Current list of bugs/issues I've encountered in 20.7

[FullyBorked]

@FullyBorked,

Not "max firewall states", which is 806000, but "max pfTables entries"...

Goldorak92

Crap, you are right, I'm dumb and can't read apparently.  And thank you very much because the fixed it.  I have entries now.  Awesome, so glad that filled that list now.

[Goldorak92]

Ok cool, glad that fixed it
(and this is thanks to @Julien who detailled it in https://forum.opnsense.org/index.php?topic=18628.0)

Goldorak92

[marjohn56]

5. Bogons alias is inexplicably empty at times.  Firewall > Diagnostics > pftables > bogons > "update bogons" does populate the list.   

Sorted by @Ad, 20.7.2 will carry the fix or patch ID 77aa218

[spetrillo]

Is anyone having issues losing DNS? I have Unbound running and I can no longer resolve. I feel like this starts when I upgraded to 20.7.1.

I am going to fall back to 20.7 and see if DNS resolution stays steady.

[FullyBorked]

Is anyone having issues losing DNS? I have Unbound running and I can no longer resolve. I feel like this starts when I upgraded to 20.7.1.

I am going to fall back to 20.7 and see if DNS resolution stays steady.

DNS has been solid for me.  I had some issues like you describe when i was forwarding to DNSCrypt Proxy.  But now I just use unbound on it's own and it seems fine so far. 

[dp]

On the GEOIP issue a few clues and tips. If you look at the GeoIP settings it is reporting as of current 395854 ranges, if the table is 200000 by default then that makes sense. I set mine to 500000 for some space as less than 5000 entries sounds too small to me.

For the easy way to know if it is working just click the apply button on the GeoIP settings page. If the table is overflowing it will report back a generic error, would be really nice if it gave some details. Once you up the table size and go back to GeoIP settings, clicking the Apply button no longer gives an error.

[djbmister]

Just to revist this thread:

The following issue 6. is due to some task doing a capture task - i.e. netmap, tcpdump etc.

Its not a new issue and has been around for freebsd for a while - its not really an issue, its just telling you that packet capture is happening.

6. Seeing log spam just like https://forum.opnsense.org/index.php?topic=18480.msg84175#msg84175 constantly in the log.  Not sure if this is cause of issue #1 or not.

Code: [Select]
kernel: pflog0: promiscuous mode enabled
kernel: pflog0: promiscuous mode disabled

In terms of random disconnects, having run the latest 20.7.5 version of opnsense that is based on the freebsd 12.1, there is some tweaking required for the sysctl kernel settings and nic settings.

For my router, i've disabled mostly known issues - LRO, TSO, HWCHKSUM for nics, the 'EEE' energy settings to off. Tweaked the network stack

Also be aware there is some sort of driver transition going on with intel drivers in the newer freebsd releases, so old tweaks need updating based on the latest freebsd man pages i.e. https://www.freebsd.org/cgi/man.cgi?query=iflib

Pfsense 2.5 is suffering from the same teething issues and reason its not released yet.

[cloudz]

I seem to have an UI issue that I only seem to encounter on 1 of my boxes on 20.7.5. This is an upgrade and the other is a clean install.

Code Select Expand

PHP Warning:  in_array() expects parameter 2 to be array, null given in /usr/local/www/system_general.php on line 434

Seems to be related to this code :

Code Select Expand

<?php                  foreach (legacy_config_get_interfaces(array('virtual' => false, "enable" => true)) as $iface => $ifcfg):?>


                    <option value="<?=$iface;?>" <?=in_array($iface, $pconfig['dnsallowoverride_exclude']) ? "selected='selected'" : "";?>>
                      <?= $ifcfg['descr'] ?>
                    </option>


[FullyBorked]

Thanks for bringing this back up.  I bout forgot about it.  I've updated it a bit to better reflect my current experience.