My ISP provides me with a /56 range of ipv6. My clients gets ipv6 addresses, but dhcpv6 doesn't provide a default route. It did work a while ago. I havenĀ“t changed my config, so what can be wrong.
I seem to be getting a similar, but slightly different issue. From what I can tell, my device is generating a IPv6 RA, which seems to be correctly formatted. Linux hosts are receiving it, and it seems to be correctly formed:
#
# radvd configuration generated by radvdump 2.17
# based on Router Advertisement from fe80::f690:eaff:fe00:72c0
# received by interface eth0
#
interface eth0
{
AdvSendAdvert on;
# Note: {Min,Max}RtrAdvInterval cannot be obtained with radvdump
AdvManagedFlag on;
AdvOtherConfigFlag on;
AdvReachableTime 0;
AdvRetransTimer 0;
AdvCurHopLimit 64;
AdvDefaultLifetime 1800;
AdvHomeAgentFlag off;
AdvDefaultPreference medium;
AdvLinkMTU 1500;
AdvSourceLLAddress on;
prefix {ISP ASSIGNED BLOCK}::/64
{
AdvValidLifetime 86400;
AdvPreferredLifetime 14400;
AdvOnLink on;
AdvAutonomous off;
AdvRouterAddr off;
}; # End of prefix definition
RDNSS {DNS SERVERS IPv6 ADDRESSES}
{
AdvRDNSSLifetime 600;
}; # End of RDNSS definition
DNSSL {LOCAL SEARCH DOMAIN}
{
AdvDNSSLLifetime 600;
}; # End of DNSSL definition
}; # End of interface definition
For some reason, as of about 1 day ago, the Windows machines on my network are not processing the RA and adding the OPNsense LAN interface to the IPv6 route table. If I add it manually, they are able to send and receive traffic, but this doesn't seem to work via the RA process, as it does for the Linux and BSD hosts.
Quick update: this one has me scratching my head. After I did a Wireshark capture, I was able to determine that the RA was not being carried across a particular switch. Once I power cycled that switch, I was able to get the Windows machines to see the RA, and update their routes.
I am at a bit of a loss to figure out why this switch (a Netgear GS716T on 6.3.1.39 firmware) would start filtering RA...
did you check if opnsense itself find an ipv6 route?
On my side,devices on my LAN receive an IPv6 address but won't reach internet:
- traceroute from laptop to google dns (ipv6) will stop when reaching opnsense
- traceroute from opnsense itself to google ipv6 dns give "no route to host"
I didn't tried the netgear switch trick but has opnsense itself cannot find its way,
my situation is a bit different.
what about you @gunnarf ?
Quote from: Taralas on April 13, 2022, 08:21:13 PM
I am at a bit of a loss to figure out why this switch (a Netgear GS716T on 6.3.1.39 firmware) would start filtering RA...
I have a similar switch (GS116Ev2) and I'm seeing the same issue. Do you happen to have igmp snooping or another form of multicast filtering enabled on the switch?
I do not. I have a few Netgear switches, and checked all of them, and IGMP snooping is disabled, as well as anything related to multicast routing. For the moment, the configuration is a flat network, with no VLANS, so the need for those services is minimal.
It's bad enough that I am having to bounce the WAN interfaces and switch ports daily to get a working IPv6 route. Some devices are able to get a route via RA, all of them are receiving the announcement, but it is garbled on some devices through this switch.