Show Posts
1
22.7 Legacy Series / Yet another post about IPv6 connectivity loss after upgrading OPNsense
« on: September 17, 2022, 01:44:27 pm »
Having used OPNsense for five years without any major issues, I have witnessed for myself a sharp downturn in OPNsense update reliability over the last six months or so. To now be in the situation where I am extremely apprehensive to upgrade my OPNsense router firmware - my main entry point onto the internet - due to recent upgrades breaking things is not a great place to find myself.
An upgrade towards the end of the 21.7 release simply broke IPv6. Many people have reported this across many different forums, but with seemingly no reliable fix available. Trying the various suggestions that usually involved rolling back individual packages or patching and recompiling source code proved to be a futile and time wasting exercise. Only a fresh install to 22.7.0 resulted in restoration of IPv6 connectivity after several months for me.
Lo and behold, after enjoying a couple of months of stability with 22.7.x, the upgrade to 22.7.4 has broken IPv6 again. Diagnosing the situation shows that:
Short of re-installing 22.7.0 and not updating it, does anyone have a more sensible suggestion of what to diagnose next?
Thanks.
An upgrade towards the end of the 21.7 release simply broke IPv6. Many people have reported this across many different forums, but with seemingly no reliable fix available. Trying the various suggestions that usually involved rolling back individual packages or patching and recompiling source code proved to be a futile and time wasting exercise. Only a fresh install to 22.7.0 resulted in restoration of IPv6 connectivity after several months for me.
Lo and behold, after enjoying a couple of months of stability with 22.7.x, the upgrade to 22.7.4 has broken IPv6 again. Diagnosing the situation shows that:
- IPv4 connectivity is working flawlessly everywhere.
- IPv6 connectivity is working flawlessly from the OPNsense terminal - external hosts connectivity, DNS resolution, IPv6 address assignment, traceroutes to public IPv6 addresses, etc
- Publicly routable temporary IPv6 addresses within my assigned /48 are being successfully assigned to my LAN clients.
- Link-local IPv6 addresses are working within my LAN and local clients can ping each other.
- All clients on my LAN receive default IPv6 gateways - a fe80: and a 2a02: address belonging to the OPNsense host - both addresses are pingable by all LAN clients.
- Traceroutes from my LAN clients to any public internet IPv6 address all fail after the first hop to the OPNsense host.
- Temporarily relaxing firewall rules to allow the free flow of all IPv6 packets has no effect.
Short of re-installing 22.7.0 and not updating it, does anyone have a more sensible suggestion of what to diagnose next?
Thanks.