IPv6 link local on a Bridge Network !

[karl047]

The point is that the bridge interface, when dhcp6d is being configured, whether it's tracking or static, SHOULD automatically configure the link-local address on the bridge interface.

No, I have a different opinion: the Bridge Interface should have an IPv6 link local when it will be added like the another Interfaces (all my Interfaces have an IPv6 link local, all of them, except the bridge interface). I have tested more than 3 times, on OPNsense & pfSense, it won't work without this patch. Another point: I have tested too without IPv6 configuration, that means no SLAAC & no DHCPv6, & it didn't show an IPv6 link local !

Another Point, that it has nothing to do with our discussion here, but I want to tell you about it: it is a point why I like OPNsense: in the configuration of router advertisement (when you have a static IPv6 Address) is "Advertise Default Gateway", this should be unchecked when you configure a static IPv6 Interface with a static route over your Modem. I want to tell you about this point, maybe it will help you someday (believe me, it was a fight with the configuration of a bridge Network, & a fight with the configuration of static IPv6 in my network behind the fritzbox).

[marjohn56]

OK... There is some confusion here.


On my live system I have static IPv6 on both the WAN and the LAN interfaces, I also have a bridge interface with three physical NICs on my Bridge interface. I use dhcpd6 and radvd on my LAN. I have zero issues.


On my test system I use DHCP6 on WAN and track interface on LAN, I can set the dhcpd6c/radvd to auto or override it and manually set ranges and I have no problems with that either.


What is different with your system?

[karl047]

Good..
WAN get a static IPv6 & LAN is a bridge network over 3 not physical NIC but VLAN Interfaces (for example 101,102,103).

1. WAN & LAN with a static IPv6 Address: everything good except that LAN no IPv6 link local has, the clients get no IPv6 Address over DHCPv6 or Radvd until I manually add the IPv6 link local to this Interface, then everything is fine. (or with the patch then reboot).

2. WAN with DHCPv6 & LAN with Track Interface: LAN becomes suddenly an IPv6 link local (fe80::1:1%bridge0) & the clients get an IPv6 Addresses over Radvd, but I can't configure DHCPv6 or Radvd because it shows me that only Interfaces with a static IPv6 address can be configured !

that is what I have...

[marjohn56]

At the bottom of the interfaces->LAN page In the Track interface section there is a manual configuration option to allow you to configure RADVD and dhcpd6 when using a tracked interface.

[karl047]

just a moment please, is that a new function in 18.7? because I have 18.1.13 installed, & I havn't seen such option yet!

[marjohn56]

It is yes.. 

[marjohn56]

Just a quick note, there is a bug in 18.7, it's fixed in 18.7.1 but you'll need to do these patches.


Have a look at this thread:


https://forum.opnsense.org/index.php?topic=9374.0

[karl047]

@marjohn56: you are one of the best in this forum, thank you for your information.

Whatever if DHCPv6 or Radvd are activated or not on an interface, the bridge network should have an IPv6 link local when it wil be added, like the another Interfaces, & with the lines that I posted in interfaces.inc, everything works fine.

[marjohn56]

Thank you for your kind comments. What I am trying to say is that on my live unit ( statics all round ) and on my test unit ( dhcp6 all round ) I DO get a link local address, no changes to code required, it just works.

[karl047]

on 18.7 with a Bridge Network?
I will try it & tell you later what I get with it 

[karl047]

A big Report extra for you 

I've tried today over 4 hours with all scenarios (WAN: DHCPv6 & static ; Bridge: Track & static).
A little note firstly: "Patch" is the path what I've posted earlier, & I have installed to the configuration the guest network too, because it isn't a bridge network but a VLAN Interface (to compare the IPv6 link local on the both Interfaces), & as I said earlier, the Bridge Network is configured over 3 VLAN Interfaces.

So we can start with the first scenario:

(((((
1- 18.7 image: new installed & new configured (without Patch)
* no IPv6 configured yet on WAN or on another Interfaces: WAN & Guest have IPv6 link local (depends to MAC Address), Bridge has no IPv6 link local.
* ALL Interfaces have been configured with static IPv6: IPv6 on WAN & Guest is OK, no IPv6 on Bridge (& no IPv6 link local)
* WAN has been configured with DHCPv6 (prefix length behind Fritzbox is 60), Guest & Bridge as Track Interface: WAN get a IPv6 Address but cannot connect to the Internet; Guest & Bridge get IPv6 Addresses, can connect to the Internet, the first IPv6 link local on Guest is disappeared & Guest has now a new IPv6 link local (fe80::1:1%vlanxxx) , Bridge has now 2 IPv6 link local: fe80::1:1%bridge0 & a IPv6 link local depends to its MAC Address (!!!!!!!!!!!!!!!!!) (I couldn't believe it), but the Router of IPv6 Network on my iPhone shows the fe80::1:1
* configure the network again with no IPv6 Addresses: WAN & Guest have IPv6 link local again (depends to MAC Address), Bridge has no IPv6 link local more (!!!).
)))))

the second scenario:

(((((
2- 18.7 image: new installed & new configured (with Patch)
* * no IPv6 configured yet on WAN or on another Interfaces: ALL Interfaces have IPv6 link local (depends to MAC Address).
* ALL Interfaces have been configured with static IPv6: IPv6 on ALL Interfaces is OK.
* WAN has been configured with DHCPv6 (prefix length behind Fritzbox is 60), Guest & Bridge as Track Interface: WAN get a IPv6 Address but cannot connect to the Internet; Guest & Bridge get IPv6 Addresses, can connect to the Internet, the first IPv6 link local on Guest is disappeared & Guest has now a new IPv6 link local (fe80::1:1%vlanxxx) , Bridge has now 2 IPv6 link local: fe80::1:1%bridge0 & a IPv6 link local depends to its MAC Address, the Router of IPv6 Network on my iPhone shows the fe80::1:1
* configure the network again with no IPv6 Addresses: ALL Interfaces have IPv6 link local (depends to MAC Address).
)))))

NOTE: with the configuration of WAN with DHCPv6: the Gateway of IPv6 always stays online (after Reboot too), but RTT is 0 second; with the configuration of WAN with static IPv6, & manually added of IPv6 Gateway (the same one of DHCPv6), the Gateway will be online for max 3 minutes, RTT is 0,5 ms, then it will be offline (after Reboot still offline !!!).

I hope that I clearly explained the scenarios for you.

Thank you again for your help.

[marjohn56]

Very nice...


However there were patches issued to correct a couple of dhcpd6 issues in 18.7


Try upgrading to 18.7.1 ( out today! ) , it will overwrite your patch - see if it works then.

[karl047]

I will do it today and tell you later...

but just a quastion please: what do you say about the IPv6 Gateway? why does it go offline after a few minutes when it is manually configured & still offline after Reboot?

[marjohn56]

There were a couple of bugs around IPv6 in 18.7, it did not affect all users but a significant minority were affected. I want to make sure that your system is not one of those and that everything is in place before I try and find exactly why your system is behaving differently to mine.


I might ask you to pm me your config too so I can run it on my test unit.

[karl047]

Deal 

I will try firstly the 18.7.1 & tell you later what I get with it.

I'd like to tell you one information about my experience with all images of OPNsense what I had: the only one that works without any problem (with IPv6 Gateway & directly connection over PPP0E or behind Fritzbox) was 18.1.9 , & the configuration that I made on it was the same of today on 18.7 !

Anyway I will tell you later today how everything goes...