I had been running Suricata in IDS mode on the wan interface for several days without problems and things looked reasonable for the rules I had selected, so today I tried to enable IPS mode. This killed my IPv6 connectivity. It looks like IPS mode causes a restart of the wan interface. From the syslog,
Apr 25 19:45:31 kernel: igb0: link state changed to DOWN
Apr 25 19:45:31 opnsense: /usr/local/etc/rc.linkup: DEVD Ethernet detached event for wan
Apr 25 19:45:32 opnsense: /usr/local/etc/rc.newwanipv6: IP renewal is starting on 'igb0'
Apr 25 19:45:32 opnsense: /usr/local/etc/rc.newwanipv6: On (IP address: ) (interface: WAN[wan]) (real interface: igb0).
Apr 25 19:45:32 opnsense: /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]
Apr 25 19:45:32 opnsense: /usr/local/etc/rc.linkup: Clearing states to old gateway 68.xxx.xxx.xxx.
Apr 25 19:45:35 kernel: igb0: link state changed to UP
Not a lot of chance of a renew when the link is down. In rc.newwanipv6 it defers the renew if booting. Should similar logic be applied if the interface is down?
Yes! There is already a thread open --> https://forum.opnsense.org/index.php?topic=7666.0
I still had not time to debug and spend some more informations about it.
Thanks for the pointer....my google-foo failed me (I do try and search before starting a new thread).
I'll follow the other thread. Thanks again.