@sgw did you check Monitoring in pFsense on XG7100? Check Quality and then check delay std. dev - did it changed(increase) when you go from 22.05 to 23 version? Main is much worst then on 22.05.

@natharas said in Cant see switch in DCHP or ARP table: I have cameras on the switch that are using a different VLAN and all are working. which has nothing to do with the switch getting its management IP which would be on vlan 1. Unless you changed it to be a different vlan? [image: 1689063571250-changedit.jpg]

@scottlindner said in need to reboot when modem reboots: Yes, those are both set to All network interfaces. Not a fan of that - especially for outgoing.. The local interface is really the only interface you need to use for outgoing, any traffic out the wan would be natted to your wan IP, or vpn IP, etc. The only time you would need to select another interface - if you were doing say forwarding to some lan side dns. You could make a case for only selecting the interface for listen as well - do you really need unbound to listen even on wan? You serving up dns off your wan interface? While its a good "default" setting because you have no idea what someones setup might need. The admin of the box should correct those settings to be best suited for their needs. All is rarely that. edit: these are my settings, it listens on the interface I might serve up dns on. And only uses localhost as its outbound interface. [image: 1689043774585-settings.jpg]

Just swapped pfSense over to 192.168.2.1 and that appears to have solved my issues. Good to know for next time!

@jaskerx how do you turn of DoH on Chrome???

@stephenw10 Your suggestion seemed very logical as it might explain the crash after the online update. I removed the line in the configuration file and I also tried changing the line to designate "video" rather than "serial". Both gave the same result. Before the changes, the boot up stopped with a blank screen with a blinking cursor. After the changes, the boot up stopped with an alphanumeric graphic of the pfSense logo and a flashing cursor. The boot did not complete. Since I am not seeing complaints from others, it looks like this is issue may be the result of a 10 year old bios in my Gigbox units. It appears that something is destroying the UEFI file when I do the configuration file restore. I'll stick with bios. It will be interesting to see what happens during the next pfSense update. Thanks for your suggestion and help.

Nice. I can only dream of those speeds.

Ok, without rebooting I went back to the Starlink interface, disabled IPv6 again, then re-enabled it again and the NTP IPv6 socket error has stopped. I can't reboot now to test if the error returns with a reboot but will try later. Seems flaky.

Well if it's not actually in bridge more I'd expect pfSense to pull a private IP on it's WAN as long as it's set to DHCP. You probably would have to power cycle to modem to be sure it isn't locked to the MAC address of whatever client you had connected there initially. Or spoof that MAC address in pfSense.

It's an upstream compatibility issue. If it gets corrected and we are able to compile it we will add back the package. The effort required to allow it is non-trivial though. Several of our developers have looked at it and concluded the task is likely beyond anything we can commit to at this point for an EoS architecture ourselves. So I really can't say when or if it might be done. Steve

I have resolve it by reseting NTopNg pkg

First try disabling CPU power saving modes in the BIOS and see if that changes anything.

I tried the console factory default on the same 2100, with a valid Internet connection. It had no delay. I then installed apcupsd via the GUI, and reset to defaults again. Afterwards the package was not installed. So, not sure what the difference was between yesterday and today. I doubt the hardware (and hence ADI vs Arm) matters. Possibly, is an Internet connection required to remove a package? (callback to my 4m delay above) Or "many" packages or certain packages are handled differently than one package (seems unlikely)?

@jimp said in zfs on SG5100?: but for most people the defaults are OK. Great. The warning sort of surprised me and I wanted to make sure since my appliance is a bit older.

@stephenw10 said in Strange issue in correlation of newwanip: Ok did you test with any other language selected other than German? (or English) Only German and English

@JKnott you have to add the file yourself, to add it it's under NTP configuration under leap second area.

https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-s2s.html -Rico

@rcoleman-netgate said in /var is low on disk space: If, yes. If this is the case, and you are in the United States, and you are interested in having it used for a testing/trial process LMK and I can open DMs for you. I'd like to discuss this with you. jon

I just recently did this - now mind you I only have a hand full of devices.. I still had a few years left out of the 10 years on my CA, and server cert, etc.. But in another thread about openvpn I got reminded that my certs were using old RSA stuff.. So I updated everything to ecdsa.. But yeah @stephenw10 has the right path - fire up a new instance.. And migrate your clients over to the new instance using the new CA and certs.. This way you can do few clients at a time, and can always fall back to the old instance. Once your all migrated you can kill off the old instance.. But the migration really should be as simple as just changing the certs used on the instance you fire up, and then getting the clients the new certs.. Which is the hard part, especially if you have lots and lots of clients.