6rd radvd and dhcpdv6 not starting after reboot

Started by darkcrucible, October 18, 2024, 06:42:05 PM

Previous topic - Next topic
Unfortunately my ISP does not offer native IPv6. The best they offer is 6rd which is too bad.

Anyways I've been using opnsense since 24.7.1. I believe this issue has affected all dot releases since then. I still see this on 24.7.6.

If I reboot the opnsense box, radvd and the LAN's dhcp6 fail to load. There's not much special on my setup. I use manual outbound NAT for static port (have outbound for link-local & LAN networks). I also set the MTU of WAN to 1500. I think even disconnecting the WAN Ethernet for a moment then reconnecting can trigger this too.

I'll get messages like this:
2024-09-29T12:11:30-07:00       Warning radvd   sendmsg: Can't assign requested address
2024-09-29T12:11:30-07:00       Warning opnsense        /usr/local/etc/rc.bootup: dhcpd_radvd_configure(auto) found no suitable IPv6 address on lan(igc1)


Perhaps radvd/dhcpdv6 is being started too soon before 6rd is done? Just speculation

Last thing to note for now, if I restart the radvd & dhcpd6 services then IPv6 works as normal. Any reboot requires manually logging in to restart the services.

I've noticed on my system too, with a 6rd ISP, that upon reboots DHCPv6 Server isn't running anymore. I hadn't yet spent any time investigating it, but I do see similar messages in my log. If I start DHCPv6 Server manually, it works fine until the next reboot.

I have not been seeing a similar behavior with radvd, but that may just be a configuration thing?

I'm also seeing this too often.. Not good..

2024-12-05T08:22:02 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure dns (execute task : unbound_configure_do())
2024-12-05T08:22:02 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure dns (execute task : dnsmasq_configure_do())
2024-12-05T08:22:02 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure dns ()
2024-12-05T08:22:02 Warning opnsense-business /usr/local/etc/rc.linkup: dhcpd_radvd_configure(auto) found no suitable IPv6 address on lan(igc0)
2024-12-05T08:22:01 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure dhcp (execute task : dhcpd_dhcp_configure())
2024-12-05T08:22:01 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure dhcp ()
2024-12-05T08:22:01 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure ipsec (execute task : ipsec_configure_do(,opt4))
2024-12-05T08:22:01 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure ipsec (,opt4)
2024-12-05T08:22:01 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure monitor (execute task : dpinger_configure_do(,[]))
2024-12-05T08:22:01 Notice opnsense-business /usr/local/etc/rc.linkup: plugins_configure monitor (,[])
2024-12-05T08:22:01 Notice opnsense-business /usr/local/etc/rc.linkup: ROUTING: entering configure using opt4


Something fishy is happening here.. Does it run stable for you or?
Hardware: DEC3852
Version: OPNsense 24.10 Business Edition

rc.linkup interfering is not a good sign to be honest. Suricata? Zenarmor?

Check dmesg..


Cheers,
Franco

December 05, 2024, 08:48:38 PM #4 Last Edit: December 05, 2024, 08:55:28 PM by Melroy vd Berg
@franco Thanks for your response, this late on the day (we live in the same timezone).

Dmesg:
cannot forward src fe80:c::49b4:8a7a:2aac:1b71, dst 2620:2d:4000:1::23, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::49b4:8a7a:2aac:1b71, dst 2620:2d:4000:1::97, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::49b4:8a7a:2aac:1b71, dst 2620:2d:4000:1::22, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::49b4:8a7a:2aac:1b71, dst 2620:2d:4002:1::196, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::49b4:8a7a:2aac:1b71, dst 2620:2d:4002:1::197, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::49b4:8a7a:2aac:1b71, dst 2600:1901:0:38d7::, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::49b4:8a7a:2aac:1b71, dst 2600:1901:0:38d7::, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::49b4:8a7a:2aac:1b71, dst 2620:2d:4000:1::98, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::49b4:8a7a:2aac:1b71, dst 2001:67c:1562::23, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::49b4:8a7a:2aac:1b71, dst 2620:2d:4000:1::2a, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::58d6:7679:2d6:7046, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::e486:95ff:fe5b:1003, dst 2a00:1450:400e:80f::200a, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::e486:95ff:fe5b:1003, dst 2a04:4e42::223, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::e486:95ff:fe5b:1003, dst 2a04:4e42:200::223, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::e486:95ff:fe5b:1003, dst 2a04:4e42:200::223, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::e486:95ff:fe5b:1003, dst 2a04:4e42::223, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:26f0:fe00::5c7b:4d40, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:26f0:fe00::5c7b:4d40, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:26f0:fe00::5c7b:4d40, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2001:7b8:3:2c::53, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:26f0:fe00::5c7b:4d40, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2001:7b8:3:2c::53, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:26f0:fe00::5c7b:4d40, nxt 6, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
cannot forward src fe80:c::e486:95ff:fe5b:1003, dst 2600:1901:0:7b8a::, nxt 6, rcvif bridge0, outif pppoe0



But also just in notice logs:


2024-12-05T20:03:28 Notice kernel <7>cannot forward src fe80:c::e486:95ff:fe5b:1003, dst 2600:1901:0:7b8a::, nxt 6, rcvif bridge0, outif pppoe0
2024-12-05T20:00:56 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T20:00:56 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T20:00:56 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T20:00:56 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T20:00:56 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T20:00:55 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T20:00:55 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T20:00:55 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T20:00:55 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T20:00:55 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T19:59:55 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:26f0:fe00::5c7b:4d40, nxt 6, rcvif bridge0, outif pppoe0
2024-12-05T19:59:49 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2001:7b8:3:2c::53, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T19:59:47 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:26f0:fe00::5c7b:4d40, nxt 6, rcvif bridge0, outif pppoe0
2024-12-05T19:59:44 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2001:7b8:3:2c::53, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T19:59:43 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:26f0:fe00::5c7b:4d40, nxt 6, rcvif bridge0, outif pppoe0
2024-12-05T19:59:43 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T19:59:43 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0:ffff:ffff::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T19:59:42 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T19:59:42 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:22a0::1, nxt 17, rcvif bridge0, outif pppoe0
2024-12-05T19:59:41 Notice kernel <7>cannot forward src fe80:c::d8a4:3f0c:e70b:d043, dst 2a02:26f0:fe00::5c7b:4d40, nxt 6, rcvif bridge0, outif pppoe0


Today I in fact, it got so unstable that is caused huge down time. My network went down with OPNsense.

I actually recently deployed OPNsense firewall now in my network. A few days ago I got my ONT configured with KPN MKB EEN (ISP) network using PPPoE and Vlan 6 with IPv4. And just a couple of days ago I now got ipv6 working as well. But that seems to be very problematic in terms of stability.

I have no other plugins active. So no Suricata, No Zenarmor. No Intrusion Detection. So very basic plain configuration.

I shared my WAN/LAN setup recently here
(including the "Link-local address" option here)


EDIT: I also read somewhere on the forum about State type "keep-state" might not work very well with IPv6. Under WAN/LAN Firewall rules -> My IPv6 rule -> Advanced -> And then "State Type" should I try to set this to "None"?

EDIT EIDT: fe80:c::58d6:7679:2d6:7046 is a local link address. But I can't find it on my local devices, it might be a WAN local link? And the destination addreses like 2a02:22a0:ffff:ffff::1 are often RoutIT or GOogle IPv6 IPs, which should actually just work.

IN fact, look:

root@OPNsense:~ # ping6 2a02:22a0:ffff:ffff::1
PING(56=40+8+8 bytes) 2a02:22a0:bbba:f900::1 --> 2a02:22a0:ffff:ffff::1
16 bytes from 2a02:22a0:ffff:ffff::1, icmp_seq=0 hlim=61 time=3.267 ms
16 bytes from 2a02:22a0:ffff:ffff::1, icmp_seq=1 hlim=61 time=1.927 ms
16 bytes from 2a02:22a0:ffff:ffff::1, icmp_seq=2 hlim=61 time=1.977 ms
^C
--- 2a02:22a0:ffff:ffff::1 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 1.927/2.390/3.267/0.620 ms


I can just ping it.
Hardware: DEC3852
Version: OPNsense 24.10 Business Edition

> cannot forward src fe80:c::49b4:8a7a:2aac:1b71, dst 2620:2d:4000:1::23, nxt 6, rcvif bridge0, outif pppoe0

This is normal if you don't hand out IPv6 via SLAAC/radvd because you don't track it on your LAN in the first place. Android devices will just try to reach the Internet which is a stupid thing to do from link-local, but it is what it is.

The LAN bridge thing I would really encourage you to eradicate from your. While this may work, but OTOH PPPoE and DHCPv6 can be a troublesome combination on their own already. Making it more complex/fragile is not a good idea.

>  I also read somewhere on the forum about State type "keep-state" might not work very well with IPv6.

We backed out these FreeBSD patches. That's not it.


Cheers,
Franco

Quote from: franco on December 05, 2024, 09:40:54 PM
This is normal if you don't hand out IPv6 via SLAAC/radvd because you don't track it on your LAN in the first place. Android devices will just try to reach the Internet which is a stupid thing to do from link-local, but it is what it is.

Uhm I see. I do not handle out IPv6 via Slaac indeed. Could I disable radvd / Router Advertisements? Or should I keep it on "managed" like I have now?

Quote from: franco on December 05, 2024, 09:40:54 PM
The LAN bridge thing I would really encourage you to eradicate from your.

I fully agree here! In fact, this is just a temporally solution, until the 10Gb/s switch setup is completed. In the meanwhile I was using the LAN bridge feature to bridge some ports together ;).
Hardware: DEC3852
Version: OPNsense 24.10 Business Edition

> Uhm I see. I do not handle out IPv6 via Slaac indeed.

No it's probably enabled fine but since your LAN does not receive a subnet of the PD radvd in turn cannot hand out an address... which makes these particular clients behave erratically.

So... somehow the bridge can still prevent the IPv6 tracking to work.. and the rc.linkup suggest something takes the whole interface down which may take PPPoE down, which takes down DHCPv6, etc.


Cheers,
Franco

Quote from: franco on December 06, 2024, 08:43:17 AM
No it's probably enabled fine but since your LAN does not receive a subnet of the PD radvd in turn cannot hand out an address... which makes these particular clients behave erratically.

OK good to know. I do help the radvd project out now as well. So there will hopefully be a new release of radvd since 2021. I hope to see v2.20 soonish.

Quote from: franco on December 06, 2024, 08:43:17 AM
So... somehow the bridge can still prevent the IPv6 tracking to work.. and the rc.linkup suggest something takes the whole interface down which may take PPPoE down, which takes down DHCPv6, etc.

Cheers,
Franco

Yea, I have a suspect. My DAC (direct attached copper) cable in the SFP+ port of the firewall. Which seems to behave weird.

Do you know if the "Generic" DAC cables from the brand FS are supported on your hardware? Or somebody is using these cables? https://www.fs.com/de-en/products/74618.html?attribute=8703&id=2373541

I bought compatibility 'Generic', because that often makes the most sense here. After all it's not Cisco or Dell hardware or anything, we are talking here about OPNsense hardware.

I assume I'm not the first consumer who is trying to use DAC cables.
Hardware: DEC3852
Version: OPNsense 24.10 Business Edition

I could confirm it was indeed something with my Broadcom network card and the DAC cable. I updated the Broadcom network card firmware (Broadcom® BCM957412A4120AC). And rebooted the server.

Then I also set the speed manually to 10GbE via ethtool command on my server. And just to be safe, I also selected "10GBase-SFI" as Speed and duplex in OPNsense firewall. Now everything seems to work fine and the interfaces are up, not weird crashes anymore.
Hardware: DEC3852
Version: OPNsense 24.10 Business Edition

Hi I'm seeing very similar messages to what you are about not being able to forward IPv6 packets. It's causing my N305 router to crash and give me fatal trap 12: page fault. Did you manage to resolve the issue?

Here's the forum post that I made about the issue: https://forum.opnsense.org/index.php?topic=44621.msg222875#msg222875