New at this and Struggling with PPPoE routing

[marjohn56]

what's the wan ip showing up as, only give me the first two quartets, i.e 81.35

[marjohn56]

My Routes is empty, apart from a route to my test system, otherwise its automatic. If you have added any routes delete them and reboot.

[tre4bax]

My IP is 90.255.x.x  Although that seems to be backed off by a 212.158 number.  I can't look at the moment as I have the 612 disconnected so there is no WAN in place on the firewall/router.

I have no routes either, I was looking to see what you get in the routing status, see if mine is similar.  I have Netif values of pppoe(), lo0, em2, em3.  The EM ones are the network ports on the device 3 is WAN and 2 is LAN.  pppoe() is presumably the broadband link, I just don't know what lo0 is.

Interestingly the 1.0.0.1 address has a gateway of the 212.158.x.x and a netif name of pppoe().  This is the only address that actually works and that makes sense as a route has been generated to achieve this.  What I am not sure of is why there is no ANY type route.

[marjohn56]

lo0 is loopback.


Are you running this on a virtual machine?

[tre4bax]

Nope, it is running on a celeron J1900 powered device for the job.  It has plenty of RAM and disk and four network ports.

[marjohn56]

Yeah, it was just the em*, thought it might be vmware.


Let's see if we can get more sense out of this. Go to firewall->Settings-Advanced. Select 'Prefer Dpinger over Apinger', Allow IPv6 should be ticked. save and Apply. Reboot.


When it comes back up, post a snapshot of your Interfaces & Gateways widgets. And tell me whether the dpinger status's are green in the lobby Services widget.

[tre4bax]

Okay I have done that.  I won't be able to test till tomorrow morning though as Son is deep into internet gaming right now and turning off the internet would not go down well ;-)

At present it is running and connected to the 612, but that is not connected to the broadband.  This is why I am currently using 192.168.0.1 as its address so that I can attach too it from this machine with a second address added to this machines IP4 setup.

Looking at it curretly there is no Dpinger at all.  I assume because there is no internet connection.  Will swap first thing tomorrow and see what happens and let you know.

[tre4bax]

Blast did this.  No difference from a functioning point of view and the routing table is below, however I forgot to check the dpinger so will need to do that tomorrow.

Proto   Destination   Gateway   Flags   Use   MTU   Netif   Netif (name)
ipv4   1.0.0.1   212.158.250.36   UGHS   32   1492   pppoe0   wan
ipv4   8.8.8.8   212.158.250.36   UGHS   0   1492   pppoe0   wan
ipv4   90.255.226.54   link#9   UHS   0   16384   lo0   
ipv4   127.0.0.1   link#6   UH   0   16384   lo0   
ipv4   192.168.0.0/24   link#3   U   1214   1500   em2   lan
ipv4   192.168.0.1   link#3   UHS   0   16384   lo0   
ipv4   212.158.250.36   link#9   UH   32   1492   pppoe0   wan
ipv6   ::1   link#6   UH   0   16384   lo0   
ipv6   fe80::%em2/64   link#3   U   0   1500   em2   lan
ipv6   fe80::ee8:5cff:fe68:bac2%em2   link#3   UHS   0   16384   lo0   
ipv6   fe80::%em3/64   link#4   U   0   1500   em3   
ipv6   fe80::ee8:5cff:fe68:bac3%em3   link#4   UHS   0   16384   lo0   
ipv6   fe80::%lo0/64   link#6   U   0   16384   lo0   
ipv6   fe80::1%lo0   link#6   UHS   0   16384   lo0   
ipv6   fe80::%pppoe0/64   link#9   U   0   1492   pppoe0   wan
ipv6   fe80::ee8:5cff:fe68:bac0%pppoe0   link#9   UHS   0   16384   lo0   

Note both DNS servers are the only things accessible from anywhere and both have their route set as via the gateway 212.  it feels like a default route out for the rest is not being added.

[marjohn56]

There appears to be no default route being set. I've never seen that happen before. Can backup your config and send me the resultant *xml file. I'll run it up on my test unit and see what gives. Can you make sure that the root password is opnsense. You can change the PPPoE login so it's not yours, but leave something there.

[tre4bax]

Yeah, no probs.  I will do that tonight and send it through to you.  is there a good way to do that from this site or better to share from onedrive or something?

[tre4bax]

Ah, I see click below to attach.

Have attached the XML.  I've done this with the internet route off though.  Reasoned that it should still hold the setup.  If you need one with it active let me know and I'll do it when the family are asleep.

[marjohn56]

OK... Loaded your config. I'm sending it back to you with some changes


1. Deleted the extra gateway you've added.
2. Enabled the dhcp server so your lan devices will get no addresses.
3. Set the gateway targets and enabled monitoring.
4. Set dhcpc6 to use v4 connectivity.
5. Remove the LAN alias.


I've made a few other changes too, like enabling powerd, and a few other tweaks.

Note, I cannot test the PPPoE settings as to do that I would need to take my live unit offline, and that would be under pain of death from others.


When I first brought it up I could get squat, even setting WAN to dhcp got nothing, it works on dhcp now, so it should work on pppoe.


So what you need to do is import the attached config, change the WAN IPv4 type to PPPoE and set your username and password, save and apply. That should get you up and running. Once you have v4 up and running, set  dhcp6c to use V4 Connectivity, save and apply and that should bring up IPv6 too.

[tre4bax]

Hi Majohn

That gateway adds itself, I wasn't quite sure why.  I've deleted it a few times but it comes back on its own.

Turned off the DHCP server deliverately as I currently have this box on my network along with the Vodafone router and if this is offering DHCP it breaks everything else ;-)  Once I have it routing the Vodafone router is history and this will be the only DHCP ;-)

Thanks for your help with this I will give it a go tonight.

[tre4bax]

Was it the GW_LAN gateway you deleted.

I have just had a thought about where that is coming from.  I currently have my Vodafone connect doing the internet.  I also have the opnsense box plugged in using 192.168.0.1 as its network, so essentially not connected to the other devices subnet wise.  I then have multi homed my PC to have 192.168.0.99 as a second address so I can see the opnsense box live while allowing the rest of the network to work.  I wonder if somehow the GW_LAN route is a route to the vodafone connect via my PC that the opnsense box has figured out?

I only started doing this when it would not work though so should not alone be the issue.  Just curious really as to where this stuff is coming from as it aids understanding. 

I will let you know how it goes tomorrow morning when I can apply it.  With luck tomorrow night the opnsense box will be my main router.

[marjohn56]

When doing things like that it's best to start with a simple basic WAN<>LAN firewall. Get that working, then start doing funky stuff.