Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: 1 ... 3 4 [5] 6 7 ... 10

Author Topic: LAN setup  (Read 63590 times)

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: LAN setup
« Reply #60 on: January 01, 2017, 10:20:03 AM »

ronski I am using a private list and public, there is a couple of other public lists I may also add but this is what I did.

First of all an easy way to test is to use the easylist list as shown in first screenshot, you can add custom lists as well using the 'dnsbl feeds' option.

Third screenshot is my outbound rule I just setup to allow modem stat collecting on shared wan cable, however I could not find a way to add the right ip to the wan interface in the gui, so I had to do that in command line.

Note I am removing easylist later on my router, I added just to help test.  You have to be careful filtering ads/tracking router side as if a site breaks its not so easy to whitelist, also if want to whitelist sites like kitz for ad's that is also harder to do router side.
« Last Edit: January 01, 2017, 10:49:54 AM by Chrysalis »
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: LAN setup
« Reply #61 on: January 01, 2017, 10:22:33 AM »

example of how to add a hosts file list to dnsbl

using http://adaway.org/hosts.txt as example
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: LAN setup
« Reply #62 on: January 01, 2017, 10:46:43 AM »

with the box more loaded up now temp is only 33C still :)

asus ac68 on passive cooling over 70C even in winter.

latency is lower than the ac68 also

Code: [Select]
C:\Windows\system32>ping -t bbc.co.uk

Pinging bbc.co.uk [212.58.244.23] with 32 bytes of data:
Reply from 212.58.244.23: bytes=32 time=6ms TTL=56
Reply from 212.58.244.23: bytes=32 time=7ms TTL=56
Reply from 212.58.244.23: bytes=32 time=6ms TTL=56
Reply from 212.58.244.23: bytes=32 time=7ms TTL=56
Reply from 212.58.244.23: bytes=32 time=7ms TTL=56

Ping statistics for 212.58.244.23:
    Packets: Sent = 5, Received = 5, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 6ms, Maximum = 7ms, Average = 6ms
« Last Edit: January 01, 2017, 10:53:32 AM by Chrysalis »
Logged

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: LAN setup
« Reply #63 on: January 01, 2017, 12:56:33 PM »

Thanks for the info, not too fussed about blocking adverts to be honest. What's the Malware one do?

My box is running at about 36 degree's.
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: LAN setup
« Reply #64 on: January 01, 2017, 02:55:40 PM »

It blocks domains that have been found to host malware.

I am on pfsense 2.4 now as I have been trying to get ipv6 working but is a no go for me.  Another buddy is trying to help me as he is also on sky but I am stuck for now.
Logged

skyeci

  • Kitizen
  • ****
  • Posts: 1383
    • Line stats
Re: LAN setup
« Reply #65 on: January 01, 2017, 03:18:15 PM »

What do you need to check? My 2.4 works fine on sky ipv6 and was fine for 2.3 too.


Test with IPv4 DNS record       
ok (0.096s) using ipv4
Test with IPv6 DNS record       
ok (0.047s) using ipv6
Test with Dual Stack DNS record       
ok (0.661s) using ipv6
Test for Dual Stack DNS and large packet       
ok (1.532s) using ipv6
Test IPv4 without DNS       
ok (0.050s) using ipv4
Test IPv6 without DNS       
ok (0.056s) using ipv6
Test IPv6 large packet       
ok (1.580s) using ipv6
Test if your ISP's DNS server uses IPv6       
ok (2.519s) using ipv6
Find IPv4 Service Provider       
ok (0.473s) using ipv4 ASN 5607
Find IPv6 Service Provider       
ok (0.428s) using ipv6 ASN 560

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: LAN setup
« Reply #66 on: January 01, 2017, 03:22:48 PM »

the wan DHCP6 settings, but my settings do match what the pfsense sky guy has posted on skyuser.

On the pfsense dashboard WAN_DHCP6 just stays stuck in pending status.

http://www.skyuser.co.uk/forum/ipv6/58986-sky-ipv6-settings-non-sky-routers-12.html#post463605

« Last Edit: January 01, 2017, 03:26:43 PM by Chrysalis »
Logged

skyeci

  • Kitizen
  • ****
  • Posts: 1383
    • Line stats
Re: LAN setup
« Reply #67 on: January 01, 2017, 03:24:57 PM »

Ok give me  a min will send you some screen dumps..

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: LAN setup
« Reply #68 on: January 01, 2017, 03:36:15 PM »

do you mind also checking the contents of your /var/etc/dhcp6c_wan.conf file?

here is mine, which doesnt look right.  As it is only requesting dns servers and domain name but no prefix from what I can tell.

Code: [Select]
root@PFSENSE new # cat /var/etc/dhcp6c_wan.conf     
interface igb0 {
        request domain-name-servers;
        request domain-name;
        script "/var/etc/dhcp6c_wan_script.sh"; # we'd like some nameservers please
};
Logged

skyeci

  • Kitizen
  • ****
  • Posts: 1383
    • Line stats
Re: LAN setup
« Reply #69 on: January 01, 2017, 03:36:31 PM »

Done! You have mail... ;)

Did you add tracking on the lan interface on for dhcp6 etc.. have a look at my screen shots. Will have a look at the other bits when I get back.

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: LAN setup
« Reply #70 on: January 01, 2017, 03:55:11 PM »

yep I was missing that tracking, thanks is now working. :)

Do you have the unreleased DUID patch on your pfsense yet?

also this looks more like it :)

Code: [Select]
interface igb0 {
        send ia-pd 0;   # request prefix delegation
        request domain-name-servers;
        request domain-name;
        script "/var/etc/dhcp6c_wan_script.sh"; # we'd like some nameservers please
};
id-assoc pd 0 {
        prefix-interface igb1 {
                sla-id 0;
                sla-len 8;
        };
};
Logged

skyeci

  • Kitizen
  • ****
  • Posts: 1383
    • Line stats
Re: LAN setup
« Reply #71 on: January 01, 2017, 04:29:23 PM »

Nice!

No not yet. Part of the fix is already on the latest snapshot- the do not release request.. I understand the duid bit is now under testing so hopefully out soon. I am happy to wait for it to be released on a patch. I only  use it for the tbb ipv6 monitor so it's not really that much of an issue for my setup  :D

This bit is on the latest patch.

Do not allow PD/Address release
dhcp6c will send a release to the ISP on exit, some ISPs then release the allocated address or prefix. This option prevents that signal ever being sent

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: LAN setup
« Reply #72 on: January 01, 2017, 04:38:20 PM »

An update :)

The GUI method to add the ip for modem stats subnet is under firewall, virtual ip's, simply add the ip as a alias to the wan interface, which in my case is 192.168.2.252 with a /24 subnet mask.

This means so far I have managed to do everything without hacks in the shell.  The only shell modifying I have done is to edit the /etc/rc.initial script to add a 17) option for bash shell. 

On my asus my setup involved a lot of manual cli work.

Also I sent you an email to let you know how to preserve DUID before the patch is commited. :)

Also for both you and ronski, if you want to keep traffic total stats across reboots, do as this post says, I have already confirmed it works, even preserved over 2 pfsense upgrades (I went from 2.2 to 2.3 then to 2.4).

https://forum.pfsense.org/index.php?topic=114753.msg664804#msg664804
« Last Edit: January 01, 2017, 04:45:03 PM by Chrysalis »
Logged

skyeci

  • Kitizen
  • ****
  • Posts: 1383
    • Line stats
Re: LAN setup
« Reply #73 on: January 01, 2017, 04:59:30 PM »

Ok cheers.

I did a straight install recently to 2.4. I didn't like the idea of old files being left from previous versions. I also had a crash on my first build which was upgraded from a  working  2.3.. so far on 2.4 I haven't had a crash since doing the clean 2.4 build so hopefully that was perhaps related to the in place upgrades...probably never know but a good 2 weeks since that crash...

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: LAN setup
« Reply #74 on: January 01, 2017, 05:00:37 PM »

Yeah I understand where you coming from, it is possible I will redo 2.4 clean at some point especially as I can use ZFS on 2.4 installer, but I have noticed no stability issues from the upgrade process so far.
Logged
Pages: 1 ... 3 4 [5] 6 7 ... 10
 

anything