Project

General

Profile

Bug #6258

Default gateway switching issue with IPv6 and link local gateways

Added by Luke Hamburg over 3 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Category:
Routing
Target version:
Start date:
04/25/2016
Due date:
% Done:

0%

Estimated time:
Affected Version:
All
Affected Architecture:

Description

Doing my best to describe this perceived bug in 2.3. Running on an SG-2440. I have 2 WAN interfaces, both of them DHCP assigned. One has native IPv6 (Time Warner Cable / igb2) and the other does not (Verizon FIOS / igb1). LAN is igb0. When a hotplug event occurs or a DHCP renew etc - basically anything that normally triggers a refresh of the IPs and filter rules, my logs get flooded with spam similar to:

php-fpm /rc.filter_configure_sync: The command '/sbin/route change -inet6 default fe80::217:10ff:fe88:498d' returned exit code '1',
the output was 'route: writing to routing socket: Network is unreachable route: writing to routing socket: Network is unreachable
change net default: gateway fe80::217:10ff:fe88:498d fib 0: Network is unreachable'

php-fpm /rc.newwanip: The command '/sbin/route change -inet6 default fe80::217:10ff:fe88:498d' returned exit code '1',
the output was 'route: writing to routing socket: Network is unreachable route: writing to routing socket: Network is unreachable
change net default: gateway fe80::217:10ff:fe88:498d fib 0: Network is unreachable'

I have seen these messages come through attached to rc.dyndns.update, rc.newwanip and rc.filter_configure_sync and perhaps other functions.

What I found is that the /sbin/route command that is being executed by those functions apparently needs an additional parameter- the physical interface tagged to the end of the command for it to work. E.g.

/sbin/route change -inet6 default fe80::217:10ff:fe88:498d
does not work and results in an error, but
/sbin/route change -inet6 default fe80::217:10ff:fe88:498d%igb2
works as expected. So it seems that the '%' and whatever follows it is very important and is being omitted by the default routines.

Below is a screenshot...

screen1.png (241 KB) screen1.png Luke Hamburg, 04/25/2016 09:08 AM
routing_errors.txt (10.5 KB) routing_errors.txt Luke Hamburg, 04/26/2016 09:18 PM

Associated revisions

Revision 857f3490 (diff)
Added by Chris Buechler over 3 years ago

Handle link local IPv6 gateways and default gateway switching correctly. Ticket #6258

Revision ea940381 (diff)
Added by Chris Buechler over 3 years ago

Handle link local IPv6 gateways and default gateway switching correctly. Ticket #6258

History

#1 Updated by Chris Buechler over 3 years ago

the interface scope is included where the gateway is link local, and doesn't already contain %.

https://github.com/pfsense/pfsense/blob/RELENG_2_3_0/src/etc/inc/system.inc#L649

Both of those look to be satisfied for that case.

Do you see that log "ROUTING: setting IPv6 default route to" at the time as well? There isn't anywhere else that runs a "route change -inet6 default" in the PHP code and I don't think anything else would, but that would be good to confirm.

#2 Updated by Greg M over 3 years ago

Hi!
See https://forum.pfsense.org/index.php?topic=108432.msg603891#msg603891

I had dozens of above messages until I checked "Use non-local gateway through interface specific route".

I would say that this could be spam as nothing was affected.

#3 Updated by Luke Hamburg over 3 years ago

Chris Buechler wrote:

Do you see that log "ROUTING: setting IPv6 default route to" at the time as well? There isn't anywhere else that runs a "route change -inet6 default" in the PHP code and I don't think anything else would, but that would be good to confirm.

Yes I do see that here and there in the log. I ran this command (added -A2/-B2 params to get some before/after context):

clog /var/log/system.log | grep -A2 -B2 "ROUTING: setting IPv6 default route" 

See attached file with the output. The thing is, I also see many many cases in the logs where I get the "/sbin/route change -inet6 default..." error and it does not come along with a ROUTING: setting IPv6 default route message.

#4 Updated by Luke Hamburg over 3 years ago

Is there anything else I can do to help debug this? Currently my system log is 50-60% comprised of these messages. Makes looking for other things a lot more tedious.

#5 Updated by Luke Hamburg over 3 years ago

Update: I have decided to test 2.3.1 snapshots. I am now on 2.3.1.a.20160512.1401 and there hasn't been any change as far as this (bug?). Still would very much like to try to help get to the bottom of it, if there is anything I can do to help please let me know.

#6 Updated by Chris Buechler over 3 years ago

  • Subject changed from Bug when handling default route change for IPv6 enabled interface to Default gateway switching issue with IPv6 and link local gateways
  • Category set to Routing
  • Status changed from New to Confirmed
  • Assignee set to Chris Buechler
  • Target version set to 2.3.1
  • Affected Version changed from 2.3 to All

Now I see what's happening. If you have default gateway switching enabled and a link local gateway, this happens.

#7 Updated by Chris Buechler over 3 years ago

  • Status changed from Confirmed to Feedback

fix pushed, works here.

#8 Updated by Luke Hamburg over 3 years ago

Confirmed! I did a gitsync and the bug seems to have been squashed! Went through a couple of reboot cycles and firewall edits/saves to be sure.

Thank you so much Chris

#9 Updated by Chris Buechler over 3 years ago

  • Status changed from Feedback to Resolved

Thanks for the confirmation. Also confirmed in another setup here, looks good.

Also available in: Atom PDF