unable to receive IPv6 RA's on SG-1000, default route lost
- IPv6 default route is stable indefinitely
- IPv6 default route is lost a few minutes after release/renew
- WAN interface still has IPv6 address
- LAN interface still has /64
- pfsense router has no default route, so it is impossible to route IPv6 traffic
- residential comcast connection
- SG-1000 running 2.4.3-RELEASE-1 (arm)
- WAN interface (cpsw0) configured for DHCPv4, DHCPv6-PD
- LAN interface (cpsw1) configured to track WAN for PD
- attempted to run tcpdump on WAN interface
- tcpdump shows RAs received from ISP
21:04:22.040097 00:01:5c:7a:d0:46 > 33:33:00:00:00:01, ethertype IPv6 (0x86dd), length 198: fe80::201:5cff:fe7a:d046 > ff02::1: ICMP6, router advertisement, length 144
- RA dest IPv6 multicast address appears to be correct, MAC address appears to be correct for IPv6 multicast
- when running tcpdump, IPv6 default route is re-added to pfsense routing table
- tcpdump places cpsw0 interface is promiscuous mode, and when in promiscuous mode, RA's are received
- when cpsw0 not in promiscuous mode, RA's are not received
- works temporarily on release/renew possibly because IPv4 DHCP client places interface in promiscuous mode temporarily when acquiring lease
- "ifconfig cpsw0 promisc"
- result: IPv6 default route is stable over several days
- "ifconfig cpsw0 -promisc; tcpdump -pni cpsw0"
- -p flag prevents tcpdump from placing interface in promiscuous mode
- result: ISP RAs are not seen
- use shellcmd pkg to run "ifconfig cpsw0 promisc" on startup
#2 Updated by Anthony Roberts about 2 years ago
Jim Pingle wrote:
Can you test this on a 2.4.4 snapshot? The base OS has been upgraded there, and most likely the behavior will be different.
Yup, I was able to repro on july 3rd 2.4.4 snapshot after removing my workaround.
When I do a "tcpdump -pni cpsw0 icmp6" I get nothing, when I do "tcpdump -ni cpsw0 icmp6" I see comcast's RAs every 4 seconds.
#9 Updated by Pete Wright 2 months ago
Viktor Gurov wrote:
no such issue on pfSense 2.5.0.a.20200205.1753
pfSense 2.4.4-p3 on SG-3100 as DHCP6/RA server
SG-1000 cpsw0 interface can get IPv6 address via DHCP6/SLAAC without 'promisc' option
I am seeing the same issue on my sg-1000. I have upgraded to 2.5 and it does not look like this has solved my issue. It seems like setting my WAN interface to PROMISC is still a required workaround to be able to view RA's from my ISP (Spectrum cable in US).
Is it possible this is a hardware or driver issue? I'd be happy to help debug this or provide any additional information from my end.