Messages

You're correct that dhcp6d won't run when dhcrelay is running on the same interface.

I was more concerned by the fact that it doesn't seem to listen on specific interfaces, but it appears that the SO_REUSEADDR socket option would allow both to listen on the same port at the same time.

So, have you tried a packet capture (for port 547) on the interface that the DHCP server is routed through?

I did, and I saw the DHCPv6 solicit and relay-forward messages. No response from the server though.

Yep, under 'System: Diagnostics: Services', there are two dhcrelay services, one each of DHCPv6 for both opt1 (vlan01) and opt2 (vlan02). Both those are running. A screenshot of 'Services: DHCRelay: Configuration' is attached. You're correct that dhcp6d won't run when dhcrelay is running on the same interface.

I noticed a couple weeks ago that clients connected to my VLANs weren't receiving IPv6 addresses from my Windows DHCP servers. They do receive IPv4 addresses just fine. I think the Windows DHCP servers are configured correctly, so I'm wondering if there's something wrong with my OPNsense system. I have router advertisements set to 'Managed' for the LAN (clients there get assigned IPv6 addresses without any issues) and the two VLANs. 'Advertise Default Gateway' is checked, no route advertisements are specified, and 'Do not send any DNS configuration to clients' is checked. But, if radvd is set to 'Assisted', 'Unmanaged', or 'Stateless', the VLAN clients will get IPv6 addresses using SLAAC, not through the Windows servers though. DHCRelay is configured with the IPv4 and IPv6 addresses of the two Windows DHCP servers. I use Ubiquiti Networks Unifi switches, and DHCP snooping is disabled for both VLANs. 'Rogue DHCP Server Detection' is also disabled. A packet capture shows that there are DHCPv6 solicitations that are being transmitted from the clients (destination of ff02::1:2). Am I missing something here?

Thanks!

I'm using an AT&T residential gateway in passthrough and am using a DHCPv6 client configuration file override to get a few IPv6 prefix delegations. Since AT&T's gateway device clears all prefix delegations when it is rebooted, I lose IPv6 connectivity until I do a manual reset of the WAN interface in the OPNsense GUI, either by disabling and reenabling the WAN interface, or by doing a quick 'Save' and 'Apply changes'. IPv6 is restored, because the configuration file is reloaded, and OPNsense re-requests the delegations.

Is there any way to have this process happen automatically when OPNsense sees that the WAN connection is dropped and reestablished?

Thanks!

I've come over from pfSense, and I was wondering if OPNsense is planning on adding ChaCha20-Poly1305 as a supported IKEv2 cipher suite, and maybe accelerating it using the Intel multi-buffer crypto for IPsec library. I use both Wireguard and IPsec for VPNs.

The problem is in FreeBSD 13.2. A FreeBSD 14.0 guest works with this card passed through without problems. I verified this by booting both ISO install images.

Hello!

I was trying out OPNSense running under Hyper-V on Windows Server 2022 with an Intel X710-T4L using PCI passthrough for two out of the four ports. I get this error message, and while the system boots, I have no network interfaces:

Code Select Expand

ixl0: PF reset failure I40E_ERR_RESET_FAILED

This occurs with both ixl0 and ixl1 when booting either 23.7 Production, or 24.1 Development. A screenshot is attached.

Is there a way to fix this?

Thanks!