Access to IPv6 link-local stopped working with 24.7

[itn3rd77]

Hi!

I updated today from 24.1.10 to 24.7.1. At a first glance everything worked smooth and I was happy and very pleased.

But it turned out that with release 24.7 I was no longer able to get any connectivity to IPv6 link-local addresses from the OPNsense box itself. I can not ping, telnet or access any IPv6 link-local address on my network. I require IPv6 link-local addresses for several services e.g. HAProxy as I use "Track IPv6 Interface" on all interfaces on my OPNsense box that's why I don't want to deal with changing prefixes.

In the live view of firewall logs I can see the packages pass (ICMP and telnet to port) but I don't get any response back. Ping from a Windows machine to an IPv6 link-local address works with not problem.

I am not sure if I missed something in the release notes and I am not an IPv6 expert. It just worked in the past.

Any help is really appreciated!

Attached you can find some screenshots.

Thanks and best regards
Ingo

[Patrick M. Hausen]

You are using the proper scope id with these addresses? E.g. fe80::dead:beef:dead:beef%igb0?

[itn3rd77]

For ping I certainly did. Besides this I never cared about the scope in link-local. Shouldn't it work without scope  :-\
Are you able to ping a IPv6 link-local address on your network? Than there must be something wrong in my setup  :-[

[meyergru]

That is not entirely the same thing. Try this:

Code Select Expand

ping6 fe80::9209:d0ff:fe25:7309%igb1

This is different from your:

Code Select Expand

ping6 -I igb1 fe80::9209:d0ff:fe25:7309

Link-local addresses are not well suited for use with DNS names. Either use GUAs or ULAs for that.