New install suddenly unstable pings

Started by dj0382, May 04, 2025, 10:33:59 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 04, 2025, 10:33:59 PM
I have been running and testing the latest OPNsense on a Lenovo SFF, i5-8400, 8GB RAM, 256GB NVMe and 2x TP-LINK TG-3468 for about 24 hours now.

I've stresstested it all day and seemingly without any issues, until I suddenly discovered I could not reach the guest router anymore. I've had a static route 10.0.1.0/24 going to 10.0.1.2 so I could reach it from the LAN side. After some rule-fiddling, I noticed that it was seemingly random what network client was able to ping 1.1.1.1.

Setup is very simple, WAN towards ISP.
LAN at 10.0.0.1 with DHCP to 10.0.0.2-99.
LAN also has a VIP/Virtual IP, 10.0.1.1 that guest router uses as gateway.
Guest router WAN IP is 10.0.1.2 to be on the same subnet as the VIP.
With net.inet.ip.forwarding=1 I've been able to have things working almost straight away, getting it online.

But now towards the evening, I'm tired and worn out from troubleshooting the ping issue... Could it be the cheap cards? If so, any way to verify?

I've been "on the phone" with AI about it which insisted I had to use NAT outbound rules per 10.0.0.0/24 and 10.0.1.0/24 but I've tried that and it makes no difference.

Should I give up on this hardware or am I routing the guest router wrong by using VIP as a gateway for it on a separate subnet? I do it for the ability to force it through the firewall and make filtering towards the private LAN, and not have it send traffic directly to other LAN clients as it would if it's on the same LAN.

I'm limited on hardware, I don't have a router that speaks VLAN (unless perhaps I flash it with OpenWRT) and I only have 2 ports on the firewall LAN/WAN. Goal is to separate the guest router clients from the rest of the LAN while being able to physically connect it to the LAN.

Sorry if this is messy... I've been at getting a home router up and running properly for 3-4 days straight and really worn out. My old Zyxel USG20 died, but I have a RT-AC68U (old...) newly flashed with OpenWRT as backup, and I'm very close to just go there.

Hopefully it's a simple routing/NAT type issue I haven't yet learned about that you recognize quickly... 🙏

Okay, so..right now:
My guest router clients can ping 1.1.1.1, but not 8.8.8.8.
My LAN clients seem to be able to do the opposite... And then sometimes without me doing anything, it changes... is this NAT? Or bad voodoo cards? Please help.
Print
Go Up Pages1
User actions