"Recent posts
#91
25.7, 25.10 Series / Re: IPv6 link-local route does...
Last post by franco - January 22, 2026, 03:31:05 PM> When it comes up, the route for <prefix48>fff0::/60 to FE80::2%vtnet3 is missing from the routing table until I click the 'Apply' button on the routing config screen on the main router.
Maurice, could this overlap with the blackhole route we added for the delegated prefix?
Cheers,
Franco
Maurice, could this overlap with the blackhole route we added for the delegated prefix?
Cheers,
Franco
#92
Hardware and Performance / Re: [solved] Intel i226 Firmwa...
Last post by Waldus66668 - January 22, 2026, 03:30:43 PMSorry for making confusion. What I wrote is not 100% accurate for i226.
But in general eeupdate64e is easier to use since it does not require configuration file.
But going back to i226 - my workflow is following:
1 - to determine inventory I use Linux version of nvmupdate64e (from Intel driver pack)
2 - to flash i226 NVM I use Linux version of eeupdate64e. Please see this link:
CSG150 i226 NIC NVM update instructions
There in step 5 you will find instruction. Direct link to download Linux version of eeupdate64e is here:
CSG150_NVM_225.tar.gz
For me this has been working reliably.
Unfortunately EFI version of eeupdate64e compatible with i226 is not publicly available.
But in general eeupdate64e is easier to use since it does not require configuration file.
But going back to i226 - my workflow is following:
1 - to determine inventory I use Linux version of nvmupdate64e (from Intel driver pack)
2 - to flash i226 NVM I use Linux version of eeupdate64e. Please see this link:
CSG150 i226 NIC NVM update instructions
There in step 5 you will find instruction. Direct link to download Linux version of eeupdate64e is here:
CSG150_NVM_225.tar.gz
For me this has been working reliably.
Unfortunately EFI version of eeupdate64e compatible with i226 is not publicly available.
#93
26.1 Series / Re: Upgrade to RC1 successful
Last post by franco - January 22, 2026, 03:16:24 PMAh, oui, naturellement. ;)
I added a note about the plugin situation in the forum announcement post.
The "https://192.168.1.1" is a bit of a hardcoded relic.
https://github.com/opnsense/core/blob/e75192ca461dfa/src/sbin/opnsense-installer#L53
From an imported config where "lan" may not exist it can be difficult to extract the correct value from. Let's call it an artefact for now.
Cheers,
Franco
I added a note about the plugin situation in the forum announcement post.
The "https://192.168.1.1" is a bit of a hardcoded relic.
https://github.com/opnsense/core/blob/e75192ca461dfa/src/sbin/opnsense-installer#L53
From an imported config where "lan" may not exist it can be difficult to extract the correct value from. Let's call it an artefact for now.
Cheers,
Franco
#94
25.7, 25.10 Series / Re: IPv6 link-local route does...
Last post by matt335672 - January 22, 2026, 03:12:19 PMThanks both.
I was using PD with ISC dhcpd for this, and it was working (mostly) fine. For what I'm doing there's no advantage in using PD really, so I'd like to get the static routes working.
I'm not keen on messing around with my primary router for this, so I'll try setting up a VM with just my static routes on it and see what happens. There are only 3. If I can reproduce it on that, it should make a fault report easier.
I was using PD with ISC dhcpd for this, and it was working (mostly) fine. For what I'm doing there's no advantage in using PD really, so I'd like to get the static routes working.
I'm not keen on messing around with my primary router for this, so I'll try setting up a VM with just my static routes on it and see what happens. There are only 3. If I can reproduce it on that, it should make a fault report easier.
#95
26.1 Series / Re: Upgrade to RC1 successful
Last post by patient0 - January 22, 2026, 03:00:08 PMSame for me, I did pgrades two OPNsense installation.
One from an installation which was on the Development channel, by switching as France explained, no issue.
The other was on the Dev channel too (not that it matters), exported config (to be sure) and reinstalled using the DVD ISO. The config was found on the ZFS pool and installation when smooth, and with the config found on the ZFS pool.
The only confusing thing was that after the installation and before the reboot the text on the console told me that the OPNsense GUI will be reachable on 192.168.1.1. That specific installation is IPv6 only, so I wasn't sure if the config was applied correctly - but it was.
One from an installation which was on the Development channel, by switching as France explained, no issue.
The other was on the Dev channel too (not that it matters), exported config (to be sure) and reinstalled using the DVD ISO. The config was found on the ZFS pool and installation when smooth, and with the config found on the ZFS pool.
The only confusing thing was that after the installation and before the reboot the text on the console told me that the OPNsense GUI will be reachable on 192.168.1.1. That specific installation is IPv6 only, so I wasn't sure if the config was applied correctly - but it was.
#96
26.1 Series / Upgrade to RC1 successful
Last post by Maurice - January 22, 2026, 02:46:28 PMJust a quick report that I upgraded from the 25.7.11 development version to 26.1.r1, so far without issues.
Switching back to Community doesn't replace the automatically installed os-isc-dhcp-devel plugin with the non-devel version, but I think that's expected. It's an additional manual step which might be worth mentioning in the upgrade instructions.
I keep hostwatch disabled for the time being, so no statement about that.
Cheers
Maurice
Switching back to Community doesn't replace the automatically installed os-isc-dhcp-devel plugin with the non-devel version, but I think that's expected. It's an additional manual step which might be worth mentioning in the upgrade instructions.
I keep hostwatch disabled for the time being, so no statement about that.
Cheers
Maurice
#97
25.7, 25.10 Series / Re: CALL FOR TESTING: IPv6 imp...
Last post by franco - January 22, 2026, 01:59:44 PMSo https://github.com/opnsense/ports/commit/a1996a8fe27 is coming to 26.1-RC2 soon. That more or less concludes 1.)
For 2.) I'll publish new patch instructions after 26.1 is out. I think they don't apply cleanly in all cases anymore since there were more moving parts and some things from the patch have been extracted and moved to the master branch because they were safe as is.
Thanks,
Franco
For 2.) I'll publish new patch instructions after 26.1 is out. I think they don't apply cleanly in all cases anymore since there were more moving parts and some things from the patch have been extracted and moved to the master branch because they were safe as is.
Thanks,
Franco
#98
25.7, 25.10 Series / Re: [SOLVED] hostwatch at 100%...
Last post by franco - January 22, 2026, 01:38:43 PMhttps://github.com/opnsense/hostwatch/commit/482b45ce is on the way but not in 1.0.6.
For specific issues it may make sense to raise a ticket, but multiple versions are in flight now so it would be better to wait for the final one that's going into 26.1 to make reports on.
Cheers,
Franco
For specific issues it may make sense to raise a ticket, but multiple versions are in flight now so it would be better to wait for the final one that's going into 26.1 to make reports on.
Cheers,
Franco
#99
Announcements / Re: OPNsense 26.1-RC1 released
Last post by franco - January 22, 2026, 01:00:56 PMThe upgrade path from the development version was successfully tested and unlocked now.
To go to 26.1-RC1 from 25.7.11 switch firmware settings type to "Development", save, check for updates and install. Then check for updates again to do the upgrade. After successful upgrade switch back to "Community" and save and check for updates and install to land on 26.1-RC1.
You can then either remove the ISC-DHCP plugin altogether (if you are sure you don't use it -- it provides automatic DHCPv6 servers to LANs in some cases) or switch the plugin to the non-devel version from the plugins tab.
Please note we do not vet upgrades with third party plugins and repositories.
To go to 26.1-RC1 from 25.7.11 switch firmware settings type to "Development", save, check for updates and install. Then check for updates again to do the upgrade. After successful upgrade switch back to "Community" and save and check for updates and install to land on 26.1-RC1.
You can then either remove the ISC-DHCP plugin altogether (if you are sure you don't use it -- it provides automatic DHCPv6 servers to LANs in some cases) or switch the plugin to the non-devel version from the plugins tab.
Please note we do not vet upgrades with third party plugins and repositories.
#100
25.7, 25.10 Series / Re: [SOLVED] hostwatch at 100%...
Last post by meyergru - January 22, 2026, 12:59:59 PMI now installed 1.0.6 and re-enabled the service again. It works and CPU is not at 100%, but there is a hefty number of disk writes in bursts every minute and also, the SQLite db journal file is deleted after each transaction data batch has been committed. Using rollback capability in such a way incurs a huge penalty on writes, especially on ZFS.
Just a guess here: But I think that SQL rollback capability is not needed for this purpose and when I glanced at the hostwatch code, I found that the journaling mode is WAL, where other modes (like MEMORY or even OFF) might be more appropriate.
On a side note: I had some strange effects with the old version of the service - namely, that my own ping-based discovery tool suddenly had entries for every IP in the subnet active. Don't ask, IDK why or how this happened. I just disabled the service for the time being.
Just a guess here: But I think that SQL rollback capability is not needed for this purpose and when I glanced at the hostwatch code, I found that the journaling mode is WAL, where other modes (like MEMORY or even OFF) might be more appropriate.
On a side note: I had some strange effects with the old version of the service - namely, that my own ping-based discovery tool suddenly had entries for every IP in the subnet active. Don't ask, IDK why or how this happened. I just disabled the service for the time being.
