/usr/local/etc/bogonsv6 too big

Started by ekke, February 07, 2018, 12:02:23 AM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions
February 07, 2018, 12:02:23 AM Last Edit: February 07, 2018, 12:04:23 AM by ekke

https://www.dropbox.com/s/7tswaldhlmkdgyg/opnsense.PNG?dl=0

ll /usr/local/etc/bogonsv6
-rw-r--r--  1 root  wheel  1492763 Jan 30 23:09 /usr/local/etc/bogonsv6

I get a error when OPNSense tries to load this list. for now I have commented it out.

February 07, 2018, 07:24:48 AM #1
I can't imagine why it's that large, mine isn't:

ll /usr/local/etc/bogonsv6
-rw-r--r--  1 root  wheel  860 Feb  1 11:58 /usr/local/etc/bogonsv6

Perhaps your is a hangover from the last release of OPNsense that you had installed or is this a clean install?
Regards


Bill
February 07, 2018, 02:14:44 PM #2
It's normally over 1 MB once updated. The small file is the bootstrap file we ship with the core package.

If bogons are too big, you will have to disable them. Never heard of it before, half-guessing it is due to your hardware... how much RAM do you have?


Cheers,
Franco
February 07, 2018, 02:50:39 PM #3
Here's mine for comparision

admin@gateway:~ % ll /usr/local/etc/bogonsv6
-rw-r--r--  1 root  wheel  1508542 Feb  1 03:16 /usr/local/etc/bogonsv6
OPNsense 24.7 - Qotom Q355G4 - ISP - Squirrel 1Gbps.

Team Rebellion Member
February 07, 2018, 04:46:04 PM #4 Last Edit: February 07, 2018, 04:57:39 PM by mausy5043
Quote from: phoenix on February 07, 2018, 07:24:48 AM
I can't imagine why it's that large, mine isn't:

ll /usr/local/etc/bogonsv6
-rw-r--r--  1 root  wheel  860 Feb  1 11:58 /usr/local/etc/bogonsv6

There is a *really* well-hidden option in Firewall > Diagnostics > pfTables
The button in the top-right corner : [Update bogons]. When clicked it downloads the latest list of bogons. Which can be fairly large.

Code Select

$ la /usr/local/etc/bogons*
-rw-r--r--  1 root  wheel    62572 Feb  7 16:44 /usr/local/etc/bogons
-rw-r--r--  1 root  wheel      132 Jan 29 13:12 /usr/local/etc/bogons.sample
-rw-r--r--  1 root  wheel  1514021 Feb  7 16:44 /usr/local/etc/bogonsv6
-rw-r--r--  1 root  wheel      860 Jan 29 13:12 /usr/local/etc/bogonsv6.sample


And looking at my logs I see nothing special.

Code Select


Feb  7 16:43:45 gateway configd.py: [dc6fa705-7811-47fd-a2d1-9c4bbc11a04b] request content of pf bogons table
Feb  7 16:44:04 gateway configd.py: [b4dfd709-84b2-41da-bc55-e26c2bab476f] update bogons database
Feb  7 16:44:04 gateway root: rc.update_bogons is starting up
Feb  7 16:44:04 gateway root: rc.update_bogons is beginning the update cycle
Feb  7 16:44:05 gateway root: rc.update_bogons is ending the update cycle
Feb  7 16:44:05 gateway configd.py: [2edfb7f2-a740-488b-a2e4-0aee5e383c64] request content of pf bogons table
Feb  7 16:46:22 gateway configd.py: [3f82124c-4eca-4186-b412-d5e27172e084] request content of pf bogonsv6 table


I tend to agree with @franco that this might be a memory problem.
:-D  Hobbyist programmer since 1986
February 07, 2018, 07:18:01 PM #5
Quote from: franco on February 07, 2018, 02:14:44 PM
It's normally over 1 MB once updated. The small file is the bootstrap file we ship with the core package.
My mistake.  :-[ Doesn't that file get updated automatically? I always assumed that was the case, I've just updated it manually via the helpful hint from mausy5043 and it's now the 1.5MB size.
Regards


Bill
February 07, 2018, 08:49:52 PM #6
Bill, do you have IPv6 turned off under Firewall: Settings: Advanced?


Cheers,
Franco
February 07, 2018, 08:54:49 PM #7
Hi Franco

Yes, IPv6 is enabled and has been since I went to fibre in August last year.
Regards


Bill
February 07, 2018, 08:58:47 PM #8
Hmm, and do you set "block bogons" anywhere in your interfaces?

Also in your system log do you see "Not saving IPv6 bogons table (IPv6 Allow is off and table-entries limit is potentially too low" ?


Cheers,
Franco
February 07, 2018, 09:13:05 PM #9
Quote from: franco on February 07, 2018, 02:14:44 PM
It's normally over 1 MB once updated. The small file is the bootstrap file we ship with the core package.

If bogons are too big, you will have to disable them. Never heard of it before, half-guessing it is due to your hardware... how much RAM do you have?


Cheers,
Franco

xeon 1230v3 8GB RAM
February 07, 2018, 09:17:27 PM #10
Quote from: franco on February 07, 2018, 08:58:47 PM
Hmm, and do you set "block bogons" anywhere in your interfaces?
Yes, it's set on the WAN interface only and nowhere else.

Quote from: franco on February 07, 2018, 08:58:47 PMAlso in your system log do you see "Not saving IPv6 bogons table (IPv6 Allow is off and table-entries limit is potentially too low" ?
Nothing except the fact I started the update and the file did get updated.
Regards


Bill
February 07, 2018, 09:31:41 PM #11
Weird, but out of ideas. :(
February 07, 2018, 09:44:08 PM #12
Quote from: franco on February 07, 2018, 09:31:41 PM
Weird, but out of ideas. :(
No worries, I didn't miss it when it wasn't running. :)
Regards


Bill
February 07, 2018, 10:05:54 PM #13
i had the same issue after updating last night. I ended up bumping the Firewall Maximum Table Entries to 500,000 and rebooting. I can spare 500MB of RAM for this.

February 07, 2018, 10:39:32 PM #14
Perhaps why I have never had the issue, my FW Max Entries was already set to 1 Million. Plenty of RAM to play with.
OPNsense 24.7 - Qotom Q355G4 - ISP - Squirrel 1Gbps.

Team Rebellion Member
Print
Go Up Pages1 2
User actions