Connectivity drops when using IPv6

[tobi-wan-kenobi]

Hello,

really happy with my OPNsense, use it since almost 2 years now :)

But recently, I switched to an ISP that provides me with full IPv6 connectivity, and I am running into the weirdest issues setting that up.

I configure the WAN (PPPoE), set IPv6 to DHCPv6 and enable "Use IPv4 connectivity". This gives me a (delegated?) prefix, an IPv6 address and, most importantly, I can ping IPv6 addresses from the firewall.

Next, I add a floating firewall rule to allow DHCPv6 traffic from WAN to LAN, and set the LAN IPv6 option to "Track device" for WAN, to get IPv6 addresses assigned from the ISP.

The thing that really, really bugs me: It works (the clients get IPv6 addresses, and https://test-ipv6.com gives me 9/10, *BUT*: All clients have around 30% packet loss, on IPv4, as well as IPv6.

As soon as I disable IPv6, everything works flawlessly again.

Has anyone else ever encountered such an issue?

Thanks a lot in advance!

[robgnu]

Hi,

how is your PPPoE interface configured? Which options are enabled/disabled?

Robert.

[tobi-wan-kenobi]

I left most of the settings on default (e.g. MTU is autocalculated to 1492, service name, host uniq, idle timeout, etc. is all empty).

The one particularity of the setup is that the PPPoE connection is on a VLAN (i.e. I have a physical link configured as VLAN 2, within which PPPoE is configured).

The strange thing is that everything seems to work fine if I configure the WAN part to obtain an address, it looks to me as if stuff starts breaking as soon as I use "Track Device" on the LAN interface. I am using 2 Unifi APs to have a WLAN, but I guess if that was interfering, it would consistently block, not sporadically....

[robgnu]

Hi,

try to enable "Request only an IPv6 prefix" (checked), I had an issue with that option in the past with some packet loss.

Robert.