I seem to have massive problems since upgrading related to IPv6 and prefix deligation.
It took me a while and I have in the meantime done a clean installation just to be sure.
What I believe to have found is that the system goes crazy whenever I enable "Allow manual adjustment of DHCPv6 and Router Advertisements" checkbox. I want to do some IPv6 DHCP experiments and also have some control of the anounced DNS servers in the RA. That's why I need / want to have some manual control.
However as soon as I enable the checkbox and apply the system starts to renew WAN IPv6 constantly changing the prefix deligation every few moments and causing 100% system load.
Has anybody else similar experience or tips for troubleshooting? I am about to go back to the previous version which has worked ok for me.
Thanks!
after a bit more digging I see that for example a loss of one of the ethernet links is causing the whole wan ip addr to be given up? is there a reason to do that?
log looks like this: <11>1 2022-01-30T16:40:46+01:00 opnsense.xyz.com opnsense 29446 - [meta sequenceId="1"] /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for dynamic opt1(ue0)
<13>1 2022-01-30T16:40:47+01:00 opnsense.xyz.com dhcp6c 39756 - [meta sequenceId="2"] dhcp6c RELEASE on re0 - running newipv6
<13>1 2022-01-30T16:40:47+01:00 opnsense.xyz.com dhcp6c 47634 - [meta sequenceId="3"] dhcp6c RELEASE on re0 - running newipv6
<11>1 2022-01-30T16:40:47+01:00 opnsense.xyz.com opnsense 44614 - [meta sequenceId="4"] /usr/local/etc/rc.newwanipv6: IPv6 renewal is starting on 're0'
<11>1 2022-01-30T16:40:47+01:00 opnsense.xyz.com opnsense 44614 - [meta sequenceId="5"] /usr/local/etc/rc.newwanipv6: On (IP address: ) (interface: WAN[wan]) (real interface: re0).
<11>1 2022-01-30T16:40:47+01:00 opnsense.xyz.com opnsense 44614 - [meta sequenceId="6"] /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]
<11>1 2022-01-30T16:40:47+01:00 opnsense.xyz.com opnsense 50824 - [meta sequenceId="7"] /usr/local/etc/rc.newwanipv6: IPv6 renewal is starting on 're0'
<11>1 2022-01-30T16:40:47+01:00 opnsense.xyz.com opnsense 50824 - [meta sequenceId="8"] /usr/local/etc/rc.newwanipv6: On (IP address: ) (interface: WAN[wan]) (real interface: re0).
<11>1 2022-01-30T16:40:47+01:00 opnsense.xyz.com opnsense 50824 - [meta sequenceId="9"] /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]
<11>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="10"] /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for dynamic opt1(ue0)
<11>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="11"] /usr/local/etc/rc.linkup: ROUTING: entering configure using 'opt1'
<11>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="12"] /usr/local/etc/rc.linkup: ROUTING: IPv4 default gateway set to wan
<11>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="13"] /usr/local/etc/rc.linkup: ROUTING: skipping IPv4 default route
<11>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="14"] /usr/local/etc/rc.linkup: ROUTING: IPv6 default gateway set to wan
<11>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="15"] /usr/local/etc/rc.linkup: ROUTING: skipping IPv6 default route
<13>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="16"] plugins_configure ipsec (,opt1)
<13>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="17"] plugins_configure ipsec (execute task : ipsec_configure_do(,opt1))
<13>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="18"] plugins_configure dhcp ()
<13>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="19"] plugins_configure dhcp (execute task : dhcpd_dhcp_configure())
<11>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="20"] /usr/local/etc/rc.linkup: Warning! dhcpd_radvd_configure(auto) found no suitable IPv6 address on ue0
<11>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="21"] /usr/local/etc/rc.linkup: Warning! dhcpd_radvd_configure(auto) found no suitable IPv6 address on re1
<13>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="22"] plugins_configure dns ()
<13>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="23"] plugins_configure dns (execute task : dnsmasq_configure_do())
<13>1 2022-01-30T16:40:48+01:00 opnsense.xyz.com opnsense 74830 - [meta sequenceId="24"] plugins_configure dns (execute task : unbound_configure_do())
<13>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com dhcp6c 26064 - [meta sequenceId="25"] dhcp6c REQUEST on re0 - running newipv6
<11>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="26"] /usr/local/etc/rc.newwanipv6: IPv6 renewal is starting on 're0'
<11>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="27"] /usr/local/etc/rc.newwanipv6: On (IP address: 2a02:xxxx:xxxx::cba) (interface: WAN[wan]) (real interface: re0).
<13>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="28"] plugins_configure dhcp (,inet6)
<13>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="29"] plugins_configure dhcp (execute task : dhcpd_dhcp_configure(,inet6))
<13>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="30"] plugins_configure hosts ()
<13>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="31"] plugins_configure hosts (execute task : dnsmasq_hosts_generate())
<13>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="32"] plugins_configure hosts (execute task : unbound_hosts_generate())
<11>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="33"] /usr/local/etc/rc.newwanipv6: ROUTING: entering configure using 'wan'
<11>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="34"] /usr/local/etc/rc.newwanipv6: ROUTING: IPv4 default gateway set to wan
<11>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="35"] /usr/local/etc/rc.newwanipv6: ROUTING: setting IPv4 default route to xxx.xxx.28.1
<11>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="36"] /usr/local/etc/rc.newwanipv6: ROUTING: keeping current default gateway 'xxx.xxx.28.1'
<11>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="37"] /usr/local/etc/rc.newwanipv6: ROUTING: IPv6 default gateway set to wan
<11>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="38"] /usr/local/etc/rc.newwanipv6: ROUTING: setting IPv6 default route to fe80::xxxx:xxxx:xxxx:d819
<11>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="39"] /usr/local/etc/rc.newwanipv6: ROUTING: keeping current default gateway 'fe80::xxxx:xxxx:xxxx:d819%re0'
<13>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="40"] plugins_configure monitor ()
<13>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="41"] plugins_configure monitor (execute task : dpinger_configure_do())
<11>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="42"] /usr/local/etc/rc.newwanipv6: The WAN_DHCP6 monitor address is empty, skipping.
<11>1 2022-01-30T16:40:50+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="43"] /usr/local/etc/rc.newwanipv6: The WAN_DHCP monitor address is empty, skipping.
<13>1 2022-01-30T16:40:52+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="44"] plugins_configure vpn (,wan)
<13>1 2022-01-30T16:40:52+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="45"] plugins_configure vpn (execute task : ipsec_configure_do(,wan))
<13>1 2022-01-30T16:40:52+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="46"] plugins_configure vpn (execute task : openvpn_configure_do(,wan))
<13>1 2022-01-30T16:40:52+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="47"] plugins_configure newwanip (,wan)
<13>1 2022-01-30T16:40:52+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="48"] plugins_configure newwanip (execute task : ntpd_configure_do())
<13>1 2022-01-30T16:40:52+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="49"] plugins_configure newwanip (execute task : opendns_configure_do())
<13>1 2022-01-30T16:40:52+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="50"] plugins_configure newwanip (execute task : openssh_configure_do(,wan))
<13>1 2022-01-30T16:40:52+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="51"] plugins_configure newwanip (execute task : unbound_configure_do(,wan))
<13>1 2022-01-30T16:40:53+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="52"] plugins_configure newwanip (execute task : vxlan_configure_interface())
<13>1 2022-01-30T16:40:53+01:00 opnsense.xyz.com opnsense 32366 - [meta sequenceId="53"] plugins_configure newwanip (execute task : webgui_configure_do(,wan))
I have 6rd w/ my ISP and I completely gave up on getting it to work with this release; DHCP6 and RA don't behave as expected and routing with subnets/VLANs seems very broken when enabled.
Hello all,
I am dissappointed as I am facing also issue since the upgrade on IPv6. Not sure why but can t even get to ping ipv6.google.com.
root@OPNsense:~ # ping6 -I vtnet4 2a00:1450:400a:804::2004
PING6(56=40+8+8 bytes) 2a01:e0a:3ba:cb90::2 --> 2a00:1450:400a:804::2004
vtnet4: flags=8a63<UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: POP
options=800a8<VLAN_MTU,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
ether da:dc:fd:fa:f7:7c
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
inet6 2a01:e0a:3ba:cb90::2 prefixlen 64
inet6 fe80::d8dc:fdff:fefa:f77c%vtnet4 prefixlen 64 scopeid 0x5
Routing tables
Internet6:
Destination Gateway Flags Nhop# Mtu Netif Expire
default fe80::72fc:8fff:fe6a:95d%vtnet4 UGS 6 1500 vtnet4
::1 link#7 UHS 1 16384 lo0
2000::/3 fe80::72fc:8fff:fe6a:95d%vtnet4 UGS 7 1500 vtnet4
2a01:e0a:3ba:cb90::/64 link#5 U 5 1500 vtnet4
2a01:e0a:3ba:cb90::2 link#5 UHS 4 16384 lo0
fe80::%vtnet4/64 link#5 U 5 1500 vtnet4
fe80::d8dc:fdff:fefa:f77c%vtnet4 link#5 UHS 4 16384 lo0
fe80::%lo0/64 link#7 U 3 16384 lo0
fe80::1%lo0 link#7 UHS 2 16384 lo0
traceroute6 to 2a00:1450:400a:804::2004 (2a00:1450:400a:804::2004) from 2a01:e0a:3ba:cb90::2, 64 hops max, 28 byte packets
1 2a01:e0a:3ba:cb90::2 3048.035 ms !A 3014.750 ms !A 2999.995 ms !A
2022-01-30T21:14:52 Error opnsense /system_gateways.php: ROUTING: setting IPv6 default route to fe80::72fc:8fff:fe6a:95d
2022-01-30T21:14:52 Error opnsense /system_gateways.php: ROUTING: IPv6 default gateway set to opt3
interface FW allow all ipv4 and ipv6 to go out.
Any idea?
Merci
I know this is a free product etc...
But really the IPv6 implementation with PD is completely broken as far as I can tell.
Just had a reboot of my L2 switch behind the OPNsense box and the drama of endless WAN ip address changes for IPv6 started all over again.
Can some of the developers at least acknolege that they are aware and working on it?
Thanks!
> I know this is a free product etc...
Yes.
> But really the IPv6 implementation with PD is completely broken as far as I can tell.
Not generally, no.
The deal is and always was: if you can help to reproduce it can be fixed. Unfortunately drivers and equipment and ISPs needlessly complicate reproducibility from one setup to the next. I'm willing to spend time via SSH on a box if required to look at the issue in action, but I can't spend a week trying to get that fixed.
I've had the pleasure to look at a setup with Orange FR that broke DHCPv4 and DHCPv6. The former was an issue with the setup requirements in 22.1 as per the release notes (MAC spoofing on VLAN is now wrong without at least promiscuous mode in the parent interface which needs to be assigned for it) and the latter one looks like a kernel bug in FreeBSD 13-STABLE, 12-STABLE and 12.3 for good measure. ;)
Cheers,
Franco
i would be happy to share my remote connexion ;)
Send me a mail via franco@opnsense.org and I'll send you a SSH key.
Cheers,
Franco
thanks, sent you a note.
I can confirm that (on an APU4d4) IPv6 PD/track based advertisements are only working without the option "Allow manual adjustment of DHCPv6 and Router Advertisements" on 22.1 at the moment. When selected, RAs just stop shortly after restarting radvd and dhcpv6 doesn't seem to respond reliably. I have not yet tried to debug the differences in radvd.conf as generated.
There shouldn't be much of a change in either area. At least with opns-sc0 today we learned that running IPS on emulated Netmap interfaces can bring them up/down and cause reconfiguration loops on the WAN side with dhcpv6 because dhcp6c is being poked by the tracking LANs when they go down. We will try to avoid this in the future...
https://github.com/opnsense/core/commit/a7e3d36b0
https://github.com/opnsense/core/commit/f5b2d2024
This is development code so take it with a grain of salt. It's just one issue that it could be.
@rmayr If you can please do try diff /var/etc/radvd.conf and /var/dhcpd/etc/dhcpdv6.conf though keep in mind that manual mode opens up a lot of room for individual settings. Actually it seems assuring that automatic mode has sane defaults.
@XabiX will contact you tomorrow :)
Cheers,
Franco
Thanks again franco for taking a look at the issue yesterday.
After another night of sleep I had a second thought.
Before I upgraded I did use Sensei / Zenamor. I can't really recall if it was the FreeBSD driver or the Realtek driver. After first seeing issues I simply switched to the Realtek drivers. Those are the ones I had running yesterday as well. Do you think it's worth going back to FreeBSD drivers to test if it's any better?
Currently whenever IDS is activated i get netmap_transmit ue0 drop mbuf that needs checksum offload errors on console.
thanks!
I registered to say the same thing, IPv6 was working before 22.1 upgrade.
VM with PCI Passthrough with Intel I350 NIC passed through.
Currently all my clients are receiving their delegated IPv6 address through Prefix Delegation from the WAN interface, but no IPv6 traffic is working. I see it being passed in the firewall, but just unable to ping any IPv6 addresses from the OPNsense VM itself or from any clients.
Tried ticking and unticking "Allow manual adjustment of DHCPv6 and Router Advertisements" and then changed from Assisted to Managed to Unmanaged RA, but still same results, would get IPv6 address, but unable to communicate to anything.
The only thing I can see in the logs that may hint at what is going on is,
/usr/local/etc/rc.newwanipv6: The command '/sbin/route add -host -'inet6' '2001:4860:4860::8888' 'fe80::d604:ffff:fe2c:2bc1%'' returned exit code '71', the output was 'route: fe80::d604:ffff:fe2c:2bc1%: Name does not resolve'
@zneaks 'fe80::d604:ffff:fe2c:2bc1%' is missing the scope after %. Not sure where this goes wrong. Do you have a static route set for this?
Fixed XabiX's issue by adding a link-local IPv6 static configuration to WAN address. On older FreeBSD kernels IPv6 does not seem to have been disabled as rigidly as it is now on version 13 so it fails when you try to pull the /64 GUA subnet to LAN without setting up at least link-local on WAN.
Cheers,
Franco
I had problems setting up IPv6, too. The clients did get a IPv6 address but couldnt contact anything at all. RA just didnt want to work, too, so i deactivated everything and started configuring from scratch.
For me the problem was the option "Use the DNS settings of the DHCPv6 server" in RA. It worked like a charm in <v22.1 but it seems that configuring only the DNS-server suffix (i get a dynamic prefix from my ISP) in DHCPv6 wont work anymore. As soon as i changed it to the complete IPv6 address it started working again.
I just wanted to share it with you guys, maybe it helps :)
@franco, I have no static routes with IPv6, it's the default setup. I have RA in Assisted mode, DHCPv6 enabled on the WAN interface.
I can't ping the link local address from either side, WAN -> LAN, LAN -> WAN, but I can ping link local from LAN interface to a client in that LAN.
I can't ping any other public IPv6 addresses from the public IPv6 address on the LAN interface.
I tried what @cardinal said, but it still doesn't work, I removed my DNS domain from the RA settings, unticked everything and still failing
EDIT:
I can't explain this at all, I tried rebuilding a brand new VM with same NIC etc, started from scratch, and IPv6 wasn't working initially. After a reboot it started working from my client devices. I restored my old settings, and IPv6 wasn't working from client devices again.
I rebuild the VM again, played around with it some more, and I once again had IPv6 on the client devices, through DHCPv6, NOT RA, and was able to ping Google through IPv6.
I compared the config file of the working IPv6 and non working IPv6, and found no discernable differences.
I then found a very strange issue, where if I disabled "Request only an IPv6 prefix", while pinging from a client device, I was able to then ping an IPv6 address for 2 seconds before it eventually started failing again.
PING: transmit failed. General failure.
PING: transmit failed. General failure.
Reply from 2404:6800:4006:814::2004: time=14ms
Reply from 2404:6800:4006:814::2004: time=15ms
Request timed out.
Request timed out.
Hopefully relevant logs:
<28>1 2022-02-08T20:01:30 opnsense.local radvd 61512 - [meta sequenceId="5"] prefix length should be 64 for vmx0
<30>1 2022-02-08T20:01:30 opnsense.local radvd 61512 - [meta sequenceId="6"] removing /var/run/radvd.pid
<30>1 2022-02-08T20:01:30 opnsense.local radvd 61512 - [meta sequenceId="7"] returning from radvd main
<30>1 2022-02-08T20:01:35 opnsense.local radvd 61974 - [meta sequenceId="8"] version 2.19 started
<28>1 2022-02-08T20:01:35 opnsense.local radvd 62486 - [meta sequenceId="9"] prefix length should be 64 for vmx0
<28>1 2022-02-08T20:01:35 opnsense.local radvd 62486 - [meta sequenceId="10"] prefix length should be 64 for vmx0
<28>1 2022-02-08T20:01:37 opnsense.local radvd 62486 - [meta sequenceId="11"] exiting, 1 sigterm(s) received
<30>1 2022-02-08T20:01:37 opnsense.local radvd 62486 - [meta sequenceId="12"] sending stop adverts
<28>1 2022-02-08T20:01:37 opnsense.local radvd 62486 - [meta sequenceId="13"] prefix length should be 64 for vmx0
<30>1 2022-02-08T20:01:37 opnsense.local radvd 62486 - [meta sequenceId="14"] removing /var/run/radvd.pid
<30>1 2022-02-08T20:01:37 opnsense.local radvd 62486 - [meta sequenceId="15"] returning from radvd main
<30>1 2022-02-08T20:01:37 opnsense.local radvd 84614 - [meta sequenceId="16"] version 2.19 started
cannot forward src fe80:1::11ae:5d59:abdd:d43f, dst xxxx:6800:4015:801::xxxx, nxt 58, rcvif vmx0, outif igb0
cannot forward src fe80:1::aef1:8ff:fe58:13bc, dst xxxx:108:700f::341a:34e2, nxt 6, rcvif vmx0, outif igb0
cannot forward src fe80:1::aef1:8ff:fe58:13bc, dst xxxx:108:700f::2ce6:119c, nxt 6, rcvif vmx0, outif igb0
cannot forward src fe80:1::11ae:5d59:abdd:d43f, dst xxxx:3fc0:1:104::670a:7d12, nxt 17, rcvif vmx0, outif igb0
cannot forward src fe80:1::30ee:db83:ec1b:3214, dst xxxx:19f0:5801:1daa:5400:1ff:fe95:cf80, nxt 17, rcvif vmx0, outif igb0
cannot forward src fe80:1::30ee:db83:ec1b:3214, dst xxxx:4700:f1::1, nxt 17, rcvif vmx0, outif igb0
cannot forward src fe80:1::86b:b72c:d5a4:3beb, dst xxxx:8006:3510:7085::1c50, nxt 6, rcvif vmx0, outif igb0
cannot forward src fe80:1::30ee:db83:ec1b:3214, dst xxxx:9400:4:0:216:3eff:fee2:1a8b, nxt 17, rcvif vmx0, outif igb0
cannot forward src fe80:1::11ae:5d59:abdd:d43f, dst xxxx:3fc0:1:104::670a:7d13, nxt 17, rcvif vmx0, outif igb0
cannot forward src fe80:1::30ee:db83:ec1b:3214, dst xxxx:4700:f1::1, nxt 17, rcvif vmx0, outif igb0
cannot forward src fe80:1::30ee:db83:ec1b:3214, dst xxxx:9400:4:0:216:3eff:fee2:1a8b, nxt 17, rcvif vmx0, outif igb0
cannot forward src fe80:1::30ee:db83:ec1b:3214, dst xxxx:4700:f1::1, nxt 17, rcvif vmx0, outif igb0
cannot forward src fe80:1::250:56ff:feb5:247c, dst xxxx:bc80:3010:600:dead:beef:cafe:feda, nxt 6, rcvif vmx0, outif igb0
cannot forward src fe80:1::d0a8:136a:8213:cc4b, dst xxxx:1380:1001:6c00::1, nxt 6, rcvif vmx0, outif igb0
cannot forward src fe80:1::30ee:db83:ec1b:3214, dst xxxx:9400:4:0:216:3eff:fee2:1a8b, nxt 17, rcvif vmx0, outif igb0
cannot forward src fe80:1::30ee:db83:ec1b:3214, dst xxxx:4178:5:200::10, nxt 6, rcvif vmx0, outif igb0
cannot forward src fe80:1::11ae:5d59:abdd:d43f, dst xxxx:3fc0:1:103::670a:7d03, nxt 17, rcvif vmx0, outif igb0
cannot forward src fe80:1::86b:b72c:d5a4:3beb, dst xxxx:8003:5448:7600:250:56ff:feae:7fa8, nxt 17, rcvif vmx0, outif igb0
cannot forward src fe80:1::86b:b72c:d5a4:3beb, dst xxxx:8003:5448:7600:250:56ff:feae:7fa8, nxt 58, rcvif vmx0, outif igb0
cannot forward src fe80:1::30ee:db83:ec1b:3214, dst xxxx:9400:4:0:216:3eff:fee2:1a8b, nxt 17, rcvif vmx0, outif igb0
I've given up with IPv6 for now, hopefully it gets fixed in 22.2
I also have found since updating to 22.1 that RA would not start.
After much messing and many reboots, I removed the DNS servers entries I had in all the interfaces on RA and rebooted and it started working.
I then put them back again (to the DNS servers I wanted in there) and rebooted again.
Now it SEEMS to be back to normal.... in that RA starts on boot up and the problem has gone.... I think....
Chris
Quote from: fgsfdgfds on February 08, 2022, 09:39:08 PM
I also have found since updating to 22.1 that RA would not start.
After much messing and many reboots, I removed the DNS servers entries I had in all the interfaces on RA and rebooted and it started working.
I then put them back again (to the DNS servers I wanted in there) and rebooted again.
Now it SEEMS to be back to normal.... in that RA starts on boot up and the problem has gone.... I think....
Chris
I am having the same issue. RA, what is this and where is it in GUI?
After the upgrade, I basically did not notice any problems with IPv6 for the time being.
My provider has assigned me a fixed 56 prefix. The WAN interface is set to DHCP and the LAN interfaces to track interface with manual configuration.
DHCPv6 is active and works. Additionally, router advertisements (assisted mode) are enabled.
Since the changeover, I noticed that some clients irregularly lost their IPv6 address and the assigned IPv6 DNS server after some time.
I was able to fix the problem by setting the following settings:
- AdvDefaultLifetime: 9000
- AdvPreferredLifetime: 7200
- AdvRDNSSLifetime: 1800
- AdvDNSSLLifetime: 1800
- AdvRouteLifetime: 1800
Quote from: fgsfdgfds on February 08, 2022, 09:39:08 PM
I also have found since updating to 22.1 that RA would not start.
After much messing and many reboots, I removed the DNS servers entries I had in all the interfaces on RA and rebooted and it started working.
I then put them back again (to the DNS servers I wanted in there) and rebooted again.
Now it SEEMS to be back to normal.... in that RA starts on boot up and the problem has gone.... I think....
Chris
I just upgraded 2 system from 21.7.7 through to 22.1.1_1.
The RA service was stopped and refused to start, I went though and clicked save on each interfaces config page with no changes in the RA service and it came back up.
Hi, just wanted to share what I did to fix, my situation is that my RA did not start, I have multiple interfaces and multiple Vlans on one interface, I enabled promiscuous mode on the single interface, did not fix it, went to every interface page, and saved - Apply, did not fix, unchecked "Use the DNS settings of the DHCPv6 server" in RA setting fixed it immediately after saving, the service started by it self, I checked the box back and the service still up, I rebooted to make sure it is working after the reboot and yes it is working.
Thank you to all the developers for the great product and for keeping the M0N0wall legacy alive :D 8).
Was going to start a similar sounding thread but will post here. I should do otherwise, please let me know.
I was going to title mine:
Trying to get IPv6 working, can't find Services > Router Advertisement
I have my LAN (/64) and WAN (/56) set to dhcpv6, set Send IPv6 prefix hint & not set Use IPv4 connectivity (Xfinity). The WAN gets a /128 IPv6 address but that's it. Nothing on the LAN or the OPT1 interface (not important).
I've seen several message that suggest changing settings under Service > Router Advertisements but I don't have the menu option.
Versions OPNsense 22.1.1_3-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1m 14 Dec 2021
CPU type Intel(R) Xeon(R) CPU E3-1270 v3 @ 3.50GHz (4 cores, 8 threads)
My IPv4 is still working so I'm not in a rush but I'll help out if I can.
Thanks
Quote from: linuxha on February 23, 2022, 07:00:52 PM
Was going to start a similar sounding thread but will post here. I should do otherwise, please let me know.
I was going to title mine:
Trying to get IPv6 working, can't find Services > Router Advertisement
I have my LAN (/64) and WAN (/56) set to dhcpv6, set Send IPv6 prefix hint & not set Use IPv4 connectivity (Xfinity). The WAN gets a /128 IPv6 address but that's it. Nothing on the LAN or the OPT1 interface (not important).
I've seen several message that suggest changing settings under Service > Router Advertisements but I don't have the menu option.
Versions OPNsense 22.1.1_3-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1m 14 Dec 2021
CPU type Intel(R) Xeon(R) CPU E3-1270 v3 @ 3.50GHz (4 cores, 8 threads)
My IPv4 is still working so I'm not in a rush but I'll help out if I can.
Thanks
You need to tick "Allow manual adjustment of DHCPv6 and Router Advertisements" in the LAN interface option to see Router Advertisements.
I've never had an issue with the Router Advertisement service being online, it's always been online for me. My devices receive an IPv6 address, but just can't use it.
Quote from: zneaks on February 24, 2022, 02:16:31 AM
Quote from: linuxha on February 23, 2022, 07:00:52 PM
....
I've seen several message that suggest changing settings under Service > Router Advertisements but I don't have the menu option.
...
You need to tick "Allow manual adjustment of DHCPv6 and Router Advertisements" in the LAN interface option to see Router Advertisements.
...
I do not have that option on the Interface > LAN page
Probably because you have configured DHCPv6 for LAN
Is OPNsense sitting behind an ISP router? Possible that the ISP router is pinching the prefix
Quote from: Greelan on February 24, 2022, 07:30:57 AM
Probably because you have configured DHCPv6 for LAN
Is OPNsense sitting behind an ISP router? Possible that the ISP router is pinching the prefix
I don't think so, I had IPv6 working with pfsense. My cable modem's routing and WiFi are disabled. I switched to get support for a Realtek NBaseT card that pfsense won't support.
Now it is possible that I have Opnsense setup incorrectly. The current version is a bit different than the GUI dicussed on most of the search responses.
IPv6 varies a lot between ISPs
In my case I use Track Interface for LAN, to track the WAN
I get a /48 prefix and allocate a /64 to each internal network