Recent posts

Servus zusammen,

ich habe eine OPNSense Applicance (DEC2770) bei mir im Rechenzentrum seit dem Frühjahr laufen, 3 VLANs (Intern, DMZ, Managemnt), diverse Dienste NGINX, Acme, Squid usw laufen.

Grundsätzlich läuft alles, jedoch habe ich sporadisch das Problem, dass die Firewall aussteigt und nur durch Stromtrennung wieder hoch kommt.

Vorfall 1 vor ~2 Monaten:
- Ich hatte kein Zugriff mehr auf keine IPs in den 3 Netzen.
- Erst die Netze weg, dann auch OPNSense weg
- Kollege kam noch wenige Minuten drauf, aber zu langsam um noch was zu machen.

Hingefahren, Stromab und dran, alles lief wieder. Updates gemacht und auf den Stand gebracht:

Versions
OPNsense 25.7.3_7-amd64
FreeBSD 14.3-RELEASE-p2
OpenSSL 3.0.17

Ausfall 2.
Heute gegen 11:30 kein Zugriff mehr von aussen auf die Dienste.
- Ich bin per Wireguard noch connected gewesen, kam noch in die DMZ und ins Interne. Managment war gar nicht mehr zu erreichen.
- Reboot gemacht, aber kam nicht wieder.
- Also ich hin, Kollege schon bereits auf dem Weg.
- Er trifft vor mir ein und startet hart neu, alles geht wieder.

Vielleicht suche ich in den Logfiles an der falschen Stelle, aber vielleicht weiß jemand wonach und wo ich suchen müsste. Das hört sich doch irgendwie nach einem Problem mit pf (Packet Filter) oder Hardware an?

Die Hardware ist ein Jahr alt.

#85

25.7, 25.10 Series / Re: Changing NIC caused me a w...

Last post by mooh - December 04, 2025, 05:01:51 PM

For a while I had an old mac mini with additional thunderbolt ethernet ports as a backup for a DEC750. I used to download the config from the DEC750 and run it through sed (global search and replace tool) to replace all interface names, like "s/igb0/bge1/g" and so on. One may even map multiple interfaces from the old setup to one in the new one. Worked like a charm for me.

Just note down the interface names on the originating machine, log into a default installation on the destination machine and you'll see which interface names need to be replaced and how. Modify the config file and restore it on the new hardware. Same in your case, when changing interface adaptor cards.

#86

General Discussion / Re: Unbound strange behavior

Last post by ricksense - December 04, 2025, 04:50:00 PM

Quote from: Patrick M. Hausen on December 04, 2025, 04:45:17 PMAs I wrote: investigate the cause of the SERVFAIL by looking at the log files.

If I set "Use System Nameservers" in the Query Forwarding settings, it works but I don't think Unboud is working properly this way.
Thanks

#87

General Discussion / Re: Unbound strange behavior

Last post by Patrick M. Hausen - December 04, 2025, 04:45:17 PM

As I wrote: investigate the cause of the SERVFAIL by looking at the log files.

#88

Zenarmor (Sensei) / Re: Remote Elasticsearch Datab...

Last post by Patrick M. Hausen - December 04, 2025, 04:43:42 PM

Configure a firewall port forward or a TCP reverse proxy from localhost:9200 (or whatever ZA/elasticsearch uses) to the destination host, maybe?

#89

General Discussion / Re: Unbound strange behavior

Last post by ricksense - December 04, 2025, 04:43:06 PM

Quote from: Patrick M. Hausen on December 04, 2025, 04:41:04 PMProbably local resolution fails entirely. You need to investigate the logfiles to find the cause of that SERVFAIL.

Your browsers continue to work because modern browsers implement their own methods of name resolution.

Yes, I found out that I can browser websites via Firefoxr because I had cloudflare DOT activatet on it.
But if I disabled it, I have the same problem. So, there is definitely something wrong with the DNS requests to Unbound.
But what exactly?

Thanks

#90

General Discussion / Re: Unbound strange behavior

Last post by Patrick M. Hausen - December 04, 2025, 04:41:04 PM

Probably local resolution fails entirely. You need to investigate the logfiles to find the cause of that SERVFAIL.

Your browsers continue to work because modern browsers implement their own methods of name resolution.

Pages 1 ... 7 8 9 10