Bug #8042
closed
VLAN Priority on dhcpc6c packets is not set. REF #7973
0%
Description
Although VLAN tagging now works, it does not work for dhcp6c. Jim Pingle suggested to @kwillers that adding a new floating rule would work, this appears not to work as a rule has already been created which takes priority over any new rule. The rule in question is as shown, created in filter inc:
pass out {$log['pass']} quick on \${$oc['descr']} proto udp from any port = 546 to any port = 547 tracker {$increment_tracker($tracker)} label "{$fix_rule_label("allow dhcpv6 client out {$oc['descr']}")}"
This is where the vlan prio must be added as this rule takes precedence. @kwillers has got it to work by modding filter.inc to add the priority on the rule shown above.
I have now added an entry into interfaces.php to allow the setting of a vlan priority on the above rule.
Before I post a PR with the changes, where do we want to put this setting? Currently I have it sat at the bottom of the dhcp6c settings in WAN, where you just enter the numeric value of the VLAN, is this way acceptable or should it done as s done in the VLAN Prio set as per the firewall rules?
The changes to this will still only partially fix the issues with dhcp6c and ORANGE France. In August I sent Renato an email containing patches that are required for the client to accept RAW options, this also needs to be up-streamed
Updated by Jim Pingle over 6 years ago
- Status changed from New to Closed
With the dhcp6c options seems best. In the future, requests for discussion/clarification like this should be on the development board on the forum (https://forum.pfsense.org/index.php?board=32.0), the dev mailing list (https://lists.pfsense.org/mailman/listinfo/dev), or on the r/pfSense subreddit.
Updated by Nicolas Scheffer over 6 years ago
Martin Wasley wrote:
Although VLAN tagging now works, it does not work for dhcp6c. Jim Pingle suggested to @kwillers that adding a new floating rule would work, this appears not to work as a rule has already been created which takes priority over any new rule. The rule in question is as shown, created in filter inc:
pass out {$log['pass']} quick on \${$oc['descr']} proto udp from any port = 546 to any port = 547 tracker {$increment_tracker($tracker)} label "{$fix_rule_label("allow dhcpv6 client out {$oc['descr']}")}"
This is where the vlan prio must be added as this rule takes precedence. @kwillers has got it to work by modding filter.inc to add the priority on the rule shown above.
I have now added an entry into interfaces.php to allow the setting of a vlan priority on the above rule.
Before I post a PR with the changes, where do we want to put this setting? Currently I have it sat at the bottom of the dhcp6c settings in WAN, where you just enter the numeric value of the VLAN, is this way acceptable or should it done as s done in the VLAN Prio set as per the firewall rules?
The changes to this will still only partially fix the issues with dhcp6c and ORANGE France. In August I sent Renato an email containing patches that are required for the client to accept RAW options, this also needs to be up-streamed
+1 for Orange France support and could be replacing my livbox with a pfSense system !
Updated by Martin Wasley over 6 years ago
Nic, I can send you the updated dhcp6c client, it all works very nicely along with the PR 3862 Patch ID 6b8680a, it will get your dhcp6 working.
The dhcp6c client supports the raw option method for adding the parameters you need and the patch I have given will allow you to set the VLAN priority.