Recent posts

#81

General Discussion / Re: Local mirror via rsync is ...

Last post by olivafn88 - January 14, 2026, 05:35:15 PM

Sync from Leaseweb, e.g. http://mirror.wdc1.us.leaseweb.net/


Cheers,
Franco

Code Select Expand

# rsync rsync://mirror.wdc1.us.leaseweb.net/opnsense
_____   _______ _______ _______ _______ ________ _______ ______
|     |_|    ___|   _   |     __|    ___|  |  |  |    ___|   __ \
|       |    ___|       |__     |    ___|  |  |  |    ___|   __ <
|_______|_______|___|___|_______|_______|________|_______|______/

                   -= Leaseweb mirror service =-

Welcome to mirror.wdc2.us.leaseweb.net!

This mirror is located at Manassas, VA, USA and
is running on a 10 Gbps connection
with approximately 86 TB storage.

This archive is available over http, ftp and rsync.

HTTP  [http://mirror.wdc2.us.leaseweb.net]
FTP   [ftp://mirror.wdc2.us.leaseweb.net]
RSYNC [rsync://mirror.wdc2.us.leaseweb.net]


If you have any issues or comments, please contact the mirror admins via e-mail
at mirrorlsw@leaseweb.com.


DISCLAIMER: Leaseweb is not liable for any use, storage or transmission of any
files stored on this archive. This archive is provided as a free service to the
public and all files are provided as is.



@ERROR: max connections (20) reached -- try again later
rsync error: error starting client-server protocol (code 5) at main.c(1871) [Receiver=3.4.1]
The same for "mirror.wdc2.us.leaseweb.net"

Has anything changed?

mirror.leaseweb.net It's working.

#82

Hardware and Performance / Re: Internet speeds reduced se...

Last post by manki_09 - January 14, 2026, 05:32:09 PM

So, I did a little more testing and replaced the Xfinity XB8 gateway with a Hitron CODA56. I'm not a fan of running ISP equipment especially Xfinity.

Before I swapped the modem out I tried using the 2.5gb USB adapter for the WAN interface. Which yielded the same results.

I continued with the modem swap and connected a laptop with built in 2.5gb nic and saw the full 2gbps/300mbps plus some. I rebooted the modem and connected it up to OPNSense as it was all originally connected.... unfortunately the symptoms remain unchanged.

My next planned test will be to use the 2.5gbe usb adapter on the OPNSense router to bypass the rest of my network and connect my 2.5gb enabled laptop directly to it.

FWIW, I have an XB7 gateway connected to my OPNsense via a 2.5GbE link.  I'm not seeing this, but IIRC it was a little sensitive to which modem port I used.  Have you tried switching the XB8 port?

Yes I did attempt to switch. The others are only 1GB

This is a stab in the dark, but trying turning EEE off on OPNSense.

In the UK, we had issues with the 2.5G port on the DOCSIS 3.1 modem with specific firmware which were related to Energy Efficient Ethernet. We've since had a firmware upgrade on the modem to fix it, but hey...worth a try?

Looks like Intel's X550 chips don't support EEE. Good idea though.

#83

Hardware and Performance / Re: Starting homelab network -...

Last post by Greg_E - January 14, 2026, 05:17:53 PM

General advice:

Make sure your home network is simple and works for the rest of your family, remember that not all of them will have the knowledge to fool with this system if it gets too complex.

As far as the router hardware, as was suggested above, I'd go with 4 ports of Intel i226. Build it or buy it. For build it I like HP T740 thin client with a network card added, but it will be many more watts of power than an n150 or probably more than an n305. I like them because they have a PCIe 3.0 x8 slot and you can put things like quad port x710 (10gbps) cards in there or down to a old quad port Pro1000 card. You can also add an Intel i226 through the wifi card slot with an a+e card which gives you a total of 6 connections. I use the onboard Realtek as a back up management port, not a real workhorse port. Expect at least 30 watts from a T740.

I also use a bunch of T740 for my hypervisor systems, they are in the "good enough" range for a small lab, though decking out the ram is going to break the bank these days (64gb max). I have x520 dual port cards in each of mine, plus the a+e card. I'll be shifting (slowly) to x710 based cards, probably dual port to save some money, the quad port cards are kind of expensive on the used market. I run XCP-ng, and have run VMware vSphere on these (until the license ran out). Working on Hyper-V cluster, then moving on to something else like Harvester or Nutanix and see if these little computers have enough power to handle them. I'm sure Proxmox would be more than fine on the T740 with a reasonable amount of RAM installed. My lab in the following post if you want to see: https://forums.servethehome.com/index.php?threads/my-lab-an-ongoing-project.54462/

#84

Hardware and Performance / Re: DEC2752 console settings

Last post by dmurphy - January 14, 2026, 05:08:04 PM

Counter-intuitive since the console IS a USB port, but happy with the win. :)

How do you come to that conclusion? Are mixing up UART with USB? Or because the connector is USB? If the second, there are quite a few USB (Mini, Micro, C) and even a RJ45 (Cisco-style) serial connector. They are only the physical connector, probalby because they take up a lot less space then the original serial connector.

Simply, because what comes out of the box isn't RS-232.  Not the physical connector nor the protocol.  It's USB - RS-232 rides as a service, if you will, on top of the USB connection, but it's still USB.   Now, to clarify - as Patrick explained above, there's a Prolific USB-to-serial adapter on the board.

As I said, it's somewhat counterintuitive because what the physical hardware presents as USB, but the Prolific chip is somewhat abstracted away from the OS and its settings.  It's even more counterintuitive because it's smooth sailing from power on until runlevel 3 is complete - at which time it stops working.   

Honestly I was overthinking it - the OS just sees dumb RS232 and doesn't care about the prolific chip.

#85

German - Deutsch / Re: Eigener DNS bei einer IPv6...

Last post by Zapad - January 14, 2026, 04:48:04 PM

Hast du DS-Lite?
kannst du ip4 nicht richtig nutzen? vllt. wäre sowas für dich nützlich:

https://www.feste-ip.net/fip-box/allgemeine-informationen/

#86

25.7, 25.10 Series / Re: Error Updating: Release ty...

Last post by Monviech (Cedrik) - January 14, 2026, 04:40:16 PM

Well it looks like the freebsd repository is active, and not the opnsense repository.

#87

German - Deutsch / Re: Eigener DNS bei einer IPv6...

Last post by n3 - January 14, 2026, 04:33:50 PM

Schlimm wenn es nicht die eine Lösung gibt ;-) Verstehe ich es grob richtig, dass aktuelle zwei Ansätze diskutiert werden. Der eine zielt möglichst auf IPv6 only ab und bindet IPv4 dort ein, wo nötig. Führt aber zu einer komplexeren Konfiguration.
Der andere Ansatz ist Dual-Stack, was vielleicht nicht optimal ist, jedoch einfacher zu konfigurieren/betreiben.

Welche Vorteile hat Ansatz 1 und welche Nachteile Ansatz 2?

Gibt es einen Favoriten für mein Szenario (der initiale Aufwand mal außen vor gelassen):
- HomeLab
- Feste/Dynamisch IP Adresse möglich
- Mehrere Interfaces (Consumer-Clients, Server, Kameras, Außennetzwerk)
- proxmox mit opnsense, homeassistant, nextcloud, AdGuard, etc.
- Consumer-Clients sollten von am besten nahtlos von Außen auf homeassistant, nextcloud zugreifen können
- nextcloud sollte aber auch für Dritte verfügbar sein
- Prio 1 Sicherheit, Prio 2 Stabilität und Prio 3 Maintenance

P.S. Hab mich geirrt. Die feste IP kostet 10€  und ab dem 7. Monat dann 23€/mtl.

#88

German - Deutsch / Re: Eigener DNS bei einer IPv6...

Last post by Zapad - January 14, 2026, 04:27:28 PM

Bitte ein paar beispiele für IP6-only Clients?

Bitte keine wo man Dualstack manuell deaktiviert.

Mmn. gibs es nur IP4-Only clients, zb meine Reolink Cams....

und wenn man Dualstack sowieso hat, ist man frei intern alles zu benutzen was man will.

#89

High availability / Re: CARP OS-FRR timeout after ...

Last post by Monviech (Cedrik) - January 14, 2026, 04:24:11 PM

I need the exact configd call that timed out.

Can you search for that in the ssh shell via:

Code Select Expand

opnsense-log configd

after triggering that issue?

#90

German - Deutsch / Umstellung auf IPsec Connetion...

Last post by osmom - January 14, 2026, 04:18:52 PM

Ich habe bisher eine legacy IPsec Verbindung, wo sich die User auf Windows-Clients für die VPN Verbindung gegen einen Radius Server authentifizieren. Dieser Radius Server ist ein MS-NPS und holt seine User-Daten aus einem Active Directory.
Radius Server, User und Firerwall kennen und nutzen eine gemeinsamme CA. Die Firerwall hat ein gültiges Server-Certifikat und nutzt in der Phase 1 EAP-Radius und Key-Exchange V2.
Der User baut unter Benutzung seines Users aus dem Active Diretory: domain\Userkennung + Passwort die VPN-Verbindung mit den in Windows Integrierten VPN-Client auf. In Phase 2 wird bei  der legacy Verbindung das ESP Protokoll genutzt.

Bei den neuen Connections wird  ESP nicht mehr unterstüzt. Meine Konfiguration habe ich nach https://docs.opnsense.org/manual/how-tos/ipsec-swanctl-rw-ikev2-eap-mschapv2.html#method-1-shared-ip-pool-for-all-roadwarriors aufgebaut und auf die Radius angepasst wo es für mich logisch war.
Zur Authentifizierung nutze ich dabe EAP-Radius und EAP-MSCHAPv2.
Der Windowsclient kann sich mit der Connections Verbindung aber nicht authentifizieren und im Log habe ich Einträge das die halboffene Verbindung beendet wird.
Im Anhang noch ein par Screenshots von meinen Einstellungen. Sieht vieleicht wer, was ich falsch gemacht habe?