Trying to get up to date, unit deciding to put up a fight.

Started by A-c0rN, October 04, 2025, 09:18:39 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 04, 2025, 09:18:39 PM
Hey There!
I have an old backup OPNsense box that I have to use due to my primary failing (my fault, oops!), and I have been trying to update this thing.
I am at a loss at this point.

Unit is on a beta branch, 24.7.b_240-amd64, and I want to get it to the latest. Here's all the issues I have (and am) running into:
  • DNS (Of course!)
  • IPv6
  • pkg cache issues
  • Gateway switching
  • And the best, both fetch and curl can only access uris ONCE before never being able to again.

Here's what I have done to try to resolve the issues:

  • Fixed local DNS settings (Everything resolves now)
  • Tested both IPv6 ON and OFF, ruled it out as the problem
  • rebuilt the pkg cache
  • Tested both gateways on and off, used the more reliable one.
  • Tested the fetch command used by opnsense-update with verbosity, and with curl.
  • Built a local mirror of the OPNsense repo to rule out DNS (again)
  • Many, Many reboots

Here's what I have found so far:

DNS isn't the issue. Everything resolves, and both Fetch and Curl resolves the IP. Both commands can work once, and only once, after a reboot.
I created a local mirror of the OPNsense repo to rule out external firewall rules, yet the issue persists with both direct IP and hostname.

The fetch command (slightly modified to timeout faster, not repeat, and with verbosity)
Code Select
fetch -v -T 10 -o /var/cache/opnsense-update/18850/packages-24.7-amd64.tar.sig https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/sets/packages-24.7-amd64.tar.sigThe curl command is the same, just swap the -T for -m

Outputs:
Code Select
resolving server address: pkg.opnsense.org:443
failed to connect to pkg.opnsense.org:443
fetch: transfer timed out
Code Select
* Host pkg.opnsense.org:443 was resolved.
* IPv6: 2001:1af8:5300:a010:1::1
* IPv4: 89.149.222.99
*   Trying 89.149.222.99:443...
*   Trying [2001:1af8:5300:a010:1::1]:443...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:10 --:--:--     0
* Connection timed out after 10003 milliseconds
* Closing connection
curl: (28) Connection timed out after 10003 milliseconds
As seen, both can resolve the IP, they just timeout before ever receiving data.
This happens as well with a local IP and local hostname.

I am at a loss for what is going on here. I've tried most of everything I have come across and thought I should finally come to the experts.
This has been fighting me for 2 days now and beginning to think that my only choices here is to re-install, but I'd rather not if I don't have to.
(Tight schedule, rebuilding would take a bit too long for my liking.)
Just a bean.
October 04, 2025, 10:19:50 PM #1
Save configuration, reinstall ...
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
October 04, 2025, 11:35:08 PM #2
Got it to work, finally!
Turns out, with Curl I could get one request to go through every few requests, and managed to make a command that I could run per Kernel+Base+Package to get the next version upgrade sets.
Then I ran the opnsense-update command with the local flag (bypassed fetch), and got it to update cleanly.

The moment that update completed and the unit had been rebooted, the issues have cleared.

The crazy command I had to do, for anyone who is as unlucky:

Code Select
curl -v -m 30 --retry 5 --retry-delay 1 -o /var/cache/opnsense-update/18850/base-24.7-amd64.txz https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/sets/base-24.7-amd64.txz && \
curl -v -m 30 --retry 5 --retry-delay 1 -o /var/cache/opnsense-update/18850/kernel-24.7-amd64.txz https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/sets/kernel-24.7-amd64.txz && \
curl -v -m 30 --retry 5 --retry-delay 1 -o /var/cache/opnsense-update/18850/packages-24.7-amd64.tar https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/sets/packages-24.7-amd64.tar && \
curl -v -m 30 --retry 5 --retry-delay 1 -o /var/cache/opnsense-update/18850/base-24.7-amd64.txz.sig https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/sets/base-24.7-amd64.txz.sig && \
curl -v -m 30 --retry 5 --retry-delay 1 -o /var/cache/opnsense-update/18850/kernel-24.7-amd64.txz.sig https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/sets/kernel-24.7-amd64.txz.sig && \
curl -v -m 30 --retry 5 --retry-delay 1 -o /var/cache/opnsense-update/18850/packages-24.7-amd64.tar.sig https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/sets/packages-24.7-amd64.tar.sigfollowed by
Code Select
opnsense-update -u -l /var/cache/opnsense-update/18850/ -r 24.7
Of course, can be edited to whatever version is needed.

Now time to go on the fun path of getting all the way updated!
Just a bean.
Print
Go Up Pages1
User actions