Messages

Hmm ... I checked "Send IPv6 prefix hint" and that seemed to resolve my problem. Now my LAN clients are able to communicate with external hosts. Wow, I wonder if something got unchecked during the upgrade?

Hi all,

For some reason IPv6 has stopped working for LAN clients.

I am on OPNsense 19.7.9_1 and really nothing has changed except updating to 19.7.9_1 (from 19.7.8).
I have my WAN set to DHCP6 and LAN set to Tracking.

Previously I was able to hit IPv6 targets fine but now I get nothing.
I've tried the ol' toggle "Enable IPv6" in the Firewall -> Settings -> Advanced but that doesn't seem to help.
Perhaps a firewall rule is mucked up now?

My LAN rules related to IPv6 are only 1 in number:
IPv6 *    LAN net    *    *    *    *    *
Which shows IPV6-ICMP being blocked by the "Default Deny" rule.

I've tried setting this too no avail too:
IPv6 *    *    *    *    *    *    *
Which actually shows nothing in the live view / flat logs.

I am able to ping IPv6 addresses (typically only testing with ipv6.google.com) using the OPNSense ping diagnostic tools and am able to ping addresses from both the LAN and WAN nics.

Can anyone help / verify / sanity check? I am pretty sure my settings are correct ... (Comcast - Consumer).

Thanks!

*** EDIT
Filtered dhcp6c System -> Log Files General

Code Select Expand


Jan 12 19:43:36 dhcp6c[47703]: no responses were received
Jan 12 19:43:34 dhcp6c[47703]: no responses were received
Jan 12 19:43:21 dhcp6c[47703]: Sending Release
Jan 12 19:43:20 dhcp6c[47703]: Sending Release
Jan 12 19:43:13 dhcp6c[47703]: Sending Release
Jan 12 19:43:13 dhcp6c[47703]: Sending Release
Jan 12 19:43:10 dhcp6c: dhcp6c REQUEST on bge0 - running newipv6
Jan 12 19:43:10 dhcp6c[47703]: add an address 2001:558:60**:**:**:**:**:**/128 on bge0
Jan 12 19:43:10 dhcp6c[47703]: add an address 2601:281:82**:**:**:**:**:**/64 on bge1
Jan 12 19:43:10 dhcp6c[47703]: Received REPLY for REQUEST
Jan 12 19:43:10 dhcp6c[47703]: Sending Request


I just noticed this too.
Also, I noticed that this seems to prefer the IPv6 address on the LAN address serving DHCP on IPv4 as the entry for the nameserver. Which doesn't make any sense to me.

https://github.com/opnsense/update/blob/master/bootstrap/opnsense-bootstrap.sh#L139

Right here add "rm -f /var/db/pkg/*" -- there is actually no reason to keep this empty database around?


Cheers,
Franco

I can confirm this helped me get back up and running. Thanks Franco! I had a hardware failure (Fit-PC4) that caused me to loose the machine (crappy BIOS). I had to build a completely different machine and this really helped me get back on my feet.

Thanks for replying @franco. We'll keep an eye out for that release.
Any ideas on a work-around?

@MrHappyDude. Totally I can confirm your problem the exact error says:

Code Select Expand


Bootstrapping pkg from pkg+http://pkg.opnsesense.org/FreeBSD:11:amd64/17.1/latest, please wait..
Verifying signature with trusted certificate pkg.opnsense.org.20161210... done
pkg-static: warning: database version 34 is newer than libpkg(3) version 33, but still compatible
pkg-static: sqlite error while executing INSERT OR ROLLBACK INTO pkg_search(id, name, origin) VALUES(?1, ?2 || '-' || ?3, ?4); in file pkgdb.c:1544 no such table pkg_search


Can anyone help?

Have you tried my alternative method?

https://forum.opnsense.org/index.php?topic=4526.0

I am glad I helped someone! Yeah pulled out almost all my hair and killed a few brain cells trying to make this work. Spread the word! This is the only method (and by far the easiest) I have found that works 100%. I've built 3 other OpnSense firewalls since for work related needs using the same method and never looked back.

Like many of you, I was having trouble with the .img files for 16.7 and 17.x to install (or even boot for that matter).


It wasn't until I realized that it's probably easier to install the FreeBSD Release Mini-Memstick image and once that's finished simply follow the Opnsense-Bootstrap instructions here.
https://github.com/opnsense/update/blob/master/README.md

This method worked well and was very "Easy". I figured this out only after many hours trying to get the provided opnsense .img files (and .iso CDROM image) to boot. I wish I would had known about this to begin with because this process only took 30 minutes from start to finish with a OOB opnsense install.

Anyone else do it this way too?

I tried using Win32DiskImager as you suggested but couldn't get that to work either.
I attempted on both an Intel machine and an AMD machine. I tried using the nano server and each flavor using i386 and amd64.

Perhaps its my extract tool. I am using WinRAR to get to the img file. I was able to setup an Windows bootable usb stick (using the same stick and PCs). So ... something here is a-miss.

I am having the same problem.
I have tried to dd the image via a Linux shell. I've tried both win32diskimage and rufus to no success. Today I tried burning a cd-rom which came-out non-bootable.

The usb sicks would just but the machine (Fit-PC) into a boot-loop, but I have tested on my laptop with basically the same results. The best I can tell is the bootloader offset is not right?

Also, when I df -h the usb stick after my dd it only showed 24K used on the usb disk even though dd reported that everything was copied over.

Has anyone recently tried to install from the 16.7 image?