31
22.1 Legacy Series / Re: HE.NET GIF tunnel never comes up.
« on: March 30, 2022, 06:20:56 am »Code: [Select]
# Skipping addressless interface lan
Lan has a static v6 address as well as a VIP assigned to it.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
# Skipping addressless interface lan
interface sfxge0_vlan100 {
AdvSendAdvert on;
MinRtrAdvInterval 200;
MaxRtrAdvInterval 600;
AdvLinkMTU 1500;
AdvDefaultPreference medium;
AdvManagedFlag on;
AdvOtherConfigFlag on;
prefix xxxx:yyy:zzzz:a0::/64 {
DeprecatePrefix off;
AdvOnLink on;
AdvAutonomous on;
};
prefix fd4a:ea50:349f:a0::/64 {
DeprecatePrefix off;
AdvOnLink on;
AdvAutonomous on;
};
RDNSS xxxx:yyy:zzzz:a93c::53 {
};
DNSSL mydomain.net {
};
};
# Generated for DHCPv6 server opt2
Note: Replaced some real ips with xxxx:yyy:zzzz and mydomain.net to replace my real domain.
If something doesn't stick out on this, I can see exactly when my config disspears between 21.7.8 and 22.1.4 by pulling the config after upgrading to each version.
Let me know if you want me to do that.
5SF
opnsense-patch 429b60c26
and see if that fixes the radvd issue?Hi,
I was away with the family for a couple of days. I got your mail to be processed when I have crawled through all open mails and forum posts from the last week.
So with 22.1.2(_1) I prepared a backport for 22.1.3 and tested it a few times:
https://github.com/opnsense/core/commit/429b60c26
That should be the gist of your issue taken care of and you can easily try it out after upgrading to the 22.1.2 release (not development) and issuing:
# opnsense-patch 429b60c26
If you think that works we will go ahead and include it in 22.1.3 and the bonus is the unbound changes are not in 22.1.x yet so it keep working until we fix that one in another feature update or maybe 22.7 itself. Not sure yet.
Cheers,
Franco
tcpdump -n -i sfxge0_vlan100 icmp6 and 'ip6[40] = 134'
should get ras, but it never captures any, even after several minutes or after restarting radvd.root@edge01:/var/log/routing # ps aux | grep radvd
root 7566 0.0 0.0 12724 2332 - Ss 22:13 0:00.03 /usr/local/sbin/radvd -p /var/run/radvd.pid -C /var/etc/radvd.conf -m syslog
<28>1 2022-03-21T22:27:21-05:00 edge01.mydomain.net radvd 87550 - [meta sequenceId="441"] exiting, 1 sigterm(s) received
<30>1 2022-03-21T22:27:21-05:00 edge01.mydomain.net radvd 87550 - [meta sequenceId="442"] sending stop adverts
<30>1 2022-03-21T22:27:21-05:00 edge01.mydomain.net radvd 87550 - [meta sequenceId="443"] removing /var/run/radvd.pid
<30>1 2022-03-21T22:27:21-05:00 edge01.mydomain.net radvd 87550 - [meta sequenceId="444"] returning from radvd main
<30>1 2022-03-21T22:27:21-05:00 edge01.mydomain.net radvd 28834 - [meta sequenceId="445"] version 2.19 started
<27>1 2022-03-21T22:27:24-05:00 edge01.mydomain.net rtsold 76016 - [meta sequenceId="446"] <call_script> write to child failed: Broken pipe
static ipv6 in my area with comcrap business doesn't work due to known firmware issues with their CPE in my area: https://etc-md.com/2021/07/28/the-comcast-business-ipv6-issue-resolved/except my internal interfaces get....nothing. I have noticed when I switch modems the BSD based firewalls then do ipv6 correctly but then I lose connectivity every 3-5 minutes for about 5-20 seconds. When I plug a laptop or desktop directly into the modem however everything works fine. it's only opn(and PF)sense that have this weird behavior. This latest version it went from partially working to nothing at all.
If you are on comcast business, and have static /56, one of the /64's is going to be on your wan interface. Try requesting /59 on your wan interface, and then try assigning 0x1 to one of your internal interfaces and "track interface" of your wan connection. This is working for me.
Also comcast is now requiring you sue their cpe for ALL installs or they charge you what's know as the rack rate which is roughly double what you'll pay under a "promotion"
<11>1 2022-03-19T23:59:26-05:00 edge01.mydomain.net opnsense 532 - [meta sequenceId="52"] /usr/local/etc/rc.bootup: There were error(s) loading the rules: /tmp/rules.debug:580: syntax error - The line in question reads [580]: pass in quick on sfxge0_vlan99 route-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) reply-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) inet6 proto ipv6-icmp from {(sfxge0_vlan99:network)} to {any} keep state label "c76413485ed2ae88121270a76c0ee3fa" # : ICMP v6
<11>1 2022-03-19T23:59:28-05:00 edge01.mydomain.net opnsense 65537 - [meta sequenceId="56"] /usr/local/etc/rc.filter_configure: There were error(s) loading the rules: /tmp/rules.debug:580: syntax error - The line in question reads [580]: pass in quick on sfxge0_vlan99 route-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) reply-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) inet6 proto ipv6-icmp from {(sfxge0_vlan99:network)} to {any} keep state label "c76413485ed2ae88121270a76c0ee3fa" # : ICMP v6
<11>1 2022-03-19T23:59:32-05:00 edge01.mydomain.net opnsense 88213 - [meta sequenceId="10"] /usr/local/etc/rc.routing_configure: There were error(s) loading the rules: /tmp/rules.debug:586: syntax error - The line in question reads [586]: pass in quick on sfxge0_vlan99 route-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) reply-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) inet6 proto ipv6-icmp from {(sfxge0_vlan99:network)} to {any} keep state label "c76413485ed2ae88121270a76c0ee3fa" # : ICMP v6
<11>1 2022-03-19T23:59:33-05:00 edge01.mydomain.net opnsense 87533 - [meta sequenceId="15"] /usr/local/etc/rc.newwanipv6: There were error(s) loading the rules: /tmp/rules.debug:586: syntax error - The line in question reads [586]: pass in quick on sfxge0_vlan99 route-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) reply-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) inet6 proto ipv6-icmp from {(sfxge0_vlan99:network)} to {any} keep state label "c76413485ed2ae88121270a76c0ee3fa" # : ICMP v6
<11>1 2022-03-19T23:59:34-05:00 edge01.mydomain.net opnsense 41080 - [meta sequenceId="23"] /usr/local/etc/rc.routing_configure: There were error(s) loading the rules: /tmp/rules.debug:586: syntax error - The line in question reads [586]: pass in quick on sfxge0_vlan99 route-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) reply-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) inet6 proto ipv6-icmp from {(sfxge0_vlan99:network)} to {any} keep state label "c76413485ed2ae88121270a76c0ee3fa" # : ICMP v6
<11>1 2022-03-19T23:59:37-05:00 edge01.mydomain.net opnsense 20 - [meta sequenceId="25"] /usr/local/etc/rc.filter_configure: There were error(s) loading the rules: /tmp/rules.debug:586: syntax error - The line in question reads [586]: pass in quick on sfxge0_vlan99 route-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) reply-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) inet6 proto ipv6-icmp from {(sfxge0_vlan99:network)} to {any} keep state label "c76413485ed2ae88121270a76c0ee3fa" # : ICMP v6
<11>1 2022-03-19T23:59:48-05:00 edge01.mydomain.net opnsense 92965 - [meta sequenceId="33"] /usr/local/etc/rc.filter_configure: There were error(s) loading the rules: /tmp/rules.debug:586: syntax error - The line in question reads [586]: pass in quick on sfxge0_vlan99 route-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) reply-to ( sfxge0_vlan10 fe80::d094:2eff:fec4:27d2 ) inet6 proto ipv6-icmp from {(sfxge0_vlan99:network)} to {any} keep state label "c76413485ed2ae88121270a76c0ee3fa" # : ICMP v6