Bug #10966
closed
IPv6 - WAN does not renew address when upstream fails
Added by Sam McLeod about 4 years ago.
Updated almost 4 years ago.
Description
If the upstream ISP on the WAN link has an IPv6 failure / outage, PFSense does not release and renew the IPv6 lease.
This results in an outage to all IPv6 traffic being routed by PFSense.
The "fix" each time the problem occurs is to manually release the leases on the WAN interface and renew them.
- This been a problem for at least the past year of stable PFSense releases, currently running 2.4.5-RELEASE-p1 (amd64).
- I have confirmed this is an issue for other users of PFSense with IPv6.
- This bug exists after a fresh install of PFsense with minimal configuration.
- This bug exists across completely different hardware.
- The upstream ISP tested with is AussieBroadband (A popular Australia ISP) which use Cisco Nexus gear that's IPoE, the DHCP request starts the accounting so it is required for connectivity to work, there is no option to statically assign an address as a workaround.
This could perhaps related to close bug: https://redmine.pfsense.org/issues/2919
See attached screenshots of the interface in a broken IPv6 state and then after a manual release and renew
Files
Sam McLeod wrote:
If the upstream ISP on the WAN link has an IPv6 failure / outage, PFSense does not release and renew the IPv6 lease.
I have the same issue as well with the same ISP.
Can't find if this is being tracked elsewhere now but it's still an issue.
Last night all PFSense users in the states of Victoria and Tasmania using AussieBB (a major ISP in Australia) that had planned maintenance at 4AM~ found that all IPv6 traffic was failing (e.g. ping6 google.com) - upon release and renew an IPv6 WAN address was not assigned by PFSense and they had to wait at least 20s between the release and renew on the WAN link for v6 to get an assignment.
- Is there any update on when this will be fixed?
- Assignee set to Renato Botelho
- Target version set to 2.5.0
Looks like Opensense has a bugfix for the issue:
Hi, considering the fact that the user only saw the patched version not fix the issue one time, would it be possible to review the upstream fixs implemented by the wide-dhcpv6 and look to implement the same in a dev release? I just don't see much priority given to this by Opnsense considering the reporter has not returned in over a month.
As someone affected by this bug on an almost daily basis, i'd be happy to provide whatever testing may assist.
Really keen to see some progress with this, it's impacting me on an almost weekly basis.
Please let me know if there is any further debugging or information I can provide to get this moving.
Same here - it's a very common issue for me as well, more than happy to get involved in helping nail this one if I can.
- Status changed from New to Feedback
I updated this morning to the latest 2.5 release which had the dhcp6-20080615.2_4 client. I then rebooted this afternoon to install the latest build, and it failed to retrieve a DHCP6 address on reboot. Logs are below and seem a little confusing to me. This is the last mention of dhcp6c in the log, it's now 3 hours later and there's nothing showing it trying to get a new address.
(Logs in next post)
But I do a manual release / renew and it picks up an address
Logs Attached showing the reboot releasing (?) the address but the manual release / renew being successful.
- Status changed from Feedback to In Progress
Apart from the initial failure to get an address on the WAN interface, i've not lost DHCPv6 on the WAN interface in 5 days, and it's normally a daily event. So it's likely the bug has been quashed and I experienced some other esoteric issue.
- Status changed from In Progress to Resolved
Thanks for letting us know
Thanks all for your efforts on this, great to see it in the 2.5.0 release today!
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by Viktor Gurov 
Updated by Anonymous 
Updated by 
Updated by 
Updated by 
