IPv6 link-local route does not survive reboot

Started by matt335672, January 21, 2026, 04:42:40 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 21, 2026, 04:42:40 PM Last Edit: January 21, 2026, 04:50:09 PM by matt335672
Hi,

I've got a couple of OpnSense routers running 25.7.11_2 linked together.

My primary router receives a static /48 from my ISP, and then delegates a /60 to the secondary router. This is all done with static routing rather than PD, as Kea can't currently add the route for a delegated prefix automatically - see https://forum.opnsense.org/index.php?topic=48680

The interface vtnet3 on the main router has an address of FE80::1/64 and the interface em0 on the secondary router has an address of FE80::2/64.

On the main router, I've got a gateway and a static route configured to reach the secondary router as follows (links to postimg.cc):



The secondary router just has FE80::1 on the main router set as a default gateway.

There's also an IPv4 config set up in  similar way.

This all works fine until I reboot the main router. When it comes up, the route for <prefix48>fff0::/60 to FE80::2%vtnet3 is missing from the routing table until I click the 'Apply' button on the routing config screen on the main router.

IPv4 works perfectly, although this is not using link-local addresses.

Any idea what I'm doing wrong here?
January 21, 2026, 05:00:30 PM #1
Nothing wrong with your configuration, it's most likely a bug. I've seen this behaviour before under hard to reproduce circumstances - some static IPv6 routes sometimes don't get added to the routing table after a reboot. Haven't been able to pinpoint it and mostly worked around it with Monit.

If it's reproducible in your setup, creating an issue on GitHub with as many details as possible (logs) might be the best way forward.

Cheers
Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
January 21, 2026, 05:50:01 PM #2
Kea sets automatic routes now, it was a roadmap item:

https://docs.opnsense.org/manual/kea.html#prefix-delegation-ia-pd
Hardware:
DEC740
Today at 03:12:19 PM #3
Thanks both.

I was using PD with ISC dhcpd for this, and it was working (mostly) fine. For what I'm doing there's no advantage in using PD really, so I'd like to get the static routes working.

I'm not keen on messing around with my primary router for this, so I'll try setting up a VM with just my static routes on it and see what happens. There are only 3. If I can reproduce it on that, it should make a fault report easier.
Today at 03:31:05 PM #4
> When it comes up, the route for <prefix48>fff0::/60 to FE80::2%vtnet3 is missing from the routing table until I click the 'Apply' button on the routing config screen on the main router.

Maurice, could this overlap with the blackhole route we added for the delegated prefix?


Cheers,
Franco
Today at 06:20:18 PM #5
@franco That would be weird, since the automatic blackhole route and the static routes have different prefix lengths. Adding a /48 blackhole route should not remove existing routes for /60 subnets. But this should be easy to test by creating static routes for prefixes which aren't subnets of the delegated prefix.

@matt335672, what's your WAN configuration, static or DHCPv6?

And I reconsidered what I said about having observed this before. What I have indeed observed is some static routes sometimes not getting added to the routing table after a reboot. But I think these were static IPv4 routes on ptp interfaces, so probably a different issue.

Cheers
Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
Print
Go Up Pages1
User actions