Recent posts

#81

25.7, 25.10 Series / Re: Hostwatch - high disk writ...

Last post by jjelliott - January 16, 2026, 10:16:30 PM

Looking at iostat in the console, I am seeing high disk writes, too.

Code Select Expand

root@OPNsense:~ # iostat -x
                        extended device statistics
device       r/s     w/s     kr/s     kw/s  ms/r  ms/w  ms/o  ms/t qlen  %b
ada0           1     107     42.0   2570.7     1     1     0     1    0   8
You can see the instantaneous rate by issuing

Code Select Expand

iostat -x 2.  When I disable Automatic Discovery, the instantaneous writes drop back to near zero.

This is on a small home network.  I have disabled the feature for now.

#82

25.7, 25.10 Series / Re: CALL FOR TESTING: IPv6 imp...

Last post by Maurice - January 16, 2026, 10:08:58 PM

Hey Franco,

Multi-WAN IPv6 user here. :) WAN1 requests address + prefix, WAN2 only requests an address.

I performed 1. and don't see any immediate issues after the reboot.
Can we see the (remaining) lifetime somewhere? It doesn't seem to be reflected in the prefix lifetime advertised by radvd on tracking LAN interfaces.

If there aren't any issues in the next two days or so, I'll go ahead and test 2., too.

Cheers
Maurice

#83

Virtual private networks / 25.7.11 broke my openvpn conne...

Last post by richaras - January 16, 2026, 10:01:15 PM

i use PIA client in openvpn.  After upgrading yesterday to 25.7.11, my connection status says "resolve".

The log files say

WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info
NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Google say add "remote-cert-tls server" to the configuration file.  The options on the client settings no longer contain the remote-cert-tls server  option to select it.

I tried to edit the .conf file directly on the console, but my changes are removed when i restart the service?

it was working fine in 25.7.10...?

Does anyone use the PIA VPN client and does it work for you in 25.7.11?

#84

25.7, 25.10 Series / Re: Hostwatch - high disk writ...

Last post by OPNenthu - January 16, 2026, 09:57:32 PM

Mine is using only ~56k so far since upgrade, but my home network is small.

Code Select Expand

root@firewall:/var/log/hostwatch # ls -l
total 56
-rw-------  1 root wheel 56388 Jan 16 14:35 hostwatch_20260116.log
lrwxr-x---  1 root wheel    41 Jan 16 15:01 latest.log -> /var/log/hostwatch/hostwatch_20260116.log


Is your hostwatch log being flooded with error messages, or is most of your log filled with host discoveries?

#85

German - Deutsch / Re: Welches DSL-Modem für VDSL...

Last post by chemlud - January 16, 2026, 09:57:32 PM

"Für alle anderen Anschlüsse gilt: Beginnen Sie mit der MDM7. Sollte das Modem nicht oder zu niedrig synchronisieren, dann probieren Sie bitte die MDM6-MDM1 und abschließend die STD."

Mein Vigor 166 macht VDSL2 mit Mode 17A bei den Telekomikern mit der FW "4.2.7_STD".... Seit Jahren stabil.

#86

25.7, 25.10 Series / Re: Hostwatch - high disk writ...

Last post by GreenMatter - January 16, 2026, 09:37:17 PM

Well, it's either enabled or not. There may be a bug that doesn't stop it but I haven't seen it. Worst case a reboot would take care of it (when properly disabled).


Cheers,
Franco

Does hostwatch suppose to create such disk writes?

#87

25.7, 25.10 Series / Re: Hostwatch - high disk writ...

Last post by franco - January 16, 2026, 09:26:15 PM

Well, it's either enabled or not. There may be a bug that doesn't stop it but I haven't seen it. Worst case a reboot would take care of it (when properly disabled).


Cheers,
Franco

#88

25.7, 25.10 Series / Re: Hostwatch - high disk writ...

Last post by GreenMatter - January 16, 2026, 09:10:27 PM

https://github.com/opnsense/changelog/blob/efe03ef435b5abfff641262fd69e02efd926be5a/community/25.7/25.7.11#L10-L12

Interfaces: Neighbors: Automatic Discovery.


Cheers,
Franco

Thanks, I've seen it. But it still causing really high disk writes. For a time being I stopped this service...

#89

25.7, 25.10 Series / Re: Hostwatch - high disk writ...

Last post by franco - January 16, 2026, 09:02:37 PM

https://github.com/opnsense/changelog/blob/efe03ef435b5abfff641262fd69e02efd926be5a/community/25.7/25.7.11#L10-L12

Interfaces: Neighbors: Automatic Discovery.


Cheers,
Franco

#90

General Discussion / Re: Bhyve on OPNsense for virt...

Last post by gspannu - January 16, 2026, 08:53:38 PM

Chipping in from some experience with my setup.

netgraph networking works very well with bhyve.

I use the following script to setup a bridge to link the virtual machine directly to the OPNSense LAN interface:

Code Select Expand

# Setup ng_bridge if required
if ! ngctl status bnet0: >/dev/null 2>&1; then
  ngctl -f- <<END
    mkpeer igc0: bridge lower link0
    name igc0:lower bnet0
    connect igc0: bnet0: upper link1
    msg igc0: setpromisc 1
    msg igc0: setautosrc 0
END
fi

This creates a bridge linked to igc0 (my OPNsense LAN interface) and prepares for bhyve to attach.

bhyve can subsequently attach to the bridge as follows:

Code Select Expand

bhyve \
-c sockets=1,cores=8,threads=1 \
-m 16G \
-s 0,hostbridge \
-s 2,virtio-blk,/vm/hdd.img \
-s 3,virtio-net,netgraph,path=bnet0:,peerhook=link2 \
-s 4,virtio-9p,data=/zdata/vm \
-s 5,virtio-rnd \
-s 31,lpc \
-l bootrom,/vm/BHYVE_UEFI.fd,/vm/efi-vars.fd \
-l com1,stdio \
-u \
-H -P -S \

This has provided very stable and performant networking on the bhyve instance.

Thanks...

Few questions:
1) Can you post your entire setup instructions of running bhyve on OPNsense. I tried to follow the previous posts, but am unable to get an Alpine VM to install.

2) Your networking script - does this auto start at boot up of OPNsense or how to manage this?

Some help in setting up a complete bhyve (Alpine Linux VM) from scratch would be very helpful. Thank you.