Messages

And of course that wasn't the fix at all. Tried pretty much everthing, but apparently is the intel 226-v Nic combined with freebsd and QUIC a very poor combination. Apparently, linux handles it nicely enough so it isn't noticed, but freebsd doesn't and exposes the problem.

I can't be the only one facing this problem with this Nic, ipv6 and QUIC. I know, I know, just block UDP 443 and everything is fine. But that's just a quick and dirty trick. Would be nice if this could be handle nicely by freebsd.

Just to answer my own question, took me quite some time to figure it out but my instagram\Facebook problems (QUIC\hhtp3) on ipv6 were a DTIM setting issue. For some reason I set DTIM to 1 and this choked insta\Facebook horribly. DTIM 3 fixed it entirely.

Hahaha, completely misread what configuring the wan would do. Thought it would delegate everything I would set there through to my lan part. My bad, thanks so much! Another thing learnt today.

And yes, I wanted to acces my WAN and not my LAN but couldn't figure it out as my way of thinking was completely wrong:)

Thanks!

Hi all,

Trying to understand the possibilities to get wireguard road-warrior setup working on my setup which only gets an ipv6-pd and a LL on WAN. If I specify a VIP on the WG interface everything works as expected (reachable from the internet). However, if (probably not often but beter safe than sorry) the prefix changes the VIP isn't correct anymore. Is there any other way to point a GUA to the wireguard interface which changes when the prefix changes? As the wireguard interface itself can't be appointed an IP type (so it can't follow the WAN interface for a prefix) I am kinda lost wat would work. ULA isn't really the way to go as it can't be accessed from the Internet. NAT66\nptv6 popped up but also here I can't really get a grasp on how to make this work. So kinda lost here.

Any help greatly appreciated!

Kind regards, Jay

Hi folks,

Trying to wrap my head around an issue I can't seem to pin down. I wanted to use ipv6 on my network (tried it couple a years ago and gave me a headache), setup up basic stuf without a problem. IPv6PD WAN gets LL address and on LAN track WAN interface and every vlan gets its own little piece of the ipv6 pie. Nothing fancy there. Unbound listens nicely to all interfaces on both ipv4 and ipv6. Also enabled tayga (and dns64 in unbound) just to be complete as my iot vlan is unfortunately not completely ipv6 and I wish my main vlan to be ipv6-only.

As soon as I disable ipv4 (or use the dhcp 108 to push my apple devices to ipv6) my loading times on websites increase significantly. Funny thing is that Facebook and instagram pretty much don't load any more or extremely slow (takes 30s). Can't figure out why. Ping6 to the outside world works. Funny thing is that traceroute6\UDP and ICMP seems to time out after several hops (for google sometimes it does sometimes it doesn't, for instagram it always times out after couple of hops). Tried several things to track down what was happening. Also tried to mess with MTU as I use a pppoe/vlan connection as advised elsewhere on the forum. Ifconfig shows mtu 1500 for the WAN so that would be okay (but could be wrong). Another thing that might be a possible tell tale is that RA gives the ll address of the router. If I manually change that on my MacBook to the gua address of my router most problems seem to disappear. But can't really wrap my head around that what might cause the issue.

Any ideas what's happening? Any help would be greatly appreciated as I am going crazy after debugging it for a week.

Kind regards, Jay

@Nevermind, rookie mistake. Switches weren't yet setup to handle ipv6 duh...

@@Okay http3/quic also seems to be an issue, blocking it all together made stuf like instagram run smooth again with ipv6.

@@@ problem seems to be slaac related. If is switch to dhcpv6 i never get buffering issues and as soon as i switch to anything with slaac it grinds down the connectivity. Seems to be a sort of known issue with ios devices on slaac. Apparently the slaac rdnss with time 1800 and device goes to sleep it looses its dns server. So extending the time should fix it if you really want or need slaac. Will check if it fixes everything with slaac. At least dhcpv6 works😬

Ah my bad, should've look better! But thanks for pointing me to the right thread!

Hi guys,

I got some trouble with sensei. I've got OPNSense 22.1.4.1 running without any problem so I thought. But I just found out that sensei is hanging at the initializing screen. Reinstalled it twice to no avail. One thing I did notice during reinstall is the message: peg: no package(s) matching os-sensei-agent. Not sure if this is new\unrelated or the problem. Any ideas or something I am missing here? Worked fine until now...

Thanks for the help!

Jay

Hi guys,

Having the same problems. DDclient won't work for me if set to monitor interface WAN or if set to noip-ipv4 or 6 nor if set to dyndns. It does however work if set to freedns.

Nice add on would be if we could see the retrieved ip address the same as with the legacy ddns client.

KR JeeKee