Project

General

Profile

Actions
Copy link

Bug #15876

open

Routing Advertisements daemon fails to start when configured with more than 3 RDNSS entries in a prefix

Added by Christopher Saia 7 days ago. Updated 3 days ago.

Status:
Feedback
Priority:
Normal
Assignee:
Marcos M
Category:
IPv6 Router Advertisements (radvd/rtsold)
Target version:
2.8.0
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
25.01
Release Notes:
Default
Affected Version:
Affected Architecture:
All

Description

It's possible to silently crash the Router Advertisements daemon (radvd) with a DHCPv6 scope that is configured with four DNS servers. pfSense WebUI appears to accept this configuration and does not readily indicate that the daemon has failed or why.

Netgate Forums article: https://forum.netgate.com/topic/195340/radvd-crashes-with-4-dns-servers-in-dhcpv6-scope

Steps to reproduce:
1) Enter four DNS servers into a DHCPv6 scope.
2) Enable Router Advertisements for the subnet and check the option for "Mirror DHCPv6 DNS Configuration".
3) Save the configuration. It will appear to save OK, but radvd has crashed. Clients will lose the IPv6 RA in time.
4) Further changes can be made to Routing Advertisements in the pfSense WebUI, but the daemon crashes on each save.

The following error is emitted by radvd: 

too many addresses in RDNSS section

It's been confirmed by Netgate that radvd only accepts three DNS servers.

Steps to resolve / work around:
1) Reduce the number of DNS servers in the scope to three or less. Save the configuration. Service will start running.

Expected behavior - There are a couple options:
1) Refuse to accept the configuration and output an error.
2) Accept the configuration and output a warning that only the first three DNS servers will be advertised.

Actions
Copy link
 #1

Updated by Christopher Saia 7 days ago

Found in the radvd log:

2024-11-26 14:52:43.494021-05:00    radvd    99792    exiting, failed to read config file
2024-11-26 14:52:43.493191-05:00    radvd    99792    too many addresses in RDNSS section
Actions
Copy link
 #2

Updated by Jim Pingle 7 days ago

  • Project changed from pfSense Plus to pfSense
  • Subject changed from Routing Advertisements crashes with 4 DNS servers in DHCPv6 scope to Routing Advertisements daemon fails to start when configured with more than 3 RDNSS entries in a prefix
  • Category changed from Routing to IPv6 Router Advertisements (radvd/rtsold)
  • Target version set to 2.8.0
  • Affected Plus Version deleted (24.11)
  • Plus Target Version set to 25.01
Actions
Copy link
 #3

Updated by Marcos M 7 days ago

  • Status changed from New to In Progress
  • Assignee set to Marcos M

We can enforce the limit to avoid the service start failure.

Actions
Copy link
 #4

Updated by Marcos M 7 days ago

  • Status changed from In Progress to Feedback
  • % Done changed from 0 to 100
Actions
Copy link
 #5

Updated by Christopher Cope 3 days ago

Applying the changes as a patch on

25.01-DEVELOPMENT (amd64)
built on Tue Nov 26 14:49:00 UTC 2024
FreeBSD 15.0-CURRENT

results in the limit being enforced and radvd working as expected. Waiting to mark resolved until it included in a dev build.

Actions
Copy link

Also available in: Atom PDF