IPv6 - WAN does not renew address when upstream fails
If the upstream ISP on the WAN link has an IPv6 failure / outage, PFSense does not release and renew the IPv6 lease.
This results in an outage to all IPv6 traffic being routed by PFSense.
The "fix" each time the problem occurs is to manually release the leases on the WAN interface and renew them.
- This been a problem for at least the past year of stable PFSense releases, currently running 2.4.5-RELEASE-p1 (amd64).
- I have confirmed this is an issue for other users of PFSense with IPv6.
- This bug exists after a fresh install of PFsense with minimal configuration.
- This bug exists across completely different hardware.
- The upstream ISP tested with is AussieBroadband (A popular Australia ISP) which use Cisco Nexus gear that's IPoE, the DHCP request starts the accounting so it is required for connectivity to work, there is no option to statically assign an address as a workaround.
This could perhaps related to close bug: https://redmine.pfsense.org/issues/2919
See attached screenshots of the interface in a broken IPv6 state and then after a manual release and renew
#2 Updated by Sam McLeod 7 months ago
If i release/renew it never gets a v6 address again, but if I release, wait 20 seconds, renew it works immediately.
#5 Updated by Sam McLeod 5 months ago
Can't find if this is being tracked elsewhere now but it's still an issue.
Last night all PFSense users in the states of Victoria and Tasmania using AussieBB (a major ISP in Australia) that had planned maintenance at 4AM~ found that all IPv6 traffic was failing (e.g. ping6 google.com) - upon release and renew an IPv6 WAN address was not assigned by PFSense and they had to wait at least 20s between the release and renew on the WAN link for v6 to get an assignment.
- Is there any update on when this will be fixed?
#7 Updated by Sam McLeod 5 months ago
Had another outage caused by PFSense not having the bugfixed dhcp6c client
#8 Updated by Sam McLeod 5 months ago
Looks like Opensense has a bugfix for the issue:
#9 Updated by → luckman212 5 months ago
It's still open @Sam McLeod - Not fully fixed yet.
look towards the end of that issue (https://github.com/opnsense/dhcp6c/issues/25#issuecomment-742310113 specifically)
Looks like this will be a good one to pull in though, once it's wrapped up
#10 Updated by John Griffin 3 months ago
Hi, considering the fact that the user only saw the patched version not fix the issue one time, would it be possible to review the upstream fixs implemented by the wide-dhcpv6 and look to implement the same in a dev release? I just don't see much priority given to this by Opnsense considering the reporter has not returned in over a month.
As someone affected by this bug on an almost daily basis, i'd be happy to provide whatever testing may assist.
#13 Updated by Renato Botelho 3 months ago
- Status changed from New to Feedback
Version dhcp6-20080615.2_4 will contain fix
#14 Updated by John Griffin 3 months ago
I updated this morning to the latest 2.5 release which had the dhcp6-20080615.2_4 client. I then rebooted this afternoon to install the latest build, and it failed to retrieve a DHCP6 address on reboot. Logs are below and seem a little confusing to me. This is the last mention of dhcp6c in the log, it's now 3 hours later and there's nothing showing it trying to get a new address.
(Logs in next post)
#15 Updated by John Griffin 3 months ago
- File manual-release-renew.txt manual-release-renew.txt added
- File reboot-no-address.txt reboot-no-address.txt added
But I do a manual release / renew and it picks up an address
Logs Attached showing the reboot releasing (?) the address but the manual release / renew being successful.