Project

General

Profile

Bug #6663

IPv6 OpenVPN client is down after reboot

Added by Dmitriy K about 1 year ago. Updated 9 months ago.

Status:
Resolved
Priority:
Normal
Category:
OpenVPN
Target version:
Start date:
07/30/2016
Due date:
% Done:

100%

Affected version:
2.3.2
Affected Architecture:

Description

Setup:
  1. WAN PPPoE WAN
  2. HE.NET tunnel on WAN
  3. Static IPv6 on LAN
Steps to reproduce:
  • Create a UDP6 TAP OpenVPN client
  • Create and enable an iface for the client [for example, OVPN_AMS]
  • Reboot router
Expected:
  • OVPN_AMS is up
Actual:
  • OVPN_AMS is down. There is an error in the log: "TCP/UDP: Socket bind failed on local address [AF_INET6]2001:470:<censored>::: Can't assign requested address"

pfSense 2.3.0 does not have such bug as far as I can recall. It appeared in 2.3.1 but I was too lazy to report.

History

#1 Updated by Jim Pingle about 1 year ago

  • Target version changed from 2.3.2_1 to 2.4.0

#2 Updated by Jim Thompson 12 months ago

  • Assignee set to Jim Pingle

Pingle pls confirm

#3 Updated by Jim Pingle 11 months ago

  • Status changed from New to Confirmed
  • Assignee deleted (Jim Pingle)
  • Priority changed from High to Normal

Confirmed, doesn't need PPPoE. An OpenVPN instance on an assigned GIF interface is enough. It's acting as though the GIF interface is not configured when OpenVPN attempts to start.

Nov 7 15:02:06     openvpn     9665     OpenVPN 2.3.12 amd64-portbld-freebsd11.0 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Oct 20 2016
Nov 7 15:02:06     openvpn     9665     library versions: OpenSSL 1.0.2j-freebsd 26 Sep 2016, LZO 2.09
Nov 7 15:02:06     openvpn     9988     NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov 7 15:02:06     openvpn     9988     TCP/UDP: Socket bind failed on local address [AF_INET6]2001:xxxx:xxxx:xxxx::2:1194: Can't assign requested address
Nov 7 15:02:06     openvpn     9988     Exiting due to fatal error 

#4 Updated by Renato Botelho 9 months ago

  • Status changed from Confirmed to Feedback
  • Assignee set to Renato Botelho
  • % Done changed from 0 to 100

It happened in cases where specific IPv6 is selected to bind and interface is in 'tentative' state, as happened in the past with dpinger. I've pushed a fix, what depends of php-pfSense-module 0.33

#5 Updated by Renato Botelho 9 months ago

I've mispelled ticket # on 5280fd8d21c71c6997e1855f8b96265bd81ccb99

#6 Updated by Jim Pingle 9 months ago

  • Status changed from Feedback to Resolved

Updated a VM that had two UPD6 OpenVPN servers on a HE.net GIF WAN and they were both running after the update. On older snaps they would not start automatically.

Also available in: Atom PDF