After todays update I see the following in my logs and others have reported issues with ipv6
radvd can't join ipv6-allrouters on vlan07
radvd can't join ipv6-allrouters on vlan06
radvd can't join ipv6-allrouters on vlan05
radvd can't join ipv6-allrouters on vlan04
radvd can't join ipv6-allrouters on vlan01
radvd can't join ipv6-allrouters on vlan03
radvd can't join ipv6-allrouters on vlan02
radvd can't join ipv6-allrouters on em0
also seeing:
vlan02 received RS or RA on vlan02 but vlan02 is not ready and setup_iface failed
radvd service is definitely broke. This results in ipv6 clients not able to receive default gateway.
I hope this will be fixed with a hotfix-patch.
I had to revert to 23.1.3
It works there.
I'm sure it's https://github.com/opnsense/core/commit/38049e4ea8 -- can you try?
# opnsense-patch 38049e4ea8
We've had this problem for years and I could never reproduce locally but it seems to be buggy in radvd/FreeBSD to this day. Bummer, because the HUP does prevent spurious disconnects and worked fine over here.
Cheers,
Franco
hi,
patch works for me.
Thanks!
Markus
I just applied patch and it seems to work for me too.
Some obversations before I patched: After updated to 23.1.4 the radvd worked fine, until I restarted radvd. So that was why it initially worked for earlier.
Well if you restart on 23.1.4 it doesn't restart anymore which surfaces the issue. A stop/start works for a bit.
I'll issue a hotfix in a couple of minutes for this and try to debug this in the kernel tomorrow.
Thanks,
Franco
Reconsider switching from rather Linux centric radvd to FreeBSD native rtadvd, possibly?
I still think there is a kernel problem actually. It might be the same for rtadvd. The socket code for joining the multicast group is the same.
Cheers,
Franco
Looks like radvd patching should suffice to bring back SIGHUP in 23.1.5:
https://github.com/opnsense/ports/commit/3dfe2537fb9
Cheers,
Franco
Hello Franco,
with the Hotfix 23.1.4_1 my IPv6 work fine now, thanks. But i had a 503 Service Unavailable Error. I think i have found the issue:
System -> Settings -> Administration -> Listening Interfaces
My settings was only on LAN-Interface. After Upgrade to 23.1.4(_1) i received the 503 Service unavailable Error on OPNsense Web Interface. Now i have set to All (recommended) and the issue is gone. Is this fixable?
There's a reason "All" is "recommended". ;) The firewall rules will take care of keeping people on WAN away.
Long version: "All" does not mean each interface individually. It means listen on INADDR_ANY which is semantically completely different and way more robust, e.g. if interfaces come up late, change their addresses, etc.
Okay, thanks for your reply. But so far it has worked wonderfully with the restriction to LAN only.
It basically works until it doesn't. The dialog that says "I know what I am doing" is probably still not being considered for what it is.
Cheers,
Franco