@medicineman25:

@chpalmer, thank you for the response. My apologies, I should clarify.

Is this something that is simply set in the wizard and the opendns will update the ip with that url? Does opendns handle that? I am using a variant of a domain name that I already own, will that work? Or do I need to create another hostname for login?

Ah!    You can use your DNS to reach anything you have setup on your network as long as you allow it in the firewall settings.    DNS is simply a name resolution to an IP address.  Use if for anything you need.

kmart.com = 23.59.190.17

The brand new AC86u is capable of 100MB/s reads and 90MB/s write on samba and it only had a 1.8GHz processor.

This is then on an eMMC flash storage and not on an SD card as on the RAPI, and on top of this that plastic routers
came with ASIC and/or FPGA`s that frees up the entire CPU and it is able to do more. pfSense is a x86 software
firewall and nothing more at this moment. An yes a small samba server should be not installed on it as I see it right
like other also do, but you will be able to get a NAS with OwnCloud, Samba, Download station and whatever they all
offers today, and connect it to your pfSense easy to get access from outside with a VPN connection.

@johnpoz:

So did you go into your daytek and

UNmarking "Broadcast DSL status to LAN" under ->System Maintenance->Management

User johnpoz solved this in the above post.

When I un-ticked this, no flooding anymore!!!! Yeee  8)

For me this worked as the source of my broadcast traffic was my DSL modem, for other people this might be due to other traffic broadcasts in their networks.

Nevermind, it was my browser (cache probably).  It works :)

Thanks yeah I'll give that a try. I just can't believe I'm struggling with such a basic problem…moving a file from Windows to FreeBSD. Would be a lot easier if I could figure out how to mount my USB stick (or if I could get the file uploaded with the file uploading feature).

I'll investigate WinSCP. Thanks!

Just an update from my end, I had the systems replace by the vendor, sent me another system exactly the same.
I got the same error the only common part was the network card (N2XX-AIPCI02 Intel Quad port GbE Controller (E1G44ETG1P20))

So i purchased another Network card this tie  Dual Intel Pro/1000 and everything works fine.

I'm assuming the N2XX-AIPCI02 had some issues with the newer system, as it was working perfect in the older optiplex system.

Thank you again for your help.

Does your wan Access come back if you power cycle your cable modem without rebooting PFSense?  I have, what may be, a similar issue but I can restore internet by rebooting only
The cable modem. It started the day after I upgraded to 2.4 and unfortunately it is still randomly happening after 2.4.1 - I’m considering rolling back for a while until the dust settles more on 2.4 🙁

Wow I can't believe it took me a month before I could really sit down and try anything with this again, after upgrading PFSENSE router and getting smart managed switches and other stuff.

Since the last post the CenturyLink Router had to be replaced for some reason it and the TV box(which was replaced also) was causing the phone call id incoming to not display on the TV via the original TV box/ router combo they gave us. Tech seemed to think some firewall settings I supposedly set in the CL router caused the issue… DMZ'ing one port/device. Right. I rarely get lucky enough to have a tech with network background come by. they have been general techs.

Purchased a switch with igmp snooping, basically a smart managed switch.

This switch told me today that there does not appear to be any VLAN's coming from the CL Fiber Modem, and also allowed me to identify the IP ranges for IGMP. None of which I have seen online.
IP Address           VLAN ID
239.192.28.15   1
239.192.48.25   1
239.231.0.20   1

I assume no vlan atm because no difference in the way anything worked with and without the managed switch in between the CL Router. or my PFSense router. Creating vlan 201 coming from CL Modem and untagging the router side port caused there to be no connection.

Speed tests today using various sites with my PFsense router connected to the CL Modem gave me upwards of 900+ up and down depending on testing location.

IGMP Proxy, Firewall Wan, Firewall Lan, screenshots attached.

I factory reset settings today. Reconfigured no difference.

Status is that it still works for about 5 or so seconds and then stops streaming stations.

Types of IGMP messages I have received
The source address 192.168.10.57 for group 239.255.255.250, is not in any valid net for upstream VIF. <<<< very common first ip is always internal(as far as i can tell) to my network and not the tv box
select() failure; Errno(4): Interrupted system call <<< rare
Some other generic messages before it was configured right.

Now when I am going through the CL router the Switch snooping shows the multiple IGMP addresses(as mentioned above), it also shows 239.255.255.250 but that is only from my laptop connected to the switch looking at the interface so going to say it doesn't count.

So Modem > Switch(snooping IGMP) > CL Router = TV works, phone call ID works on TV box Internet works etc.

But when I go through my PFsense router it doesn't show any IGMP going through at all.
So Modem > Switch(snooping IGMP not seeing any IP's coming through) > PFSENSE = TV stations for 5 seconds or so when channel is changed, Phone ID works on TV box, Internet works etc.

Now my assumption is my IGMPPRoxy is either not configured right or broken somehow.
What other configuration information do you wonderful people need from me to troubleshoot.

I do want to / am going to try a full on factory image factory reset of my PFSENSE router in case at some point I messed up something that upgrading between versions wont fix for some reason.

CaptureIGMP.PNG
CaptureIGMP.PNG_thumb
CaptureWAN.PNG
CaptureWAN.PNG_thumb
CaptureLAN.PNG
CaptureLAN.PNG_thumb

If you don't need to filter anything to/from the customers, only isolate them, then even an L2 switch with private VLANs or a similar feature would be good enough.

"disperse traffic at a higher priority (QoS) I.E. VOIP, Plex, etc…."

So your VOIP and Plex are on different networks?

It looks like it came back at some point today

Just. Don't.

@johnpoz:

I see from your other thread working fine now after you reinstalled the driver.

that was tagit446 that solved his problem, I was nicely asked there to create my own topic :)
(will try tomorrow anyway of reinstalling the driver wile on the other subnet makes a difference)

That was exactly the problem! Silly me.

Thank you  :D

Just wanted to say after some troubleshooting on my own, I figured out the problem. It was various collisions on my USB NIC which was half duplex. Replaced it with a full duplex USB NIC and all is well now.

Even half duplex alone shouldn't cause those problems, though it will reduce available bandwidth.  Unless configured otherwise, Ethernet gear should auto-negotiate duplex and bandwidth.  There were likely other issues with that USB NIC.  Are there even USB NICs that are half duplex only?  Full duplex NICs have been made for over 20 years now.

Are both boxes running 2.4? One can't be using 2.3.x as that is incompatible.

^^^^
The problem with broadcasts is CPU load, not time on the wire.  With gigabit commonplace, how much broadcast or unsolicited multicast traffic is there, compared to desired traffic?  Incidentally, this is also the reason jumbo frames are often used in data centres, to reduce CPU load, for the amount of traffic carried.  As for enterprise, if all the clients support IPv6, as pretty much all do now, why even provide IPv4 on a server?  As for IPv6 only, that's already happening, as I mentioned with my cell phone.  There are also some ISPs that convert IPv4 traffic, from the Internet, to IPv6 to their customers.  In that situation, an IPv6 only local network is entirely possible.  Don't configure IPv4 addresses and no more ARP or DHCP broadcasts.

IPv4 will be around for a while yet, but it's declining.  Hopefully, one day we can get rid of it entirely.  At the moment, the only IPv4 traffic on my network is for those IPv4 only devices and accessing IPv4 sites on the Internet.  Declining IPv4 means declining ARP and other broadcasts.

You might want to sniff what actually happens when the files start moving ;)

Actually, I have.  Home group uses IPv6 link local addresses exclusively.  It does not work over IPv4 at all.  Anyone who tries to disable IPv6 on Windows, while using home groups will soon discover that.

Incidentally, there's a trend in data centres that reduces even the time on wire effect.  Spanning tree has long been used in data centres, but that forces all traffic into the best path to the root switch, leaving much of the network blocked.  Spanning tree is now being replaced by Shortest Path Bridging, where there's no such thing as a blocked connection.  Any link between switches can be used, if it's the shortest path.  SPB works by essentially creating VLANs between switches, by adding on another MAC header for transit between switches.

BTW, stating fact does not create FUD.  FUD is caused by misinformation, such as NAT is a "security feature" that IPv6 doesn't provide.  In fact, the security of NAT comes from the state full connections it needs to work.  Well state full firewalls do exactly the same thing.  Yet despite that, people still claim that NAT provides security.  Now that's FUD.

yes to 2.4.1 it had been running for about 10 days witrhout any issues.

A fresh install and restore of a backup is the likely next course of action.

Thanks, yes have seen the instructions on installing on Hyper-V thanks.

I've a had a quick look at the  Azure link, doesn't apper that I cna download it, to deploy on to Hyper-V.

Yer likely a driver issue of some description, although I have seen a few posts about 2.4.1 having issues with VLAN's for various reasons.

Thanks for the info and thoughts though.