Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
IPv6 router advertisements problems in 24.7/24.1.x
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPv6 router advertisements problems in 24.7/24.1.x (Read 141 times)
himpie
Newbie
Posts: 2
Karma: 0
IPv6 router advertisements problems in 24.7/24.1.x
«
on:
November 21, 2024, 09:14:05 pm »
Hi,
After years working with pfsense CE/Plus on bare metal box, I finally migrated to OPNsense on the same bare metal box (with 1 NIC configured with multiple VLANs and connected to a switch).
Migration is successfully but have 1 issue. Router Advertisment (RA) on the OPNsense box....
The box is exact the same I used with pfsense CE/Plus.
In pfsense CE and OPNsense 24.1-amd64 everything works fine.
Yesterday I upgraded from OPNsense 24.1-amd64 to OPNsense 24.1.10
After the upgrade from OPNsense 24.1-amd64 to OPNsense 24.1.10 my LAN and WLAN clients don't receive a IPv6 address with Router Advertisement (on OPNsense box) to my FreeBSD DHCP box.
On my FreeBSD DHCP server I see correct RA message from pfsense CE/OPNsense 24.1 from
normal IPv6
:
Nov 20 18:12:10 <local7.info> apollo dhcpd[79271]: Relay-forward message from
2001:xxxx:yyyy:10::1
port 547,
link address 2001:xxxx:yyyy:30::1
, peer address fe80::6353:288f:4b6c:e182
Nov 20 18:12:10 <local7.info> apollo dhcpd[79271]: Advertise NA: address 2001:xxxx:yyyy:30:1::13 to client with duid 00:01:00:01:2e:7c:34:90:d0:bf:9c:18:43:f3 iaid = 215007132 static
Nov 20 18:12:10 <local7.info> apollo dhcpd[79271]: Sending Relay-reply to
2001:xxxx:yyyy:10::1
port 547
Nov 20 18:12:10 <local7.info> apollo dhcpd[79271]: Added new forward map from sirens.foo.baar to 2001:xxxx:yyyy:30:1::13
Nov 20 18:12:10 <local7.info> apollo dhcpd[79271]: Added reverse map from 3.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.0.3.0.0.y.y.y.y.x.x.x.x.1.0.0.2.ip6.arpa. to sirens.foo.bar.
Nov 20 18:12:10 <local7.info> apollo dhcpd[79271]: Relay-forward message from
2001:xxxx:yyyy:10::1
port 547,
link address 2001:xxxx:yyyy:30::1
, peer address fe80::6353:288f:4b6c:e182
Nov 20 18:12:10 <local7.info> apollo dhcpd[79271]: Reply NA: address 2001:xxxx:yyyy:30:1::13 to client with duid 00:01:00:01:2e:7c:34:90:d0:bf:9c:18:43:f3 iaid = 215007132 static
Nov 20 18:12:10 <local7.info> apollo dhcpd[79271]: Sending Relay-reply to
2001:xxxx:yyyy:10::1
port 547
Nov 20 18:12:11 <local7.info> apollo dhcpd[79271]: Added new forward map from sirens.foo.bar. to 2001:xxxx:yyyy:30:1::13
Nov 20 18:12:11 <local7.info> apollo dhcpd[79271]: Added reverse map from 3.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.0.3.0.0.y.y.y.y.x.x.x.x.1.0.0.2.ip6.arpa. to sirens.foo.bar.
On my FreeBSD DHCP server I see incorrect RA message from OPNsense 24.1.10 coming from
link-local OPNsense
instead of normal IPv6:
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: Relay-forward message from
2001:xxxx:yyyy:10::1
port 547, link address
fe80::28c:faff:fed6:f01d
, peer address fe80::6353:288f:4b6c:e182
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: [L2 Relay] No link address in relay packet assuming L2 relay and using receiving interface
Nov 21 16:16:09 <local7.debug> apollo dhcpd[79271]: Picking pool address fe80::31dd
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: Advertise NA: address fe80::31dd to client with duid 00:01:00:01:2e:7c:34:90:d0:bf:9c:18:43:f3 iaid = 215007132 valid for 43200 seconds
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: Sending Relay-reply to
2001:xxxx:yyyy:10::1
port 547
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: Relay-forward message from
2001:xxxx:yyyy:10::1
port 547, link address
fe80::28c:faff:fed6:f01d
, peer address fe80::6353:288f:4b6c:e182
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: [L2 Relay] No link address in relay packet assuming L2 relay and using receiving interface
Nov 21 16:16:09 <local7.debug> apollo dhcpd[79271]: Picking pool address fe80::31dd
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: Advertise NA: address fe80::31dd to client with duid 00:01:00:01:2e:7c:34:90:d0:bf:9c:18:43:f3 iaid = 215007132 valid for 43200 seconds
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: Sending Relay-reply to
2001:xxxx:yyyy:10::1
port 547
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: Relay-forward message from
2001:xxxx:yyyy:10::1
port 547, link address
fe80::28c:faff:fed6:f01d
, peer address fe80::6353:288f:4b6c:e182
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: [L2 Relay] No link address in relay packet assuming L2 relay and using receiving interface
Nov 21 16:16:09 <local7.debug> apollo dhcpd[79271]: Picking pool address fe80::31dd
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: Advertise NA: address fe80::31dd to client with duid 00:01:00:01:2e:7c:34:90:d0:bf:9c:18:43:f3 iaid = 215007132 valid for 43200 seconds
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: Sending Relay-reply to
2001:xxxx:yyyy:10::1
port 547
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: Relay-forward message from
2001:xxxx:yyyy:10::1
port 547, link address
fe80::28c:faff:fed6:f01d
, peer address fe80::6353:288f:4b6c:e182
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: [L2 Relay] No link address in relay packet assuming L2 relay and using receiving interface
Nov 21 16:16:09 <local7.debug> apollo dhcpd[79271]: Picking pool address fe80::31dd
Nov 21 16:16:09 <local7.info> apollo dhcpd[79271]: Advertise NA: address fe80::31dd to client with duid 00:01:00:01:2e:7c:34:90:d0:bf:9c:18:43:f3 iaid = 215007132 valid for 43200 seconds
VLANs on NIC on the OPNsense box:
re0_vlan10: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
description: re0_0010_DMZSERVERS (opt1)
options=80000<LINKSTATE>
ether 00:8c:fa:d6:f0:1d
inet 10.0.1.1 netmask 0xfffffff0 broadcast 10.0.1.15
inet6
fe80::28c:faff:fed6:f01d
%re0_vlan10 prefixlen 64 scopeid 0x6
inet6 2001:xxxx:yyyy:10::1
prefixlen 64
groups: vlan
vlan: 10 vlanproto: 802.1q vlanpcp: 0 parent interface: re0
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=121<PERFORMNUD,AUTO_LINKLOCAL,NO_DAD>
re0_vlan30: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
description: re0_0030_LANCLIENTS (lan)
options=80000<LINKSTATE>
ether 00:8c:fa:d6:f0:1d
inet 192.168.0.1 netmask 0xffffffe0 broadcast 192.168.0.31
inet6 fe80::28c:faff:fed6:f01d%re0_vlan30 prefixlen 64 scopeid 0xb
inet6
2001:xxxx:yyyy:30::1
prefixlen 64
groups: vlan
vlan: 30 vlanproto: 802.1q vlanpcp: 0 parent interface: re0
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=121<PERFORMNUD,AUTO_LINKLOCAL,NO_DAD>
On the router advertisment page on my OPNsense GUI, I see from 24.1.10 a field source address with a drop-down box where Automatic is selected. But in the drop-down box I see only Automatic but no other options.
The field "source address" was not implemented in OPnsense 24.1 (or earlier).
When I change my SSD in the box with the old pfsense or OPNsense 24.1 router advertisement works like a charm.
I think the problem is with the source address on automatic option I see on 24.1.10 (and also in OPNsense 24.7.8/24.7.9).
How can I disable that box so that it works like 24.1 (or erlier)?
Or how can I a more options than only Automatic in the drop down box?
Can somebody help me?
Kind regards,
Himpie
«
Last Edit: November 21, 2024, 09:28:08 pm by himpie
»
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1614
Karma: 176
Re: IPv6 router advertisements problems in 24.7/24.1.x
«
Reply #1 on:
November 21, 2024, 09:26:08 pm »
https://www.rfc-editor.org/rfc/rfc4861.html#section-6.1.2
RAs must be sent with the link local address of the router as source.
Logged
Hardware:
DEC740
himpie
Newbie
Posts: 2
Karma: 0
Re: IPv6 router advertisements problems in 24.7/24.1.x
«
Reply #2 on:
November 21, 2024, 09:34:52 pm »
Hi,
Why is the link-address changed from the normal IPv6 to the link local in versions after 24.1 in OPNsense?
I think it's not possible in my setup. I work with 1 NIC in my OPNsense box, all link-locals are the same ...
re0_vlan10: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
description: re0_0010_DMZSERVERS (opt1)
options=80000<LINKSTATE>
ether 00:8c:fa:d6:f0:1d
inet 10.0.1.1 netmask 0xfffffff0 broadcast 10.0.1.15
inet6
fe80::28c:faff:fed6:f01d
%re0_vlan10 prefixlen 64 scopeid 0x6
re0_vlan30: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
description: re0_0030_LANCLIENTS (lan)
options=80000<LINKSTATE>
ether 00:8c:fa:d6:f0:1d
inet 192.168.0.1 netmask 0xffffffe0 broadcast 192.168.0.31
inet6 fe80::28c:faff:fed6:f01d%re0_vlan30 prefixlen 64 scopeid 0xb
It worked for the last 12 years on pfsense and opnsense before 24.1.x update (on 24.1 it works like in pfsense)
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1614
Karma: 176
Re: IPv6 router advertisements problems in 24.7/24.1.x
«
Reply #3 on:
November 21, 2024, 09:37:27 pm »
A link local is local to the scope of the interface.
You could have fe80::1/64 on each vlan.
thats why there is a % with the interface name behind each link local address.
Logged
Hardware:
DEC740
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
IPv6 router advertisements problems in 24.7/24.1.x