Messages

Maybe you are using similar hardware?

Hardware is a Hunsn fanless mini-PC like this one. Brand new. I can't say if the upgrade 22.1.7 was a factor in my case because I've only had it for a month so I was probably on that version from the beginning.

I will try unplugging/reconnecting the WAN cable the next time it happens. I'd prefer not to change the bridge config, since I don't really want another piece of hardware there, but assuming it's the same root cause for @BillyMcSkintos it sounds like that won't make a difference anyway.

It's a pretty simple setup: LAN is a bridge consisting of 5 physical interfaces (em1-em5). WAN is em0 and uses DHCPv4 and v6 to get network config from the upstream ISP. I am not using VLANs.

Hi all,

I'm having an issue in which I lose WAN connectivity seemingly at random every few days. OPNsense web GUI and SSH are still accessible and WAN interface link is up with both IPv4 and IPv6 addresses. In fact, everything looks fine in the web console other than no traffic getting in from or out to the Internet. I try pinging google.com by name and IP address from interface diagnostics, and it doesn't work. Also, tried releasing/renewing WAN IP and restarting various services. Nothing. Eventually I have to reboot OPNsense to get connectivity back.

I looked at various logs under /var/system and found nothing obvious except in dmesg where I see a bunch of messages like:

cannot forward from 2601:190:402:89d1:9465:5aff:fee3:9bd4 to fe80:b::c4c7:78ff:fe35:1b3b nxt 58 received on bridge0
cannot forward from fe80:b::603a:46ff:fefd:b9e4 to fe80:b::6892:2aff:fe98:7c53 nxt 58 received on bridge0
cannot forward from fe80:b::603a:46ff:fefd:b9e4 to fe80:b::6892:2aff:fe98:7c53 nxt 58 received on bridge0
cannot forward from 2601:190:402:89d1:9465:5aff:fee3:9bd4 to fe80:b::c4c7:78ff:fe35:1b3b nxt 58 received on bridge0
cannot forward from fe80:b::9465:5aff:fee3:9bd4 to fe80:b::c4c7:78ff:fe35:1b3b nxt 58 received on bridge0
[...]


Seems like this is a symptom, though, not a cause.

Any suggestions on things to try or places to look next?

[Enable link-local address]

I was having a similar issue. Clients weren't getting an IPv6 address from my bridged LAN interface. Solved it by going to bridge settings, turning on Enable link-local address, reboot, and it works.  :)

[Enable link-local address]

Solved! :D I was beginning to suspect it had something to do with the fact that my LAN interface is a bridge. That led me to a Clients don't get an IPv6 address thread and a VLAN on bridge problem thread, which led me to take a closer look at my bridge settings. There, I found a setting labeled Enable link-local address. 💡 Enabled that, rebooted, and like magic, my clients are getting IPv6 addresses now. Yay!

Hi all.

I followed this guide to set up IPv6 with my Comcast Xfinity ISP. On the WAN side, I'm using a prefix delegation size of 60. On the LAN side, I've got IPv6 configuration set to Track Interface (WAN) and I turned on RA ("Assisted") and DHCPv6 server. The WAN is getting an IPv6 address and a delegated prefix from the ISP, and the LAN interface is getting an IPv6 address with that prefix. In the diagnostics, ping6 works. All this is great and wonderful!

Now, the problem: None of my clients on the LAN are getting IPv6 addresses (other than link-local). I can see the solicitations go out from one of my Linux hosts, but there is no reply from the router. If I manually configure the host with an IPv6 address in the range, it works fine (19 out of 20 tests pass on https://ipv6-test.com) so it seems to be just the DHCP and/or RA service that's not working. What can I look at to troubleshoot?

Thank you!