"Recent posts
#81
General Discussion / Re: Configuring DNS for Client...
Last post by Patrick M. Hausen - January 10, 2026, 02:46:23 PMThe server your clients should use goes into the DHCP options for the respective interface.
#82
German - Deutsch / Re: OPNsense und Hyper-V
Last post by Andi_s75 - January 10, 2026, 02:38:46 PMDanke nochmals für eure Unterstützung. Es läuft jetzt alles so, wie ich es mir vorstelle. Ich werde das mit der Appliance erstmal verwerfen, zumindest bei diesem Thema.
#83
General Discussion / Configuring DNS for Clients
Last post by CursedGravity - January 10, 2026, 02:17:39 PMI am trying to configure DNS for my clients. I've tried configuring an upstream server in Query Forwarding and in DNS Servers in the general tab, but to no avail. Can any one please advise on how to do so?
#84
General Discussion / Re: Unable to remove neighbor ...
Last post by Rowebo - January 10, 2026, 02:03:44 PMSorry -- one additional note: I can see the devices under Interfaces\Diagnotics\ARP Table . . . but they don't seem to be editable there either.
#85
General Discussion / Re: Unable to remove neighbor ...
Last post by Rowebo - January 10, 2026, 02:00:52 PMGood Morning: I'm having a similar and possibly related problem. Just updated to 25.7.10. Saw an indication of one unexpected error during the update, but then got an indication that the update completed successfully. I had set my devices up with static IP addresses in the prior version. The interface seems to have changed substantially, but in the 25.7.10 under Interfaces\LAN the IPv4 config type is set to "Static IPv4."
My devices now seem to be listed now as "neighbors" and appear to be working. But I believe there was a name field or similar before, where now there's only a description. The devices are all listed as dhcpd-lan, and, for exmaple, my Ecobee thermostat description now says "Living Room" (I think the name field Id'd it before as a Thermostat). This leads to several questions:
1. Am I still running static IPs as before?
2. If not, do I have to reset each device as static, and where/how do I do that?
3: The Neighbors page doesn't seem to allow me to change the description to be more, well, descriptive (if we're ditching the name field), and I thus far can't find a way to do that.
4.
4. It's now unclear how I distinguish between static and DHCP addresses, and how I swap a DHCP entry to a static address -- which, once I looked around the interface, seemed relatively straightforward in the prior version. I could see everything, set static addresses, and then look at something like the neighbors list to
Seems likely I'm just going something wrong. Looked for a log entry after the reported error during the update and didn't find a thing. Currently stumped.
Things seem to be working fine thus far, so this seems relatively minor. But it would help to know if I'm just struggling with the new interface or if there's an issue. If the latter, happy to report whatever is useful -- but somebody will have to tell me what to look for in info that would help.
Thanks much for any help.
My devices now seem to be listed now as "neighbors" and appear to be working. But I believe there was a name field or similar before, where now there's only a description. The devices are all listed as dhcpd-lan, and, for exmaple, my Ecobee thermostat description now says "Living Room" (I think the name field Id'd it before as a Thermostat). This leads to several questions:
1. Am I still running static IPs as before?
2. If not, do I have to reset each device as static, and where/how do I do that?
3: The Neighbors page doesn't seem to allow me to change the description to be more, well, descriptive (if we're ditching the name field), and I thus far can't find a way to do that.
4.
4. It's now unclear how I distinguish between static and DHCP addresses, and how I swap a DHCP entry to a static address -- which, once I looked around the interface, seemed relatively straightforward in the prior version. I could see everything, set static addresses, and then look at something like the neighbors list to
Seems likely I'm just going something wrong. Looked for a log entry after the reported error during the update and didn't find a thing. Currently stumped.
Things seem to be working fine thus far, so this seems relatively minor. But it would help to know if I'm just struggling with the new interface or if there's an issue. If the latter, happy to report whatever is useful -- but somebody will have to tell me what to look for in info that would help.
Thanks much for any help.
#86
General Discussion / Re: Is ChatGPT. correct about ...
Last post by viragomann - January 10, 2026, 01:26:28 PMQuote from: lorem on January 10, 2026, 03:33:07 AMI want the VPN VLAN traffic to use the VPN tunnel DNS serverSo the VPN provider gives you a DNS server to use?
If so you can either just configure the VLAN clients to use it for DNS resolution (also via DHCP) or simply redirect all DNS traffic to it. The latter only works with unencrypted DNS, however, this shouldn't matter here.
In both cases you need to route the DNS traffic to the VPN server, of course, and in both the clients are not able to resolve local host names.
But I cannot think of any possibility to route Unbound upstream requests for one VLAN over the VPN, while the other traffic goes to WAN.
#87
25.7, 25.10 Series / Re: Dnsmasq stops occasionaly
Last post by Monviech (Cedrik) - January 10, 2026, 01:01:10 PMIt could be assumed its some sort of memory leak.
Can you check how much RAM dnsmasq takes and if it increases steadily?
Can you check how much RAM dnsmasq takes and if it increases steadily?
#88
25.7, 25.10 Series / Re: Dnsmasq stops occasionaly
Last post by ligand - January 10, 2026, 12:16:10 PMWelp, KEA stopped working this morning and I had to fail back to dnsmasq to get the network up and running again... can I provide additional logs to identify why dnsmaq stops randomly?
#89
General Discussion / Re: Is ChatGPT. correct about ...
Last post by lorem - January 10, 2026, 11:51:51 AMI already have an encrypted DNS service for the non-VPN VLAN so using Mullvad DNS would not improve the situation. I still want all VPN network traffic to only go through the VPN gateway (which is the normal case).
If the VPN network goes down I want to be able to plug a laptop into the non-VPN port and have it work.
I want to know if I am forced to send all networks DNS through either the VPN gateway or not the VPN gateway.
If the VPN network goes down I want to be able to plug a laptop into the non-VPN port and have it work.
I want to know if I am forced to send all networks DNS through either the VPN gateway or not the VPN gateway.
#90
General Discussion / Re: Is ChatGPT. correct about ...
Last post by OPNenthu - January 10, 2026, 10:04:15 AMI think this is nuanced and there are multiple ways you could possibly configure the network, but here's one idea. Some VPN providers offer a standalone public DNS service. You could configure Unbound as a DoT forwarder to that upstream so that it always sends encrypted DNS requests to the VPN provider whether you are using the tunnel or not.
Here's the info for Mullvad, for instance: https://mullvad.net/en/help/dns-over-https-and-dns-over-tls
This is an option only if you are OK with your VPN provider getting to know all your DNS requests and if you find the latency acceptable.
Here's the info for Mullvad, for instance: https://mullvad.net/en/help/dns-over-https-and-dns-over-tls
This is an option only if you are OK with your VPN provider getting to know all your DNS requests and if you find the latency acceptable.
