pfSense

I'm running 21.02.2-RELEASE on a Netgate SG-8860.

I have a working he.net TunnelBroker tunnel which works fine with LAGG/LACP off. The moment I turn LAGG/LACP on in my modem, and then migrate my WAN connection in pfSense to the LAGG connection, the HE tunnel drops and I experience 100% packet loss on the gif0 side.

I ran packet capture on gif0 and lagg0 interfaces and can see the traffic going to Tunnelbroker but zero replies/return traffic from HE.net. I contacted HE.net support and they don't see any of the traffic coming in. Packet capture attached.

I've ran pfsense continuously since 2011 and HE tunnels since 2009 so pretty familiar with both. I hypothesize the issue is either the modem dropping protocol 41 with LAGG enabled, or a bug in pfSense encapsulating gif/6to4 over LAGG interfaces. I could imagine not too many users running GIF over LAGG.

Again, Tunnel works fine without LAGG/LACP enabled, then 100% packet loss with LAGG/LACP enabled. As soon as I disable LAGG on the modem and on pfsense, with zero other changes and of course no physical layer changes, tunnel pops right back up 0% packet loss no routing issues whatsoever.