Project

General

Profile

Actions

Bug #3670

closed

IPv6 DHCP-PD over PPPoE non functional + radvd core dump + solution

Added by Nic Hannekum over 7 years ago. Updated almost 6 years ago.

Status:
Resolved
Priority:
Normal
Category:
DHCP (IPv6)
Target version:
Start date:
05/20/2014
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:
All

Description

So i've been working through this for a couple of evenings now and have a working, reliable configuration requiring a number of patches.
Version pfSense 2.1.3-RELEASE.

My ISP (Internode) offers the following IPv6 configuration:

Here's what you get when your connection is set up for IPv6:

Your existing IPv4 address (if static) and any existing framed route(s).
A dual-stack IPv4/IPv6 PPP session.
A dynamic /64 IPv6 prefix for your PPP session.
A static /56 IPv6 prefix for your LAN (if you are using a router with Prefix Delegation).

pfSense Configuration:

-- WAN --
IPv4 Configuration Type: PPPoE
IPv6 Configuration Type: DHCP6
Use IPv4 connectivity as parent interface: Yes
Request only a IPv6 prefix: No
DHCPv6 Prefix Delegation size: 56
Send IPv6 prefix hint: No

-- LAN --
IPv4 Configuration Type: Static IPv4
IPv6 Configuration Type: Track Interface
Track...IPv6 Interface: WAN

Problem 1: Incorrect identification of WAN IPv6 interface
The get_interface_ipv6 function in /etc/inc/interfaces.php incorrectly identifies the WAN interface as the physical hardware interface (re0 in my case) rather than the pppoe0 interface.
As a result, no global IPv6 address can be found (empty $ifcfgipv6) while an incorrect /var/etc/radvd.conf file is generated (among other things like the global WAN IPv6 address not being displayed in the GUI even though ifconfig pppoe0 shows one - see this bug https://redmine.pfsense.org/issues/3556).
Solution 1: $realif should equal pppoe0 rather than re0

[2.1.3-RELEASE][root@pfsense]/etc/inc: diff interfaces.inc.pfsense interfaces.inc
4526c4526
<                 $realif = get_real_interface($interface, "inet6", true);
---
>                 $realif = get_real_interface($interface, "inet6", false);

You should now see a global IPv6 address under the WAN interface in GUI Dashboard.
Note: the above patch might be incorrect for other configurations.

Problem 2: dhcp6c configuration
Including (empty?) stateful (ia-na) DHCP6 configuration interferes with PD (ia-pd) and may be the cause of multiple dhcp6c processes (or could be related to this?: https://redmine.pfsense.org/projects/pfsense/repository/revisions/9b6010ffc526f4106bc423c8cd8fff12b9ad4cee)
Solution 2: Remove stateful configuration (for now)

[2.1.3-RELEASE][root@pfsense]/etc/inc: diff interfaces.inc.pfsense interfaces.inc
3501,3502d3500
<         if(!isset($wancfg['dhcp6prefixonly']))
<             $dhcp6cconf .= "        send ia-na 0;   # request stateful address\n";
3512,3514d3509
<         if(!isset($wancfg['dhcp6prefixonly']))
<             $dhcp6cconf .= "id-assoc na 0 { };\n";

Problem 3: radvd configuration
Definately one, potentially two configuration parameters cause PD to fail; AdvOtherConfigFlag on prevents auto-configuration of non-address information (DNS, default route?) while AdvRouterAddr on sends interface address instead of network prefix.
Solution 3: Remove these bad boys for a PD config

[2.1.3-RELEASE][root@pfsense]/etc/inc: diff services.inc.pfsense services.inc
253d252
<         $radvdconf .= "\tAdvOtherConfigFlag on;\n";
257d255
<         $radvdconf .= "\t\tAdvRouterAddr on;\n";

After applying the above i've had a solid IPv6 connection that survives "pfSense package system has detected an ip change" and reliably deligates my IPv6 prefix to LAN.

Actions

Also available in: Atom PDF