OPNsense Forum
Archive => 23.1 Legacy Series => Topic started by: IsaacFL on March 21, 2023, 05:03:49 pm
-
After todays update I see the following in my logs and others have reported issues with ipv6
radvd can't join ipv6-allrouters on vlan07
radvd can't join ipv6-allrouters on vlan06
radvd can't join ipv6-allrouters on vlan05
radvd can't join ipv6-allrouters on vlan04
radvd can't join ipv6-allrouters on vlan01
radvd can't join ipv6-allrouters on vlan03
radvd can't join ipv6-allrouters on vlan02
radvd can't join ipv6-allrouters on em0
-
also seeing:
vlan02 received RS or RA on vlan02 but vlan02 is not ready and setup_iface failed
-
radvd service is definitely broke. This results in ipv6 clients not able to receive default gateway.
-
I hope this will be fixed with a hotfix-patch.
-
I had to revert to 23.1.3
It works there.
-
I'm sure it's https://github.com/opnsense/core/commit/38049e4ea8 -- can you try?
# opnsense-patch 38049e4ea8
We've had this problem for years and I could never reproduce locally but it seems to be buggy in radvd/FreeBSD to this day. Bummer, because the HUP does prevent spurious disconnects and worked fine over here.
Cheers,
Franco
-
hi,
patch works for me.
Thanks!
Markus
-
I just applied patch and it seems to work for me too.
Some obversations before I patched: After updated to 23.1.4 the radvd worked fine, until I restarted radvd. So that was why it initially worked for earlier.
-
Well if you restart on 23.1.4 it doesn't restart anymore which surfaces the issue. A stop/start works for a bit.
I'll issue a hotfix in a couple of minutes for this and try to debug this in the kernel tomorrow.
Thanks,
Franco
-
Reconsider switching from rather Linux centric radvd to FreeBSD native rtadvd, possibly?
-
I still think there is a kernel problem actually. It might be the same for rtadvd. The socket code for joining the multicast group is the same.
Cheers,
Franco
-
Looks like radvd patching should suffice to bring back SIGHUP in 23.1.5:
https://github.com/opnsense/ports/commit/3dfe2537fb9
Cheers,
Franco
-
Hello Franco,
with the Hotfix 23.1.4_1 my IPv6 work fine now, thanks. But i had a 503 Service Unavailable Error. I think i have found the issue:
System -> Settings -> Administration -> Listening Interfaces
My settings was only on LAN-Interface. After Upgrade to 23.1.4(_1) i received the 503 Service unavailable Error on OPNsense Web Interface. Now i have set to All (recommended) and the issue is gone. Is this fixable?
-
There's a reason "All" is "recommended". ;) The firewall rules will take care of keeping people on WAN away.
Long version: "All" does not mean each interface individually. It means listen on INADDR_ANY which is semantically completely different and way more robust, e.g. if interfaces come up late, change their addresses, etc.
-
Okay, thanks for your reply. But so far it has worked wonderfully with the restriction to LAN only.
-
It basically works until it doesn't. The dialog that says "I know what I am doing" is probably still not being considered for what it is.
Cheers,
Franco