@perrin Yes, in my setup things work somewhat differently, as you noticed. There are at least a few reasons. Most importantly, every time PPPoE comes up, the VIPs get reconfigured and CARP reinitializes. I suspect this behavior is related to IPv6 and the fact that the LAN uses the Track Interface option to obtain its IPv6 address, but I’m not certain. I’m currently trying to track down the root cause—or perhaps it’s an “incompatible” configuration. How does this behave on your side? As I understand it, bringing up PPPoE does not trigger VIP reconfiguration/CARP initialization for you, right?

@Gertjan I do not actually have access to my ISPs upstream router. That is why I decided to install a pfSense box and (by phone) asked my ISP to put their router in bridge mode. When my pfSense WAN DHCPv6 Client Configuration has "DHCPv6 Prefix Delegation size 64" then my ISPs router gives me the Delegated Prefix: WAN/0 (2001:8a0:fcc2:6600::/56)/64, that means: my ISP is delegating a /56 prefix to my pfSense. This is the 2001:8a0:fcc2:6600::/56 part - the big block of addresses my ISP is giving me to work with. my pfSense is specifically configured to request a /64 for its WAN interface and also to handle the delegation of a /64 (the WAN/0 part refers to the first /64 out of the delegated /56) to its LAN. This means that out of the 2001:8a0:fcc2:6600::/56 block my ISP gives me: 2001:8a0:fcc2:6600::/64 (mine is 00 you e2) is being used by my pfSense LAN interface (as indicated by WAN/0). This leaves 2001:8a0:fcc2:6601::/64 through 2001:8a0:fcc2:66FF::/64 available within that /56 block for further delegation to pfSense clients upstream. So, I have plenty of /64 subnets remaining from the /56 to delegate, for pfSense to give to my internal clients. But that stuff is all good for me, my problem still remains the same; my internal machines, all with latest ubuntu OS & IPv6, get DNS Resolve registrations wrong: servers (with systemd-networkd) & register on the incorrect domain unknown.home.arpa desktops (with NetworkManager) & register on the correct domain home.arpa can someone help with this?

Ah, a rogue test rule. That will do it!

@bmeeks Yep, in this case I am just talking about the kernel source. The head for CE kernel is still public from what I can see, its for whatever reason the 2.8.0 and 2.8.1 branches are not.

@w0w thanx, now all typing-in works well and fast

@g405tsh311 the online installer you "buy" for $0 in the Netgate store gets the versions dynamically, 2.8.1 is among them. [image: 1757746372965-screenshot-2025-09-13-at-08.49.56.jpeg]

Also see: https://docs.netgate.com/pfsense/en/latest/development/develop-packages.html

Yup, seeing that here. Likely related to the upstream firmware API issue. But those drivers shouldn't need to load anything without the hardware present anyway.

I suspect the root cause here is the same as this: https://redmine.pfsense.org/issues/15770

@luckman212 I use a manually added FreeBSD package, 'munin' that came with a file to be placed in /usr/local/etc/rc.d/ As per pfSense needs, I renamed it - added the .sh extension, and now the munin process get started at boot, and stopped at shutdown. I made this install many years ago, and as far as I know, the script only executes during boot and system shutdown. Not for network or other events etc. If FreeBSD would look like a Debian system (or clone) using init or systemd I could tell you way more, and I even think pfSEnse isn'tv really FreeBSD (no surprise, at it is, and it isn't ^^). Look at the kea script for an example, the first 3 / 4 lines. Afaik, pfSense it self, see here /etc/, all de rc...... files - for example rc.bootup - will all all these files. pfSense handle the hardware and software system events, and call whatever is needed, if system processes like 'unbound' needed to be restarted. So : and also during certain system events (e.g. interface link changes, IP address changes, and gateway events). never saw that happening with my own processes - as pfSense isn't really aware that these are running ones the system is up.

Not currently, it would require some development.

@dennypage said in pfsense-tools.git clang gcc: @phil80 said in pfsense-tools.git clang gcc: portsnap fetch properly fetches freebsd ports collection FWIW, portsnap is very dead as far as the FreeBSD folk are concerned. All references to it were removed from the documentation 5 years ago, and its use is no longer supported. The original announcement is here: [HEADS UP] Planned deprecation of portsnap. Thank you for the reminder. I usually only use Latest. I always use git for collaboration In short life or one use jails, portsnap is way faster to fetch than git for one package compile Based on your linked article, I'll favor git in the future

Mmm, so prevent source tracking for specific IPs or subnets? I did wonder if sticky connections could be per gateway group. That seems like it should be possible. You could then use rules to route specific clients or subnets to a non-sticky group.