Project

General

Profile

Actions

Bug #13555

closed

When WAN is lost, ipv6 interface will not renew upon WAN availability

Added by ahx cjb over 1 year ago. Updated 7 months ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
DHCP (IPv6)
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

See: https://forum.netgate.com/topic/174029/if-internet-goes-down-ipv6-won-t-work-until-reboot

Steps to reproduce:
- Remove WAN cable from pfSense
- Re-insert WAN cable

Observations:
- ipv4 interface comes back up with IP immediately
- ipv6 interface (local-link) is down.
- No RA packets are observed.

[22.05-RELEASE][admin@root: /sbin/rtsol -DF ix0
rtsol: checking if ix0 is ready...
rtsol: ix0 is tentative
rtsol: set timer for ix0 to 1s
rtsol: New timer is 1s
rtsol: timer expiration on ix0, state = 4
rtsol: checking if ix0 is ready...
rtsol: ix0 is ready
rtsol: set timer for ix0 to 0s
rtsol: New timer is 0s
rtsol: timer expiration on ix0, state = 1
rtsol: sendmsg on ix0: Network is down
rtsol: set timer for ix0 to 4s
rtsol: New timer is 4s

- To fix:
Reboot pfSense
NB: You must 'reboot', not 'reroot'.

Replicatable? Yes. Every single time.


Related issues

Related to Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some casesResolvedKristof Provost

Actions
Actions #1

Updated by ahx cjb over 1 year ago

IPv4 WAN setup ?

Ethernet to [Nokia] Fibre ONT [Verizon US]

Multi WAN or not ?

Single WAN.

What is your IPv6 setup ?

Configuration Type: DHCP6
Prefix: /56
Send IPv6 prefix hint: enabled
Do not wait for RA: Enabled.
Do not allow PD/Address release: Enabled

Actions #2

Updated by Kris Phillips over 1 year ago

I'm unable to reproduce this. I have two WANs with IPv6 and when I unplug the cable on either one, then reconnect it 30 seconds later, they immediately show both IPv4 and IPv6 as available and online.

Actions #3

Updated by Kris Phillips over 1 year ago

Correction: I was able to reproduce this with one of my two ISPs after I changed some settings.

Disabling the option "Do not wait for RA" caused the mentioned issue. However, enabling this option on the WAN caused IPv6 to work normally.

Likely your ISP doesn't send RAs until a DHCP6 request is received (like mine). This is likely not a bug, but expected behavior with some ISPs.

Actions #4

Updated by ahx cjb over 1 year ago

Kris Phillips wrote in #note-3:

Correction: I was able to reproduce this with one of my two ISPs after I changed some settings.

Disabling the option "Do not wait for RA" caused the mentioned issue. However, enabling this option on the WAN caused IPv6 to work normally.

Likely your ISP doesn't send RAs until a DHCP6 request is received (like mine). This is likely not a bug, but expected behavior with some ISPs.

I believe RAs are sent prior to a DHCP6 request being sent. My ISP is Verizon (USA). I simply do not see any once the ip6 link is broken (pulling cable from WAN port). Rebooting immediately brings back the ip6 link. This is not normal / expected behaviour.

[22.05-RELEASE][@pfSense] sudo /sbin/rtsol -DF igc0
rtsol: checking if igc0 is ready...
rtsol: cap_llflags_get() failed, anyway I'll try
rtsol: set timer for igc0 to 1s
rtsol: New timer is 1s
rtsol: timer expiration on igc0, state = 1
rtsol: sendmsg on igc0: Can't assign requested address
rtsol: set timer for igc0 to 4s
rtsol: New timer is 4s
rtsol: rtmsg type 2, len=240
rtsol: New timer is 4s
rtsol: timer expiration on igc0, state = 2
rtsol: sendmsg on igc0: Can't assign requested address
rtsol: set timer for igc0 to 4s
rtsol: New timer is 4s
rtsol: rtmsg type 2, len=240
rtsol: New timer is 4s
rtsol: rtmsg type 2, len=240
rtsol: New timer is 1s
rtsol: rtmsg type 4, len=272
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=272
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=336
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=336
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=272
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=272
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=336
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=336
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=272
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=272
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=336
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=336
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=272
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=272
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=336
rtsol: New timer is 0s
rtsol: rtmsg type 4, len=336
rtsol: New timer is 0s
rtsol: timer expiration on igc0, state = 2
rtsol: sendmsg on igc0: Can't assign requested address
rtsol: set timer for igc0 to 1s
rtsol: New timer is 1s
rtsol: timer expiration on igc0, state = 2
rtsol: No answer after sending 3 RSs
rtsol: stop timer for igc0
rtsol: there is no timer

Actions #5

Updated by Kris Phillips over 1 year ago

This redmine can be closed as Not a Bug

Actions #6

Updated by ahx cjb over 1 year ago

Kris Phillips wrote in #note-5:

This redmine can be closed as Not a Bug

No. It can't. It is reproducable on every Verizon line I have tried this on. Did you reproduce this on a Verizon FTTP ONT connection? I suspect not.

Disabling the option "Do not wait for RA" caused the mentioned issue.

..and yet, I have that option checked and the issue still occurs.

This is likely not a bug, but expected behavior with some ISPs.

This is a bug. If this was 'expected behaviour', how does an ip6 lease only ever get assigned when the router is rebooted. This is ridiculous. What logs can I supply to help get this fixed?

Actions #7

Updated by Marcos M over 1 year ago

It may be helpful to have DHCP6 debugging enabled under System / Advanced / Networking and getting the full logs both while it's working and not working. Additionally if possible, testing the latest 2.7 snapshot to see if the issue is already resolved there.

Actions #8

Updated by Vincent Gauthier 11 months ago

The problem persists in version 23.05 with the same configuration as above (different ISP).

The problem doesn't seem to come from dhcpv6, see the example below:
1. I disconnect the cable, dhcpv6 loses the connection
2. I reconnect the cable, dhcpv6 get back the prefix delegated by my provider
3. However, dpinger is unable to send ping on the interface and my interface has no ipv6 address (ifconfig).

## Dpinger log
Jun 28 22:46:30    dpinger    73486    WAN_BOUYGUES_DHCP6 fe80::1%ix3.100: sendto error: 55
Jun 28 22:46:29    dpinger    73486    WAN_BOUYGUES_DHCP6 fe80::1%ix3.100: sendto error: 55
Jun 28 22:46:29    dpinger    73486    WAN_BOUYGUES_DHCP6 fe80::1%ix3.100: Alarm latency 2573us stddev 1251us loss 33%
Jun 28 22:46:29    dpinger    73486    WAN_BOUYGUES_DHCP6 fe80::1%ix3.100: sendto error: 55
Jun 28 22:46:28    dpinger    73486    WAN_BOUYGUES_DHCP6 fe80::1%ix3.100: sendto error: 55
Jun 28 22:46:28    dpinger    73486    WAN_BOUYGUES_DHCP6 fe80::1%ix3.100: sendto error: 55
Jun 28 22:46:27    dpinger    73486    WAN_BOUYGUES_DHCP6 fe80::1%ix3.100: sendto error: 55

# DHCPv6 log on the wan interface, pfsense acquire the prefix correctly
Jun 28 22:46:17    dhcp6c    75750    got an expected reply, sleeping.
Jun 28 22:46:17    dhcp6c    75750    removing server (ID: 00:03:00:01:a4:7b:2c:b1:d6:01)
Jun 28 22:46:17    dhcp6c    75750    removing an event on ix3.100, state=REQUEST
Jun 28 22:46:17    dhcp6c    75750    script "/var/etc/dhcp6c_opt7_dhcp6withoutra_script.sh" terminated
Jun 28 22:46:17    dhcp6c    16320    dhcp6c REQUEST on ix3.100 - running rtsold
Jun 28 22:46:17    dhcp6c    75750    executes /var/etc/dhcp6c_opt7_dhcp6withoutra_script.sh
Jun 28 22:46:17    dhcp6c    75750    add an address 2001:861:3080:xxx:92ec:77ff:fe35:c688/64 on ix2.10
Jun 28 22:46:17    dhcp6c    75750    add an address 2001:861:3080:xxx:92ec:77ff:fe35:c688/64 on ix2.20
Jun 28 22:46:17    dhcp6c    75750    add an address 2001:861:3080:xxx:92ec:77ff:fe35:c688/64 on ix2
Jun 28 22:46:17    dhcp6c    75750    add an address 2001:861:3080:xxx:92ec:77ff:fe35:c68b/64 on igc0
Jun 28 22:46:17    dhcp6c    75750    create a prefix 2001:861:3080:xxx::/60 pltime=5400, vltime=7200
Jun 28 22:46:17    dhcp6c    75750    make an IA: PD-0
Jun 28 22:46:17    dhcp6c    75750    nameserver[1] 2001:860:b0ff:1::2
Jun 28 22:46:17    dhcp6c    75750    nameserver[0] 2001:860:b0ff:1::1
Jun 28 22:46:17    dhcp6c    75750    dhcp6c Received REQUEST
Jun 28 22:46:17    dhcp6c    75750    IA_PD prefix: 2001:861:3080:730::/60 pltime=5400 vltime=18446744065119624224
Jun 28 22:46:17    dhcp6c    75750    get DHCP option IA_PD prefix, len 25
Jun 28 22:46:17    dhcp6c    75750    IA_PD: ID=0, T1=2700, T2=3600
Jun 28 22:46:17    dhcp6c    75750    get DHCP option IA_PD, len 41
Jun 28 22:46:17    dhcp6c    75750    get DHCP option DNS, len 32
Jun 28 22:46:17    dhcp6c    75750    DUID: 00:03:00:01:39:49:5b:e3:2d:08
Jun 28 22:46:17    dhcp6c    75750    get DHCP option client ID, len 10
Jun 28 22:46:17    dhcp6c    75750    DUID: 00:03:00:01:a4:7b:2c:b1:d6:01
Jun 28 22:46:17    dhcp6c    75750    get DHCP option server ID, len 10
Jun 28 22:46:17    dhcp6c    75750    receive reply from fe80::1%ix3.100 on ix3.100
Jun 28 22:46:17    dhcp6c    75750    reset a timer on ix3.100, state=REQUEST, timeo=0, retrans=909
Jun 28 22:46:17    dhcp6c    75750    send request to ff02::1:2%ix3.100
Jun 28 22:46:17    dhcp6c    75750    set IA_PD
Jun 28 22:46:17    dhcp6c    75750    set IA_PD prefix
Jun 28 22:46:17    dhcp6c    75750    set option request (len 4)
Jun 28 22:46:17    dhcp6c    75750    set elapsed time (len 2)
Jun 28 22:46:17    dhcp6c    75750    set server ID (len 10)
Jun 28 22:46:17    dhcp6c    75750    set client ID (len 10)
Jun 28 22:46:17    dhcp6c    75750    a new XID (bc0c1a) is generated
Jun 28 22:46:17    dhcp6c    75750    Sending Request
Jun 28 22:46:17    dhcp6c    75750    picked a server (ID: 00:03:00:01:a4:7b:2c:b1:d6:01)
Jun 28 22:46:16    dhcp6c    75750    reset timer for ix3.100 to 0.992407
Jun 28 22:46:16    dhcp6c    75750    server ID: 00:03:00:01:a4:7b:2c:b1:d6:01, pref=-1
Jun 28 22:46:16    dhcp6c    75750    IA_PD prefix: 2001:861:3080:730::/60 pltime=5400 vltime=18446744065119624224
Jun 28 22:46:16    dhcp6c    75750    get DHCP option IA_PD prefix, len 25
Jun 28 22:46:16    dhcp6c    75750    IA_PD: ID=0, T1=2700, T2=3600
Jun 28 22:46:16    dhcp6c    75750    get DHCP option IA_PD, len 41
Jun 28 22:46:16    dhcp6c    75750    get DHCP option DNS, len 32
Jun 28 22:46:16    dhcp6c    75750    DUID: 00:03:00:01:39:49:5b:e3:2d:08
Jun 28 22:46:16    dhcp6c    75750    get DHCP option client ID, len 10
Jun 28 22:46:16    dhcp6c    75750    DUID: 00:03:00:01:a4:7b:2c:b1:d6:01
Jun 28 22:46:16    dhcp6c    75750    get DHCP option server ID, len 10
Jun 28 22:46:16    dhcp6c    75750    receive advertise from fe80::1%ix3.100 on ix3.100
Jun 28 22:46:16    dhcp6c    75750    reset a timer on ix3.100, state=SOLICIT, timeo=0, retrans=1091
Jun 28 22:46:16    dhcp6c    75750    send solicit to ff02::1:2%ix3.100
Jun 28 22:46:16    dhcp6c    75750    set IA_PD
Jun 28 22:46:16    dhcp6c    75750    set IA_PD prefix
Jun 28 22:46:16    dhcp6c    75750    set option request (len 4)
Jun 28 22:46:16    dhcp6c    75750    set elapsed time (len 2)
Jun 28 22:46:16    dhcp6c    75750    set client ID (len 10)
Jun 28 22:46:16    dhcp6c    75750    a new XID (8c2202) is generated
Jun 28 22:46:16    dhcp6c    75750    Sending Solicit
Jun 28 22:46:15    dhcp6c    75750    reset a timer on ix3.100, state=INIT, timeo=0, retrans=891
Jun 28 22:46:15    dhcp6c    75713    called
Jun 28 22:46:15    dhcp6c    75713    called
Jun 28 22:46:15    dhcp6c    75713    <3>end of closure [}] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>end of closure [}] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[4] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[sla-len] (7)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[2] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[sla-id] (6)
Jun 28 22:46:15    dhcp6c    75713    <3>begin of closure [{] (1)
Jun 28 22:46:15    dhcp6c    75713    <5>[ix2.10] (6)
Jun 28 22:46:15    dhcp6c    75713    <3>[prefix-interface] (16)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>end of closure [}] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[4] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[sla-len] (7)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[3] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[sla-id] (6)
Jun 28 22:46:15    dhcp6c    75713    <3>begin of closure [{] (1)
Jun 28 22:46:15    dhcp6c    75713    <5>[ix2.20] (6)
Jun 28 22:46:15    dhcp6c    75713    <3>[prefix-interface] (16)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>end of closure [}] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[4] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[sla-len] (7)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[1] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[sla-id] (6)
Jun 28 22:46:15    dhcp6c    75713    <3>begin of closure [{] (1)
Jun 28 22:46:15    dhcp6c    75713    <5>[ix2] (3)
Jun 28 22:46:15    dhcp6c    75713    <3>[prefix-interface] (16)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>end of closure [}] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[4] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[sla-len] (7)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[0] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[sla-id] (6)
Jun 28 22:46:15    dhcp6c    75713    <3>begin of closure [{] (1)
Jun 28 22:46:15    dhcp6c    75713    <5>[igc0] (4)
Jun 28 22:46:15    dhcp6c    75713    <3>[prefix-interface] (16)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[infinity] (8)
Jun 28 22:46:15    dhcp6c    75713    <3>[60] (2)
Jun 28 22:46:15    dhcp6c    75713    <3>[/] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[::] (2)
Jun 28 22:46:15    dhcp6c    75713    <3>[prefix] (6)
Jun 28 22:46:15    dhcp6c    75713    <13>begin of closure [{] (1)
Jun 28 22:46:15    dhcp6c    75713    <13>[0] (1)
Jun 28 22:46:15    dhcp6c    75713    <13>[pd] (2)
Jun 28 22:46:15    dhcp6c    75713    <3>[id-assoc] (8)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>end of closure [}] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>comment [# we'd like nameservers and RTSOLD to do all the work] (53)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>["/var/etc/dhcp6c_opt7_dhcp6withoutra_script.sh"] (47)
Jun 28 22:46:15    dhcp6c    75713    <3>[script] (6)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[domain-name] (11)
Jun 28 22:46:15    dhcp6c    75713    <3>[request] (7)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[domain-name-servers] (19)
Jun 28 22:46:15    dhcp6c    75713    <3>[request] (7)
Jun 28 22:46:15    dhcp6c    75713    <3>comment [# request prefix delegation] (27)
Jun 28 22:46:15    dhcp6c    75713    <3>end of sentence [;] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[0] (1)
Jun 28 22:46:15    dhcp6c    75713    <3>[ia-pd] (5)
Jun 28 22:46:15    dhcp6c    75713    <3>[send] (4)
Jun 28 22:46:15    dhcp6c    75713    <3>begin of closure [{] (1)
Jun 28 22:46:15    dhcp6c    75713    <5>[ix3.100] (7)
Jun 28 22:46:15    dhcp6c    75713    <3>[interface] (9)
Jun 28 22:46:15    dhcp6c    75713    skip opening control port
Jun 28 22:46:15    dhcp6c    75713    failed initialize control message authentication
Jun 28 22:46:15    dhcp6c    75713    failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory
Jun 28 22:46:15    dhcp6c    75713    extracted an existing DUID from /var/db/dhcp6c_duid: 00:03:00:01:39:49:5b:e3:2d:08

# Shuting down the connexion
Jun 28 22:11:27    dhcp6c    34544    exiting
Jun 28 22:11:27    dhcp6c    34544    script "/var/etc/dhcp6c_opt7_dhcp6withoutra_script.sh" terminated
Jun 28 22:11:27    dhcp6c    61116    script "/var/etc/dhcp6c_opt7_dhcp6withoutra_script.sh" cannot be executed safely
Jun 28 22:11:27    dhcp6c    61116    lstat failed: No such file or directory
Jun 28 22:11:27    dhcp6c    34544    executes /var/etc/dhcp6c_opt7_dhcp6withoutra_script.sh
Jun 28 22:11:27    dhcp6c    34544    removing an event on ix3.100, state=INIT
Jun 28 22:11:27    dhcp6c    34544    reset a timer on ix3.100, state=INIT, timeo=0, retrans=192
Jun 28 22:11:27    dhcp6c    34544    remove an address 2001:861:3080:xxx:92ec:77ff:fe35:c688/64 on ix2.10
Jun 28 22:11:27    dhcp6c    34544    remove an address 2001:861:3080:xxx:92ec:77ff:fe35:c688/64 on ix2.20
Jun 28 22:11:27    dhcp6c    34544    remove an address 2001:861:3080:xxx:92ec:77ff:fe35:c688/64 on ix2
Jun 28 22:11:27    dhcp6c    34544    remove an address 2001:861:3080:xxx:92ec:77ff:fe35:c68b/64 on igc0
Jun 28 22:11:27    dhcp6c    34544    remove a site prefix 2001:861:3080:xxx::/60
Jun 28 22:11:27    dhcp6c    34544    remove an IA: PD-0
Jun 28 22:11:27    dhcp6c    34544    Bypassing address release because of -n flag
Jun 28 22:11:27    dhcp6c    34544    exit without release
Actions #9

Updated by Mike McV 9 months ago

I have the same issue and have spent some time looking in to it. It looks to be more related to RADVD/NDP than DHCP6.

My NDP table before a Cable modem reset consists of....

fe80::2ca:e5ff:fec9:f022%lagg1 00:ca:e5:c9:f0:22 WAN 15m30s
fe80::a236:9fff:fe21:a5a4%lagg1 a0:36:9f:21:a5:a4 WAN permanent

After the Cable modem reset only my local device (a5a4) is in the table and kernel logs record...

Aug 29 12:31:23 kernel nd6_get_llentry: can't allocate llinfo for fe80:e::2ca:e5ff:fec9:f022 (ln=0)
Aug 29 12:31:23 kernel IPv6 address: "fe80:e::2ca:e5ff:fec9:f022" is not on the network
Aug 29 12:31:23 kernel nd6_get_llentry: can't allocate llinfo for fe80:e::2ca:e5ff:fec9:f022 (ln=0)
Aug 29 12:31:23 kernel IPv6 address: "fe80:e::2ca:e5ff:fec9:f022" is not on the network
Aug 29 12:31:23 kernel nd6_get_llentry: can't allocate llinfo for fe80:e::2ca:e5ff:fec9:f022 (ln=0)
Aug 29 12:31:23 kernel IPv6 address: "fe80:e::2ca:e5ff:fec9:f022" is not on the network

My PFSense may or may not retain my allocation (typically not) and restarting RADVD does not help.

Without NDP populating linklocal addressing for the RA's routing and/or DHCP6 will not complete.

I hope this helps
Like mentioned above only a restart resolves.

Thank You

Actions #10

Updated by Marcos M 9 months ago

Perhaps it's related to / caused by #13423. If possible, try testing it on 23.09 dev snapshots.

Actions #11

Updated by Mike McV 9 months ago

I am on 23.09.a.20230826.1731...

Just did some more captures and am not seeing any solicitations or any other random traffic sourcing from the PFSense side from the remote side i get RA's, multicast listener. for Inside interfaces I do see solicitation and response messages for NDP.

From what i interpret from 13423 the NDP seems to be system wide, but i may be mistaken.

Captures below.

22:47:46.347131 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::1: ICMP6, router advertisement, length 160
22:47:48.914562 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::16: HBH ICMP6, multicast listener report v2, 6 group record(s), length 128
22:47:49.659712 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::1: ICMP6, router advertisement, length 160
22:47:52.774637 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::1: ICMP6, router advertisement, length 160
22:47:55.920882 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::1: ICMP6, router advertisement, length 160
22:47:59.026683 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::1: ICMP6, router advertisement, length 160
22:47:59.414136 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::16: HBH ICMP6, multicast listener report v2, 6 group record(s), length 128
22:48:01.414071 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::16: HBH ICMP6, multicast listener report v2, 6 group record(s), length 128
22:48:02.105198 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::1: ICMP6, router advertisement, length 160
22:48:05.314003 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::1: ICMP6, router advertisement, length 160
22:48:06.664529 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::16: HBH ICMP6, multicast listener report v2, 6 group record(s), length 128
22:48:07.608173 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::16: HBH ICMP6, multicast listener report v2, 6 group record(s), length 128
22:48:08.340473 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::1: ICMP6, router advertisement, length 160
22:48:11.450551 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::1: ICMP6, router advertisement, length 160
22:48:14.590111 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::1: ICMP6, router advertisement, length 160
22:48:16.414373 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::16: HBH ICMP6, multicast listener report v2, 6 group record(s), length 128
22:48:17.713878 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::1: ICMP6, router advertisement, length 160
22:48:20.414623 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::16: HBH ICMP6, multicast listener report v2, 6 group record(s), length 128
22:48:20.779010 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::1: ICMP6, router advertisement, length 160
22:48:23.893071 IP6 fe80::2ca:e5ff:fec9:f022 > ff02::1: ICMP6, router advertisement, length 160

Actions #12

Updated by ahx cjb 9 months ago

Happened again early hours of the morning for me. VZ carried out a brief interruption to service, v4 lease comes back within seconds, v6 is dropped. Rebooting is the only fix.

Actions #13

Updated by ahx cjb 7 months ago

Confirmed that 23.09 resolves this issue.

Actions #14

Updated by Marcos M 7 months ago

  • Project changed from pfSense Plus to pfSense
  • Category changed from DHCP Client (IPv6) to DHCP (IPv6)
  • Status changed from New to Duplicate
  • Affected Plus Version deleted (22.05)

Thank you for confirming.

Actions #15

Updated by Marcos M 7 months ago

  • Related to Bug #13423: IPv6 neighbor discovery protocol (NDP) fails in some cases added
Actions

Also available in: Atom PDF