OPNsense Forum
English Forums => 23.7 Legacy Series => Topic started by: danderson on November 09, 2023, 04:14:51 pm
-
Warning wireguard /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: The required GATEWAY NAME IPv6 interface address could not be found, skipping.
But also, radvd, dhcpv6, and gateway monitor, will all not start. Previously I had a static entry in the interface, but removed it after the last update so that the WG tunnels would come up/online on boot. Nothing changed and with ifconfig i do see the ipv6 addresses, but it appears the other services no longer think the int has an IP.
In gateways, when applying the config with 0 changes as before, the warning/error is: The following input errors were detected:
Cannot add IPv6 Gateway Address because no IPv6 address could be found on the interface.
But clearly the interface has an IP.
wg1: flags=80c1<UP,RUNNING,NOARP,MULTICAST> metric 0 mtu 1420
options=80000<LINKSTATE>
inet6 fd93:xx:xx:xx::6 prefixlen 126
inet6 fe80::6%wg1 prefixlen 64 scopeid 0x12
groups: wg wireguard
nd6 options=103<PERFORMNUD,ACCEPT_RTADV,NO_DAD>
-
This change:
https://github.com/opnsense/core/commit/a40dd50aec6
# opnsense-patch a40dd50aec6
Something needs refinement, but a primary IPv6 is not a ULA...
Cheers,
Franco
-
Franco,
opnsense-patch a40dd50aec6 fixed the issue, so looks like it reversed the commit and I was able to start all services and everything is working as normal.
The site where its running doesnt have GUAs, so its running ULAs with VTI, frr didnt have an issue and was still sending BGP routes, but no RA for clients or DHCP & Gateway, also rule based routing didnt work. But again all working with reverting the commit.
Unknown how to make it work with ULA with the commit going forward.
-
I think I know a way but it needs a bit of tinkering in the lab before posting it.
Cheers,
Franco
-
thanks, hit me up when you want/need testers
-
Will do.
Can you mark this WORKAROUND instead of SOLVED?
-
done
-
I seem to have a similar issue with gateways. I'm not sure how to trace this one down.
Upon upgrade to 23.7.8 all looked fine from webui. All services started up, but machines connected the router had sporadic internet. I noticed DHCPv6 seemed to restart a couple times then stay running but machines behind the gateway where having a hard time connecting to sites. ie: Some sites worked, some don't. FW logs looked fine. Packets didn't appear to be dropped.
The only real clue was DHCP restarting. I took a look at the logs and saw the same log entries as mentioned here.
2023-11-09T14:35:40-07:00 Warning opnsense /usr/local/etc/rc.bootup: The required WAN_6RD IPv6 interface address could not be found, skipping.
2023-11-09T14:35:40-07:00 Warning opnsense /usr/local/etc/rc.bootup: Skipping gateway WAN_6RD due to empty 'gateway' property.
I applied the patch in this thread, restarted, still the same behavior. I went into gateways and reapplied the same settings and machines behind the router started working properly again on both ipv4 and ipv6.
I can reproduce the problem by restarting the router. I can go back into gateways and reapply the settings to fix it.
Is there any other information I can gather and provide here?
-
My issue on gateways and the other services were fixed with the patch and works on reboot as well. ULA on the gateways and interfaces.
-
Also same problems here.
Cannot start dhcpd6 and radvd:
/usr/local/sbin/pluginctl: dhcpd_dhcp6_configure() found no suitable IPv6 address on lan(igc1)
I am using only ULAs in my LAN and i am using NAT (yes on IPv6) to hide my internal network topology. So the "no suitable IPv6 address" is an ULA within the fd00::/8 block.
Can't try and install the patch right now because it's late in germany ;-)
-
Same problem here.
Updated to the newest version (23.7.8) some hours ago and noticed DHCPv6 and radvd not starting up.
opnsense-log would always say /services_dhcpv6.php: dhcpd_dhcp6_configure() found no suitable IPv6 address on <interface>.
Additionally, the radvd configuration was empty even though radvd was enabled on multiple interfaces.
While debugging, I also noticed that interfaces_primary_address6 would always return empty strings.
Applying (or reverting) the patch worked without problems and both radvd and DHCPv6 would start up again.
I am also using ULAs for my interfaces and then use NAT (though mostly because the WAN-side only gets a /64 prefix).
Thank you for providing this workaround.
-
Same here.
I mean, WHY is something like that going live without further testing ?. Patch / Workarround applied and fine so far.
...
And yes, also NAT6 + ULA. + Wireguard with ULA, too
-
> I mean, WHY is something like that going live without further testing ?
It hasn't. It wasn't.
https://github.com/opnsense/core/issues/6939
Cheers,
Franco
-
As promised here is the proposal (v2):
https://github.com/opnsense/core/commit/cd808e3152
On 23.7.8:
# opnsense-revert opnsense && opnsense-patch cd808e3152
Cheers,
Franco
-
Approach seems to work, too. Applied, rebootet and all gateways are there as it should :)
-
Thanks, glad to hear.
-
Franco, this worked for me and after revert to normal and updated commit code all services started for V6 and worked as expected.
As promised here is the proposal:
https://github.com/opnsense/core/commit/0adf8a2bb
On 23.7.8:
# opnsense-revert opnsense && opnsense-patch 0adf8a2bb
Cheers,
Franco
-
it works
RADVD is ok for me
-
As promised here is the proposal:
https://github.com/opnsense/core/commit/0adf8a2bb
On 23.7.8:
# opnsense-revert opnsense && opnsense-patch 0adf8a2bb
Cheers,
Franco
Thanks, I had the same issues and applying that patch restored my IPv6 connectivity.
-
Just to add that I tested the patch too and everything looks fine and working normally.
One quick question tho: do we need to revert the patch before the next update, or a normal update will work without issues?
-
Dear all,
just for your information,
applying # opnsense-revert opnsense && opnsense-patch 0adf8a2bb didn't work for me.
Only with # opnsense-patch a40dd50aec6 I could restart DHCPv6 and radvd again.
br
-
for me it totally f'ed up the system.
rebooting took forever. webui failed to start. pppoe dialer didn't set the default route.
Management Interface is a loopback on the System with an ULA.
-
While your description isn't helpful in pinning this down I found another bug yesterday that could be what you are seeing since usort() was used but uasort() required:
https://github.com/opnsense/core/commit/29d456e877
I've edited the proposed patch message accordingly.
Keep in mind opnsense-patch will cache and revert patches even without connectivity so recovery is trivial.
Cheers,
Franco
-
So rerunning
opnsense-revert opnsense && opnsense-patch 0adf8a2bbFor the included uasort fix?
EDIT:
i did the following
opnsense-revert opnsense && opnsense-patch 0adf8a2bb
rebooted after this and the same issue as before. WebUI failed and so on.
applied opnsense-patch 29d456e877 and another reboot. radvd and dhcpv6 are up, dpinger on ULA WG Interfaces is running, looks good. I will give it a try on a remote system with ULA only.
-
Yeah, 0adf8a2bb is the one without 29d456e877 so in this case you need both. The single commit is cd808e3152.
I did edit my message accordingly, but I haven't edited everyone quoting me after that so they still have the partial commit in my quoted reply.
Cheers,
Franco
-
Yeah, 0adf8a2bb is the one without 29d456e877 so in this case you need both. The single commit is cd808e3152.
I did edit my message accordingly, but I haven't edited everyone quoting me after that so they still have the partial commit in my quoted reply.
Cheers,
Franco
Applying both seems to work fine.
don't know if this is related to it but i see Messages on screen and in System Log:
pfr_update_stats: assertion failed.
-
pfr_update_stats: assertion failed.
I think that has been going on for years with no operational impact.
Cheers,
Franco