On Dec 9, 2014, at 8:53 PM, Karl Fife wrote:
> In the wild, I'm seeing a an increasing number of crappy consumer/ISP
> routers with subnets that conflict with ours (10../8). Comcast appears
> to be a common offender, curiously allocating the largest private subnet
> to their smallest customers.
In the wild, I'm seeing a an increasing number of crappy consumer/ISP
routers with subnets that conflict with ours (10../8). Comcast appears
to be a common offender, curiously allocating the largest private subnet
to their smallest customers. Of course this breaks VPN due to address
ambiguity/con
On Dec 9, 2014, at 2:04 PM, Volker Kuhlmann wrote:
> On Wed 10 Dec 2014 07:39:36 NZDT +1300, Ryan Clough wrote:
>
>> I, too, am using aliases which do not retain domain names or IP addresses.
>
> I opened https://redmine.pfsense.org/issues/4087
>
> What happens is that a rule reload, which ca
On Wed 10 Dec 2014 07:39:36 NZDT +1300, Ryan Clough wrote:
> I, too, am using aliases which do not retain domain names or IP addresses.
I opened https://redmine.pfsense.org/issues/4087
What happens is that a rule reload, which can be triggered by many
things e.g. interface yoyo (see WAN gw) or a
On Dec 9, 2014, at 1:13 PM, Volker Kuhlmann wrote:
> Is this why gateway monitoring is active by default? I'd have guessed
> most pfsense installs to be single WAN. What would gw monitoring be
> useful for then? Nothing could be done about the Internet going
> offline.
It’s nice to have the RRD
On Wed 10 Dec 2014 01:30:49 NZDT +1300, Chris Bagnall wrote:
Yes I was wondering about (basically useless) rate limiting too.
I used the ISP's web server. Or use one of the top 10 companies' one, or
one of the big CDNs. For single WAN pinging 1/s doesn't quite make sense
to me either so I increase
On 9/12/14 12:24 pm, Volker Kuhlmann wrote:
I found the problem. My ISP changed the WAN gateway to be mostly
non-responsive to pings. But only mostly, so pfsense plays yoyo with it.
Funny you should mention that. I've seen similar on a few of our pfSense
deployments of late, with several diffe
I found the problem. My ISP changed the WAN gateway to be mostly
non-responsive to pings. But only mostly, so pfsense plays yoyo with it.
Aliases containing FQDN entries are removed from pf tables (pfctl -T
show -t aliasname) at the start of any rule or alias change, related to
the alias with FQDN
