Yes it should do that anyway. If you renew the cert for example.

@jriofrio
Just to corroborate your statement about (in my case) not need it to disable the hardware checksum with the intel x540.

You are correct, I enable it back and reboot the firewall, tested the connection of OPT1 (2nd LAN) and all works good, no problems accessing websites.
Also, I deleted the DoT rule for the 2nd LAN.

All good.. I'm please with the results.

PS: couldn't sleep , so i decided to do the changes now that no one is using the internet....

@kprovost Though my eye is untrained, I would agree that mine looks very similar. It has happened only once, so I will keep an eye on it and watch for when 24.11 goes GA. Thanks.

--Larry

They will not give you even a carrier grade NAT IPv4 address?

You should be able to access IPv6 sites from LAN OK as long as the ISP are sending you a fix delegation to use on internal interfaces?

Are LAN clients receiving a routable IPv6 address?

Steve

Yup you can't install a pkg for 2.6 into 2.7.0. If you managed to force that to happen it will likely break things.

It should work fine in 2.7.2.

Hmm, so using Windows NPS your user is able to login directly in priviledge mode?

How is that configured?

Do you have logs from the switch?

This probably isn't actually pfSense related if it's just between Freeradius and the switch.

The packages should be updated during the upgrade anyway.

The new pkg system with dynamic repos makes accidentally pulling in packages from the wrong repo thankfully far more difficult. Since 23.09.1 you've had to opt in to the new repo when an update is available.

Yes you will need a least that. But you may also need the IGMP proxy configured, possibly at both ends, so that clients can see the streams and subscribe to them.

@Gertjan said in Dynamic DNS client "extracted from local system":

To know if the WAN IP really changed ? Easy. Store the latest succeeded updated WAN IPv4 address locally. This is the cache file. Compare the actual WAN IPv4 with the cache ;:

Just going to take this opportunity to point out that this causes a problem in the case where we restore to a replacement router in our lab before delivery. DDNS is updated to our office IP. Live router will not update because its cached IP didn’t change. (Workaround is to manually modify the file on disk to fool it, as I recall)

I went and changed to yes and the logs seemed to clear up.

Thank you again.

@stephenw10
system - advanced - networking - ipv6 options - no checks, but... the WAN - IPv6 Configuration Type - DHCP6 so I changed to none.

Thank you sir!

Thnx guys 👍

@stephenw10 Thanks for this info. I hope later down this may not be the case. Since I practice to think of my pfsense as an appliance, I would rather not tweak it but will take a look.

::1 is IPv6 localhost. Unbound should listen on that address by default but you may have disabled that. Or if you have enabled the forwarder instead.

If you have upgraded from a much older version you might have it added specifically in System > General Setup and can remove it from there.

@stephenw10

Well, we're at 48 hours without an incident after switching the ethernet cable that connects the ONT to the router, so it's pretty safe to say you were correct saying it was hardware

Thank you for your support, honestly I wouldn't have guessed a damaged cable would cause something so intermittent and short

Kind Regards,
Mylo

@stephenw10 that is insane.. I had a device that had a multicast mac set on it, company screw up.. It could work - but it could also cause some problems. It was a networking bridge for electric consumption meter, current cost by envi if I recall.. Had to be 10 years ago, I remember it working until I moved it something other than a dumb switch - then I ran into issues.. I remember having to do something with igmp snooping.

An update for anyone who may be experiencing this issue.

This issue is caused by ATT's RG firmware. The latency spikes and jitter are resolved on the BGW320-505 as of firmware 6.30.5.

This issue was somewhat widely discussed at /r/ATTFiber. Shame on ATT for taking 8+ months to release a firmware which fixed it. And I was only able to get the firmware update by working with a redditor who had a high-level engineering contact at ATT, who was able to MANUALLY push the firmware update to my device. Who knows when it would have rolled out to me...

Thank you to @stephenw10 for the help along the way.

@stephenw10 cheers. We shall wait!

I will say that I've only ever seen issues like that when using UFS without RAM disks enabled. Using ZFS or enabling RAM disks should prevent it for the vast majority of cases.