Server works ;)

Whatever the reason, you keep agreeing with me and fighting with yourself.

Normal DNS is faster than unbound. Quite the surprise. I changed over from unbound yesterday.

And to be clear, I am using Opnsense System settings DNS. Not Adguard.

#75

General Discussion / Re: Help with turnserver commu...

Last post by NoelleAttachedStorage - February 12, 2026, 06:07:17 PM

Discord is SPYWARE as far as I am concerned so the less you have to deal with it the better! ;)

yeah it really sucks how much information is locked behind using it these days.

#76

Hardware and Performance / Re: [solved] Intel i226 Firmwa...

Last post by stef - February 12, 2026, 06:05:34 PM

I tried windows too (and linux again) and I still get the same error:

Code Select Expand

Inventory
[00:003:00:00]: Intel(R) Ethernet Controller I226-V
Alternate MAC address is not set.
Flash inventory started.
Shadow RAM inventory started.
Shadow RAM inventory finished.
Flash inventory finished.
OROM inventory started.
OROM inventory finished.
Update
[00:003:00:00]: Intel(R) Ethernet Controller I226-V
Flash update started.
Error:    Flash update failed.
Device update failed.
Update security revisions
[00:003:00:00]: Intel(R) Ethernet Controller I226-V
Skipping update minimum security revisions.
Update VPD with VPD template
[00:003:00:00]: Intel(R) Ethernet Controller I226-V
Skipping VPD update with VPD template.
The NIC is a i226-V revision 4, i suppose it's genuine (but I have no idea how to check)

On Linux and Windows the card is read correctly, both ports show up in the inventory without issues and are recognised as Intel i226-V rev4

#77

General Discussion / Re: Help with turnserver commu...

Last post by NoelleAttachedStorage - February 12, 2026, 06:03:09 PM

I've only just installed OPNsense maybe a month ago and honestly have very little familiarity with it lol. I did enable static port for the coturn container on the unraid machine but was still having problems, so I just decided it would be easier to run on the OPNsense router directly. My Nextcloud instance can't work with the built in turn server they use because I use a cloudflare proxy that breaks it. I think it would be simplest to enable the coturn service on my router, and point Matrix, Nextcloud, and any future webRTC applications at the coturn(.)my-domain.org I created.

I found this blog post, but it seems a bit outdated and with extra steps https://blog.wolfspyre.com/2024/may/opnsense-gets-its-turn/ I was hoping someone had more recently used the plugin and could share their settings/rules.

#78

General Discussion / Re: DNS Processsing Time faste...

Last post by nero355 - February 12, 2026, 05:54:42 PM

Re your 'Geographical Donains' idea: Not possible. Adguard Home filters thousands of queries and hour when my streaming TV gets involved and I have several Roku Boxes in the house active at all times.

What do you mean exactly ?!

When you run Unbound as the Forward DNS Server for AdGuard you can experience such geographical delays and that's why they are shown in your statistics.

I can see the same thing in my Pi-Hole Query Log because I use Unbound as Forward DNS Server in Recursive DNS Server Mode and Unbound in OPNsense has the same function by default as far as I know.

This is my configuration : https://docs.pi-hole.net/guides/dns/unbound/#what-does-this-guide-provide
You can read there how a Recursive DNS Server works ;)

#79

Hardware and Performance / Re: DEC-850v1 with Netboard A2...

Last post by nero355 - February 12, 2026, 05:40:07 PM

You can replace one disk at a time. I would practice with a vm first with a fresh mirrored install and then remove a disk and add another

There seem to be a lot of Linux centric tutorials out there but the commands should work fine

https://jordanelver.co.uk/blog/2018/11/26/how-to-replace-a-failed-disk-in-a-zfs-mirror/

IMHO that article is not the best way to do it !!

It's always recommended to :
- Leave the defect HDD/SSD inside the system.
- Connect the replacement HDD/SSD to the system either internally or externally.
If externally then make sure the whole HDD/SDD is exposed and there are no hidden/blocked parts issues because of the used USB to SATA Controller for example !!
- Then do the whole replacement procedure with ZFS commands.
- Once the resilvering/rebuild is done THEN disconnect the old defect HDD/SSD.

Now you are really done! :)

In cases where you can't attach more storage devices easily I think this is the best option and maybe even the fastest in case of OPNsense =>

Easiest way but with more downtime:

- create a configuration export/backup
- shutdown system, change both SSDs
- boot from USB and perform a fresh installation
- if you pick both SSDs in the installer it will create a mirrored setup automatically
- perform config restore

Done.

#80

26.1 Series / Re: Unstable internet connecti...

Last post by pseudonym3k - February 12, 2026, 05:33:15 PM

Does anyone know if there is a way to do multiple ping target IPs for the gateway monitor? Total of two or even three? If the first ping is unsuccessful, move to the second, if that's unsuccessful then try the third, and only assume the gateway is unavailable if all targets cannot be reached?