Messages

[24.7.1-icmp2]

With 24.7.1-icmp2 i still have problems on the ipv6 link.

sometime packetloss on all ipv6 addresses ... ipv4 is working.

16 bytes from 2a00:1450:4001:81c::2003, icmp_seq=60 hlim=117 time=5.803 ms
16 bytes from 2a00:1450:4001:81c::2003, icmp_seq=61 hlim=117 time=5.750 ms
16 bytes from 2a00:1450:4001:81c::2003, icmp_seq=62 hlim=117 time=5.698 ms
16 bytes from 2a00:1450:4001:81c::2003, icmp_seq=63 hlim=117 time=5.712 ms
16 bytes from 2a00:1450:4001:81c::2003, icmp_seq=79 hlim=117 time=2081.821 ms
16 bytes from 2a00:1450:4001:81c::2003, icmp_seq=80 hlim=117 time=1028.673 ms
16 bytes from 2a00:1450:4001:81c::2003, icmp_seq=81 hlim=117 time=10.623 ms
16 bytes from 2a00:1450:4001:81c::2003, icmp_seq=82 hlim=117 time=5.689 ms
16 bytes from 2a00:1450:4001:81c::2003, icmp_seq=83 hlim=117 time=5.617 ms
16 bytes from 2a00:1450:4001:81c::2003, icmp_seq=84 hlim=117 time=5.603 ms

16 bytes from 2a01:xx icmp_seq=50 hlim=58 time=13.888 ms
16 bytes from 2a01:xx, icmp_seq=51 hlim=58 time=13.758 ms
16 bytes from 2a01:xx, icmp_seq=52 hlim=58 time=13.216 ms
16 bytes from 2a01:xx, icmp_seq=53 hlim=58 time=13.322 ms
16 bytes from 2a01:xx, icmp_seq=70 hlim=58 time=1412.567 ms
16 bytes from 2a01:xx, icmp_seq=71 hlim=58 time=367.940 ms
16 bytes from 2a01:xx, icmp_seq=72 hlim=58 time=13.363 ms

With 24.7.1-pf4 and 24.7 Kernel no issues. Switch back to 24.7.1-icmp2 and the issue are back.

My bet is on https://www.freebsd.org/security/advisories/FreeBSD-SA-24:05.pf.asc which pulled in hundreds of lines of changes in the pf ICMP handling code. I've seen it previously pass by on stable/14 and I wasn't planing to merge it right away, but the SA tipped the scale in favour of including it.

# opnsense-update -kr 24.7

If the old kernel works it's probably that.


Cheers,
Franco

With the old kernel it works again as it should.

OK, now it works with the patch.

An option in the interface must have been deactivated during my tests.

After set "Use IPv4 connectivity" on DHCPv6 client configuration, the ipv6 connection is work again.

After reboot both WAN connections comes up with ipv6  :)

I have test the patch from another ipv6 issue thread => opnsense-patch 287c13beb

ipv6 still does not work after a reboot, on the second wan interface


interface pppoe0

pppoe0: flags=1008ad1<UP,POINTOPOINT,RUNNING,NOARP,ALLMULTI,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1492
        description: VDSL (opt6)
        options=0
        inet 87.x.x.x --> 62.x.x.x netmask 0xffffffff
        inet6 fe80::x:x:x:x%pppoe0 prefixlen 64 scopeid 0x30
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

I have the same issue after upgrade to 24.7

My Setup is Multi WAN with two Providers. Both offers ipv6.

Provider 1 via DHCPv6 => works without problems

Provider 2 via DHCPv6 on PPPOE => on boot time for very short time available and then disappears. (a wireguard tunnel is established over this connection via ipv6, for a very short period of time the connection to the wireguard endpoint works with this connection in boot process)

Restore to backup before upgrade to 24.7 => both connections running on ipv6.

I have now found this out.

/usr/local/etc/rc.newwanip

$cacheip_file = "/tmp/{$device}_oldip";

if (!is_ipaddr($ip)) {
    /* remove previously cached IP since it is gone */
    @unlink($cacheip_file);
    /*
     * Take care of OpenVPN and similar if you generate the event
     * to reconfigure an interface.  OpenVPN might be in tap(4)
     * mode and not have an IP address.
     */
    if (substr($device, 0, 4) != 'ovpn') {
        log_msg("Failed to detect IP for {$interface_descr}[{$interface}]", LOG_WARNING);
        return;
    }
}

The if statement is true and the cachefile is deleted.

This means that it can no longer be read for the states kill function.

As a workaround I have commented out the @unlink($cacheip_file). Then it works.

/usr/local/etc/rc.newwanip: IP renwal starting (new: 87.156.7.x, old: 87.144.15.x, interface: VDSL[opt6], device: pppoe0)   

Hi,

after Upgrade to 23.1 i noticed that the states on the second wan interface are no longerer reset, after IP renew.

I have seen that here the mechanism has been changed, and the function is now on rc.newwanip.

However the states is not reset here for my pppoe interface.

The log shows:

/usr/local/etc/rc.newwanip: IP renwal starting (new: 87.144.153.x, old: , interface: VDSL[opt6], device: pppoe0)   

here no cache ip is show.

The tmp file has the old ip

root@OPNsense:/ # cat /tmp/pppoe0_oldip
87.144.154.x

This now leads to problems with connections that always run over the second internet connection after the ip change.

Thanks,
Yoshi

ok, then I'll have to keep working with the tunnelbroker on WAN2.

Hello,

is this now working on 20.7 dev?

I have installed the dev version, but I cannot get IPv6 running on both WAN interfaces. IPv6 only runs on WAN1 with prefix delegation. The radvd.conf only shows the IPv6 prefix from WAN1.

WAN1 -> Cable Provider with "static" IPv6. Changes only with new DUID.
WAN2 -> DSL over PPPoE with dynamic IPv6. The prefix changed on every reconnect.

Thanks,
Yoshi