Weird freezes in network and other questions

Networking & Firewalls
1

Hey!

I currently are redoing the configuration of my network and I want a bit of help with some issues of mine that have been plaguing me.

The network consists of an “workstation-turned-router” setup with an Mellanox-X3 network card, the software is OPNSense.

It is connected to an modem from Teltonika via the Realtek mobo-included port.

On the other hand, the cable from the Mellanox card connect to an Unifi Aggregation Switch and that then to some workstations, servers and an small Unifi Switch ethernet switch, it basically just connects to the slow workstations, the Unifi 6 WiFi-device and the Unifi Cloud Key Gen2.

The network is split into different VLANs.

The idea would be to do a bit of “streamlining” and configure the router fully. I am thinking of setting up Tailscale and an IDS.

… and IPv6? Haven’t yet figured that out? The idea would be to just get the Teltonika modem to forward that to the router so I can enable it?

The server runs on NixOS, runs some services and kinda acts as an NAS.

I have a few questions regarding the current network configuration:

  • First off, the random freezes… the network freezes until a restart about 3 times a month. I still can’t think of an solution to this? One issue might be the Realtek Ethernet port on the router? So, should I try to disable it and switch any devices that use it to use the other available port on the Mellanox, mainly the modem? IDS is also not active. Though the weird thing is, when the freeze happens, you have to restart the whole network cabinet basically, not just the router… so an Uniffi issue?

  • The second problem is with Netflix on my Samsung Smart TV, at least on the “quest” vlan, Netflix does gets stuck loading at 25%? If the TV is connected to an mobile hotspot, that works? Other than that, no issues. This could be an issue with OPNSense (I found something on the forums about this), lack of IPv6 or just that I currently just use an one Unifi 6 Lite as the WiFi for the entire apartment. To note, this only happens on the TV and only on Netflix?

  • I also want a bit of help of setting up that IPv6 stuff, like I said… forwarding the address from the Teltonika modem?

So yea, if anyone can help, please do!

ps. If anybody knows any solutions for declarivate configuration on OPNSense and Unifi, please let me know! Terraform/Tofu is preferred since Nix (the declarative deployment tool I prefer) has support for them.

Kind regards,
jh-devv
:3

2

If you haven’t done this, install the Realtek drivers from system → firmware → plugins and see if that helps.

OPN-realtek
OPN-realtek1915×904 36 KB

Also disable all of the hardware offloading, you’ll need to do that to turn on IDS/IPS and Zenarmor (I forget where this setting is located).

That Mellanox card might be a problem, not too many people using that brand of card and there might be some “oddities” that you need to handle in the terminal. There was a recent post about a 10gbps cards and they needed to tweak something to get it working properly. And Intel gigabit card is much more simple to use, even some of the Realtek cards are OK after installing that driver package.

[edit] I see lots of Mellanox posts on the opnsense forum, and most people fix things by going to an Intel card. That might be a good place to start.