Clients get ipv6 addresses but don't reach Internet

Started by gunnarf, August 10, 2022, 06:26:38 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 10, 2022, 06:26:38 PM Last Edit: September 14, 2022, 09:55:16 AM by gunnarf
I just upgraded to 22.7.1 on my firewall with native ipv6 enabled. And the clients on the Lan doesn't get ipv6 addresses.

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.2.61  netmask 255.255.255.0  broadcast 192.168.2.255
        inet6 fe80::144c:494d:4836:2c33  prefixlen 64  scopeid 0x20<link>
        ether b8:27:eb:37:6f:4c  txqueuelen 1000  (Ethernet)
        RX packets 3466  bytes 729753 (712.6 KiB)
        RX errors 1  dropped 1  overruns 0  frame 0
        TX packets 3075  bytes 1900898 (1.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Nothing changed in the config.

It looks fine in the Dashboard. LAN gets the address it should.

UPDATE: I get address (it took some time but it appeared) for my tested client, but I can't ping hosts on the Internet.

I can ping the LAN interface on the router, but not further. And a traceroute6 to an external host gives only the LAN interface.
September 14, 2022, 09:56:40 AM #1
Update adding some log entries:

cat /var/log/system/system_20220905.log | grep -i ipv6
<11>1 2022-09-05T08:36:55+02:00 OPNsense.gflygt.se php 452 - [meta sequenceId="24"] /usr/local/etc/rc.bootup: ROUTING: IPv6 default gateway set to opt3
<11>1 2022-09-05T08:36:55+02:00 OPNsense.gflygt.se php 452 - [meta sequenceId="25"] /usr/local/etc/rc.bootup: ROUTING: skipping IPv6 default route
<11>1 2022-09-05T08:36:55+02:00 OPNsense.gflygt.se php 452 - [meta sequenceId="28"] /usr/local/etc/rc.bootup: Warning! dhcpd_dhcp6_configure() found no suitable IPv6 address on lan
<11>1 2022-09-05T08:36:55+02:00 OPNsense.gflygt.se php 452 - [meta sequenceId="29"] /usr/local/etc/rc.bootup: Warning! dhcpd_radvd_configure(manual) found no suitable IPv6 address on igb1
<11>1 2022-09-05T08:36:55+02:00 OPNsense.gflygt.se php 452 - [meta sequenceId="30"] /usr/local/etc/rc.bootup: Warning! dhcpd_radvd_configure(auto) found no suitable IPv6 address on igb2
<11>1 2022-09-05T08:36:57+02:00 OPNsense.gflygt.se php 452 - [meta sequenceId="42"] /usr/local/etc/rc.bootup: The WAN_ipv6 monitor address is empty, skipping.
<13>1 2022-09-05T08:36:58+02:00 OPNsense.gflygt.se dhcp6c 903 - [meta sequenceId="44"] dhcp6c REQUEST on igb0 - running newipv6
<11>1 2022-09-05T08:36:59+02:00 OPNsense.gflygt.se opnsense 10149 - [meta sequenceId="49"] /usr/local/etc/rc.newwanipv6: IP renewal deferred during boot on 'igb0'
<13>1 2022-09-05T08:37:00+02:00 OPNsense.gflygt.se dhcp6c 29111 - [meta sequenceId="53"] dhcp6c REQUEST on igb0 - running newipv6
<11>1 2022-09-05T08:37:01+02:00 OPNsense.gflygt.se opnsense 36647 - [meta sequenceId="59"] /usr/local/etc/rc.newwanipv6: IP renewal deferred during boot on 'igb0'
<11>1 2022-09-05T08:37:04+02:00 OPNsense.gflygt.se opnsense 78719 - [meta sequenceId="68"] /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to opt3
<11>1 2022-09-05T08:37:04+02:00 OPNsense.gflygt.se opnsense 78719 - [meta sequenceId="69"] /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route
<13>1 2022-09-05T08:37:04+02:00 OPNsense.gflygt.se opnsense 78719 - [meta sequenceId="75"] plugins_configure monitor (,WAN_ipv6)
<13>1 2022-09-05T08:37:04+02:00 OPNsense.gflygt.se opnsense 78719 - [meta sequenceId="76"] plugins_configure monitor (execute task : dpinger_configure_do(,WAN_ipv6))
<11>1 2022-09-05T08:37:05+02:00 OPNsense.gflygt.se opnsense 78719 - [meta sequenceId="77"] /usr/local/etc/rc.newwanip: The WAN_ipv6 monitor address is empty, skipping.
<11>1 2022-09-05T08:37:05+02:00 OPNsense.gflygt.se opnsense 95018 - [meta sequenceId="78"] /usr/local/etc/rc.newwanipv6: IPv6 renewal is starting on 'igb0'
<11>1 2022-09-05T08:37:05+02:00 OPNsense.gflygt.se opnsense 95018 - [meta sequenceId="79"] /usr/local/etc/rc.newwanipv6: Failed to detect IP for WAN[wan]
<11>1 2022-09-05T08:37:05+02:00 OPNsense.gflygt.se opnsense 83945 - [meta sequenceId="83"] /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to opt3
<11>1 2022-09-05T08:37:05+02:00 OPNsense.gflygt.se opnsense 83945 - [meta sequenceId="84"] /usr/local/etc/rc.newwanip: ROUTING: setting IPv6 default route to ::
<11>1 2022-09-05T08:37:06+02:00 OPNsense.gflygt.se opnsense 5011 - [meta sequenceId="98"] /usr/local/etc/rc.routing_configure: ROUTING: IPv6 default gateway set to opt3
<11>1 2022-09-05T08:37:06+02:00 OPNsense.gflygt.se opnsense 5011 - [meta sequenceId="99"] /usr/local/etc/rc.routing_configure: ROUTING: setting IPv6 default route to ::
<11>1 2022-09-05T08:37:06+02:00 OPNsense.gflygt.se opnsense 5011 - [meta sequenceId="108"] /usr/local/etc/rc.routing_configure: The WAN_ipv6 monitor address is empty, skipping.
<11>1 2022-09-05T08:37:08+02:00 OPNsense.gflygt.se opnsense 23364 - [meta sequenceId="120"] /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to opt3
<11>1 2022-09-05T08:37:08+02:00 OPNsense.gflygt.se opnsense 23364 - [meta sequenceId="121"] /usr/local/etc/rc.newwanip: ROUTING: setting IPv6 default route to ::

Why does it try to set OPT3 as default gateway for ipv6?
September 14, 2022, 03:35:46 PM #2
That is a link-local address. It is not routed.
September 16, 2022, 04:07:49 PM #3 Last Edit: September 16, 2022, 04:12:45 PM by gunnarf
Yes, I understand that, but why doesn't the client get a proper route?

The weird thing is that the client can ping the google NS AAAA address, but not any other ipv6 addresses.

ping 2001:4860:4860::8888
PING 2001:4860:4860::8888(2001:4860:4860::8888) 56 data bytes
64 bytes from 2001:4860:4860::8888: icmp_seq=1 ttl=117 time=3.61 ms
64 bytes from 2001:4860:4860::8888: icmp_seq=2 ttl=117 time=3.33 ms
^C
--- 2001:4860:4860::8888 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 3ms
rtt min/avg/max/mdev = 3.326/3.467/3.608/0.141 ms

But
ping 2001:67c:d8:ed80::87
PING 2001:67c:d8:ed80::87(2001:67c:d8:ed80::87) 56 data bytes
^C
--- 2001:67c:d8:ed80::87 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 129ms

And on the client:

route -6 -n
Kernel IPv6 routing table
Destination                    Next Hop                   Flag Met Ref Use If
::1/128                        ::                         U    256 2     0 lo
2001:9b0:21d:7300::/64         ::                         U    202 1     0 eth0
fe80::/64                      ::                         U    256 1     0 eth0
::/0                           fe80::20d:b9ff:fe51:6da9   UG   202 5     0 eth0
::1/128                        ::                         Un   0   7     0 lo
2001:9b0:21d:7300:5984:38fa:fa49:81d6/128 ::                         Un   0   5     0 eth0
fe80::144c:494d:4836:2c33/128  ::                         Un   0   4     0 eth0
ff00::/8                       ::                         U    256 5     0 eth0
::/0                           ::                         !n   -1  1     0 lo
Print
Go Up Pages1
User actions