Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
Have ipv6 prefix delegation but no ipv6 internet
« previous
next »
Print
Pages:
1
[
2
]
Author
Topic: Have ipv6 prefix delegation but no ipv6 internet (Read 3616 times)
emzy
Newbie
Posts: 16
Karma: 1
Re: Have ipv6 prefix delegation but no ipv6 internet
«
Reply #15 on:
February 04, 2024, 02:06:13 pm »
Here's logs from when I restarted opnsense instead of reloading the WAN interface. vtnet1 is the WAN interface here.
2024-02-04T12:46:40 Notice opnsense /usr/local/etc/rc.newwanipv6: Failed to detect IP for interface wan
2024-02-04T12:46:37 Notice kernel <118>>>> Invoking start script 'freebsd'
2024-02-04T12:46:37 Notice kernel <118>Reconfiguring IPv6 on vtnet1
2024-02-04T12:46:37 Notice kernel <118>Reconfiguring IPv4 on vtnet1
2024-02-04T12:46:37 Notice kernel <118>>>> Invoking start script 'newwanip'
2024-02-04T12:46:23 Notice opnsense /usr/local/etc/rc.newwanipv6: IP renewal deferred during boot on 'vtnet1'
2024-02-04T12:46:23 Notice dhcp6c dhcp6c_script: REQUEST on vtnet1 renewal
2024-02-04T12:46:23 Notice dhcp6c dhcp6c_script: REQUEST on vtnet1 executing
2024-02-04T12:46:21 Notice kernel <118>Starting router advertisement service...done.
2024-02-04T12:46:21 Notice opnsense /usr/local/etc/rc.bootup: plugins_configure dns (execute task : unbound_configure_do(1))
2024-02-04T12:46:21 Notice opnsense /usr/local/etc/rc.bootup: plugins_configure dns (execute task : dnsmasq_configure_do(1))
2024-02-04T12:46:21 Notice opnsense /usr/local/etc/rc.bootup: plugins_configure dns (1)
2024-02-04T12:46:21 Notice opnsense /usr/local/etc/rc.bootup: plugins_configure dhcrelay (execute task : dhcpd_dhcrelay_configure(1))
2024-02-04T12:46:21 Notice opnsense /usr/local/etc/rc.bootup: plugins_configure dhcrelay (1)
2024-02-04T12:46:21 Notice dhcp6c RTSOLD script - Sending SIGHUP to dhcp6c
2024-02-04T12:46:21 Warning opnsense /usr/local/etc/rc.bootup: dhcpd_radvd_configure(manual) found no suitable IPv6 address on lan(vtnet0)
I'm not certain, but it seems like what's happening is that opnsense starts radvd before it's gotten ipv6 configured on the WAN. After the ipv6 prefix is established, the newwanipv6 procedure runs and doesn't detect a WAN ipv6 address, so it doesn't trigger any of the service restarts that normally happen when the WAN ip changes. If the new ip procedure was aware or listening for prefix changes this probably wouldn't be an issue.
I'm still not sure if there's a race happening or not between the radvd setup and the wan/lan ipv6 address assignment. I thought that everything was working for me at some point, but I haven't been able to get to that state again.
Logged
emzy
Newbie
Posts: 16
Karma: 1
Re: Have ipv6 prefix delegation but no ipv6 internet
«
Reply #16 on:
February 04, 2024, 04:20:19 pm »
Ok Maurice, I dug through the code this morning and I think I've figured out exactly what's happening. I think you might have suspected something like this could be the problem.
I filed a bug report with a full description and pointers to the code.
-
https://github.com/opnsense/core/issues/7202
Here is the summary:
If the ISP only delegates an ipv6 prefix but no GUA address for the WAN interface, the rc.newwanipv6 script exits early and does not configure or restart radvd. This means it never starts to advertise a prefix on the LAN, and clients don't get ipv6 addresses.
The script can't tell if the ISP has only delegated a prefix or not, so when it fails to find the WAN GUA it exits early. If you check the "Request only an IPv6 prefix" option on the WAN interface then the script does not exit early, and radvd is properly configured.
I would have thought that the "Request only an IPv6 prefix" option only affects the solicitation opnsense sends to the ISP, not that it is necessary to check this box if the ISP is only delegating a prefix. I'm not sure how difficult it would be to actually check if the ISP only delegated a prefix, but if it's possible I think that would be less surprising to the user.
Anyways, I think we can say case closed for now and follow up on the bug to see if there's a way to make opnsense smarter about the prefix delegation. Thanks for all the help!
Logged
Patrick M. Hausen
Hero Member
Posts: 6807
Karma: 572
Re: Have ipv6 prefix delegation but no ipv6 internet
«
Reply #17 on:
February 04, 2024, 04:37:08 pm »
The cheapest solution would be to rename the UI option to "ISP delegates only a prefix" or similar to clarify that this is about what OPNsense should expect, not what it should ask for.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
franco
Administrator
Hero Member
Posts: 17660
Karma: 1611
Re: Have ipv6 prefix delegation but no ipv6 internet
«
Reply #18 on:
February 04, 2024, 06:10:56 pm »
Thanks for the detailed report. I posted an experimental patch over here
https://github.com/opnsense/core/issues/7202#issuecomment-1925840590
Been meaning to change this myself, but did not want to go overboard the last years with changes in that area so after verifying the "force" reload flag works fine now we can do this step actually.
All feedback and complaints welcome. I'll be testing this next week in a production setup as well.
Cheers,
Franco
Logged
Print
Pages:
1
[
2
]
« previous
next »
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
Have ipv6 prefix delegation but no ipv6 internet