WAN dhcp6c and DNS+GW issues

Started by Claus.Mattsson, May 07, 2021, 12:11:14 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 07, 2021, 12:11:14 PM
I have gotten an IPv6 address from my ISP. It is handled by the dhcp6c.

Besides the IPv6 address on the WAN, I am pulling a /48 prefix to hand-out on the inside.

I discovered so far, that even though I am requesting dns information and receiving them (seen in packet capture), they are not persisted in the opnsense.

Also the gateway address isn't shown in the gateways and hence can not be monitored without manuel setting it up.

Does anybody have a solution to the issues I am seeing? I am new here, so if I left out information, sorry in advanced.

Thanks.
May 07, 2021, 06:26:25 PM #1
This is a known issue with some ISPs. Not sure what causes it, but you can find similar reports here and probably on GitHub (and I've observed it myself in some setups).

The gateway gets configured correctly for the default route, but it isn't available for gateway monitoring. Workaround: Look up the gateway address in 'System: Routes: Status' and enter it statically in the gateway configuration.

You don't need your ISP's DNS servers if Unbound is configured as a recursive resolver (default). If you actually want to use them, enter them manually in 'System: Settings: General'.

Cheers

Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
May 08, 2021, 12:21:24 AM #2
I've taken to using my ISP's DNS servers (IPv4 and IPv6) as monitor IPs for the gateways. For some strange reason the RTT and RTTd for those IPs are lower than for the gateway IPs [emoji848]
May 08, 2021, 09:33:21 PM #3
@Maurice
Shouldn't it be reported as a bug somewhere? I've tried the pfSense on the same connection and it doesn't have these issues.

@Greelan
Same here. The gateway is busy transmitting packets, which is fine by me :)
May 09, 2021, 06:48:32 PM #4
Quote from: Claus.Mattsson on May 08, 2021, 09:33:21 PM
Shouldn't it be reported as a bug somewhere?

You're right, it should. This has been discussed here and there, but it seems no-one opened an issue on GitHub so far. Feel free to do so: https://github.com/opnsense/core/issues/new?template=bug_report.md

Make sure to use the provided template.

Quote from: Claus.Mattsson on May 08, 2021, 09:33:21 PM
I've tried the pfSense on the same connection and it doesn't have these issues.

There have been significant changes since the fork.

Cheers

Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
Print
Go Up Pages1
User actions