Bug #11949
closed
LAGG/LACP with GIF 6to4 tunnel is broken
0%
Description
I'm running 21.02.2-RELEASE on a Netgate SG-8860.
I have a working he.net TunnelBroker tunnel which works fine with LAGG/LACP off. The moment I turn LAGG/LACP on in my modem, and then migrate my WAN connection in pfSense to the LAGG connection, the HE tunnel drops and I experience 100% packet loss on the gif0 side.
I ran packet capture on gif0 and lagg0 interfaces and can see the traffic going to Tunnelbroker but zero replies/return traffic from HE.net. I contacted HE.net support and they don't see any of the traffic coming in. Packet capture attached.
I've ran pfsense continuously since 2011 and HE tunnels since 2009 so pretty familiar with both. I hypothesize the issue is either the modem dropping protocol 41 with LAGG enabled, or a bug in pfSense encapsulating gif/6to4 over LAGG interfaces. I could imagine not too many users running GIF over LAGG.
Again, Tunnel works fine without LAGG/LACP enabled, then 100% packet loss with LAGG/LACP enabled. As soon as I disable LAGG on the modem and on pfsense, with zero other changes and of course no physical layer changes, tunnel pops right back up 0% packet loss no routing issues whatsoever.
Files
Updated by Jim Pingle over 4 years ago
- Status changed from New to Not a Bug
Not enough evidence here to conclude that it's a bug in FreeBSD or pfSense. You could test it further by not enabling LAGG on the modem, but setting the pfSense end to use a passive LAGG style such as failover which does not require any special setting on the modem. However, this site is not for support or diagnostic discussion, so post any follow-up on the Netgate Forum
See Reporting Issues with pfSense Software for more information.