@JustAnotherUser Also, you would have to allow computer 2 & 4's subnets across the WG0 tunnel.

@stephenw10 The original script is in bash, but is fairly simple so should be easily adaptable to tcsh.

I know lots of other folks with similar configurations don't even bother with a watchdog script for wpa_supplicant. This is fine if it works. I rather have something in there that ensures there's network connectivity and the supplicant is not stalled.

@johnpoz

Thank you all for the pointers. Good reminder about the ISPs TOS.

You can set it to solve only A records also
unbound resolver custom options like this

server: do-ip4: yes prefer-ip4: yes do-ip6: no prefer-ip6: no private-address: ::/0 dns64-ignore-aaaa: *.* do-not-query-address: :: do-not-query-address: ::1 do-not-query-address: ::/0

@stephenw10
superb sir you are awesome it works fine thankyou so much sir

@markdudov said in IP not showing:

several active machines and I can access them, but for some reason when I go to DHCP Leases, I don't see any of the IP addresses of these machines.

What could be the reason for not showing up in DHCP Leases?

Two possible reasons :
These devices don't use DHCP, they have a static setup.
If the devices are using DHCP, there must be a another 'roque' DHCP server on your network. Check with the devices from what DHCP server they got their lease.

So its been a while but I got an update. It was Telstra. Which today is still unresolved. The lack of internal dashboard tools for their tech support makes it extremely difficult to identify any issues on their network something as simple as to view the current connected devices MAC address connected to the NTD they have to elevate it to NBNCo.

I switched over to Aussie Broadband and was setup in seconds with no issues. I even have framed Route setup and have a pool of static IP addresses I can use for online services. Not to mention the amount of tools at your disposal on the user dashboard portal.

WOW. I didnt even think about suricata blocking it! Thanks mate

Yes, they are really only of much value in a shared environment like if you are running as a VM or hosting VM in pfSense (don't do that!).

When you tried to ping what error was shown?

@hebein What if you just type

reboot

and hit Enter?

Yup it should give up more if it does fail. It will show more at the console anyway if the script fails.

@stephenw10 It does, so it’s only a annoying inconvinence. I was just trying to gauge how lt would react if I didn’t, and how long it would take.

@markdudov I dont think freeradius on pfSense supports Chapv2 unless its EAP encapsulated.

If you add it via FRR it can:
https://docs.netgate.com/pfsense/en/latest/routing/multipath.html

It might. I can't comment on those devices specifically but many mesh wifi devices only support those features when the main device is in router mode.

@johnpoz said in Analyze / solve "erros in" on interface and "errors out" on vlan:

@sysadminfromhell while I personally wouldn't be too concerned with such minor amount of errors - unless there was something actually not working how it should and tracked it down to these sorts of errors.

But I would be interested in what you find, etc. Sometimes such little minor things can be fun to track down, but they can also be huge time sucks - hehehe

I can not tell you the amount of time I spent trying to figure out why plex will send out ssdp every freaking 10 seconds, when all the things are disabled for why it might or could have use for doing such a thing.

Posted over on the plex forums - got back crickets.. Couple of users posted that they noticed it too.. But no solution, in the long run I just ended blocking such traffic at the switch port.. Plex can send them out every 10 seconds, it goes no farther than switch port at the end of its wire... Stupid shit!! hehehe

So yeah would be very interested in what you find.. You never know might run into such a thing sometime down the road and what you find could be the solution there.. So good luck! Hope you track it down..

I recall something sim as well, on some cheap smart switch.. It would mark RxBadPkt, and the counter would constantly go up - even though everything was working fine.. It was just a cosmetic error, any packets marked with tags got marked as RxBadPkt, So native untagged wouldn't trigger the stat, but all tags coming in would.. All the vlans actually worked, etc. but they would just increase that counter.. That was a time suck for sure.. Finally just had to let it go ;)

So i reduced the errors with disabling flow control completly, now we still jave errors but a lot less then before:

Uptime 7 Days 03 Hours 18 Minutes 15 Seconds

4e0aabd5-909a-4b66-8438-342142fbec3e-image.png

So I guess this was one source of the problem even I cannot find all of them this looked at least like a good start even the VLAN Interfaces still have errors out. (a minor few packets)

You would need to reinstall to move from Plus to CE as the versioning sees it as a downgrade.

Add the line: debug.acpi.disabled="thermal" to the file /boot/loader.conf.local

That disables the full ACPI thermal system though.

My advise would be, just ignore it!

@JKnott
Thanks so much for the insight!!