Can't Save LAN Interface Settings - IPV6 Configuration Type set to None
-
I'm new to pfSense v2.6 CE and in the process of setting up my first whitebox (Dell Optiplex 5040). After getting almost everything working, I ran into a situation where attempting to set lower MTU size and could not save changes to my LAN interface (with IPV6 Configuration Type set to None). The system message stated:
**The Router Advertisements Server is active on this interface and it can be used only with a static IPv6 configuration. Please disable the Router Advertisements Server service on this interface first, then change the interface configuration.
I found the following solution posted on reddit:
https://www.reddit.com/r/PFSENSE/comments/lu4ut8/cannot_save_changes_to_lan_interface_getting/
This worked for me since I'm not using IPV6 with my ISP or OpenVPN (NordVPN). As the poster stated having issues with internet connection after applying changes, this was not the case for me. However, I did find it interesting that the Services/DHCPV6 Server & RA menu is now blank and states:
The DHCPv6 Server can only be enabled on interfaces configured with a static IPv6 address. This system has none.
I didn't find any posts related to this here and thought it worthwhile to make my first contribution since the community on this forum has proved invaluable in getting my first pfSense box up and running!
Incidentally, this has been a great experiment to test if pfSense can replace my older P3pl1nk equipment. Happy to report that my OpenVPN speeds via LTE 5g/4g are now amazing in comparison to under powered factory equipment. -
J jimp moved this topic from Problems Installing or Upgrading pfSense Software on
-
Your post is a bit confusing. Why are you trying to set the LAN MTU lower? And to what value. This has nothing to do with IPv6, unless you try to set it below 1280. You say you don't have IPv6, but you mention DHCPv6.
-
Interesting you should ask. I'm on T-Mobile broadband with Inseego FX2000 4G LTE/5G fixed wireless modem. I have found MTU size of 1428 is optimal for WAN connection speed, however there is no way to set MTU in modem. Sorry for any confusion, just doing some experimenting. Also have NordVPN setup which doesn't allow IPV6.
-
WAN MTU is often less than 1500. For example, ADSL is 1492, IIRC, to allow for the extra overhead. I have no idea about T-Mobile or that modem though. I'm on Rogers and when I tether to my phone, it uses 1500 MTU. They also provide IPv6 and have to use 464XLAT to provide IPv4.
-
Could start a whole new thread on setting optimal MTU size. It's helped me squeeze additional bandwidth out of my broadband connections (AT&T + T-Mobile bonded with failover). Simple test can be found here: https://kb.netgear.com/19863/Ping-Test-to-determine-Optimal-MTU-Size-on-Router. I've also found this can fix authentication issues with OpenVPN since packet fragmentation can cause auth error. My Peplink router actually has an Auto MTU option that tests MTU size before initiating OpenVPN connection. Would like to see that in pfSense future release and hence my post about LAN interface error when making edits.
Needing 5
so I can edit signature in user profile. -
One thing to bear in mind is most of your traffic will be TCP and these days TCP uses Path MTU Discovery, where the maximum size is determined when the connection is made.
Windows uses PMTUD for TCP and Linux for everything. You'd have to do some testing to see what happens with OpenVPN, as it's UDP, while the payload is usually TCP. Of course, you can set the OpenVPN MTU separately from the Ethernet or WiFi interface.
-
Thanks for link on PMTUD - good info. So that's what a "blackhole connection" is all about! I'm no expert, but when setting up my first OpenVPN connection, I got ambiguous Auth Error 80% of the time when trying to connect. Changing the MTU/MSS was the only fix for me. Now, new Auto MTU setting takes all the guess work out of it. Seems that broadband can be a little trickier since mine (and most) 4G LTE/5G modems don't provide optional MTU/MSS settings.
Being in rural parts, I've done everything possible increase bandwidth (yagi antennas in trees, solar powered hotspots, carrier aggregation, CAT 22, etc.). So far, pfSense has been a step in right direction. Best DL speed using OpenVPN was 20 Mbs mainly because router is bogged down with encryption. Just recorded a DL speed of 166 on my new pfSense box! Total fan now, but a bit more of a learning curve. Would put my setup in sig panel like yours but I haven't achieved 5 thumbs up yet. How do you like your Qotom? Highly considered going this route.
Here's my current pfSense setup:
- pfSense CE running on Dell Optiplex 5040-SFF (Dual Boot)
- i5-6500 CPU, 250 GB SATA SSD (Win 10), 250 GB NVMe SSD (pfSense), 16 GB RAM, Intel EXPI9404PTL PRO 4-Port NIC
- Netgear MR1100, Inseego FX2000 LTE (4G/5G modems)
- Peplink Surf Soho MK3 router (AP)
- BLUETTI EB3A solar generator/panels (UPS)
- Krupps coffee maker (5 gal)
-
It's possible to get into a chicken/egg situation with the IPv6 DHCPv6/RA server. It can only run on an interface configured with IPv6 so if it's enabled you can't set LAN v6 type to none. However if that does somehow get set to none the tab where you would disable those services is hidden.
Hence you have enable v6 on LAN in order to disable it!It used to be possible to hit this if you set the interface at the CLI but that should be fixed:
https://redmine.pfsense.org/issues/11609Steve
-
Thanks for the
and for many of your helpful posts I've read this last week! Temp sig below:That's an ID10T error you idiot!
-
@sfermindi said in Can't Save LAN Interface Settings - IPV6 Configuration Type set to None:
How do you like your Qotom?
It's great. Here's what I just got on my 500/30 connection:
Prior to getting the Qotom, I was using an old HP compact desktop computer. It provided a bit over the 500/20 I had then, but when I got the Qotom, my download shot to over 900! Other customers on my ISP get similar, so that HP was the bottleneck.
My ISP, Rogers, provides IPv6 on both the cable network and cell phones. I believe T-Mobile also provides IPv6 on wireless.
-
-
Wow, that's blazing fast, especially for cellular! I saw lots of good reviews on Qotom and almost got one since I really wanted lower power consumption. Also considered Netgate 4100, but believe they were out of stock. That would have saved me a lot of headaches with the Optiplex (parts, BIOS, anti-theft tracking, etc.). And, you are correct that T-Mobile has IPv6 across their network which I need to setup once base system is stable.
Before and after pfSense setup over NordVPN:
And, this is with external antennas disconnected. Future plan is to place modems outdoors in line-of-site with cell tower. This will require running 1500 feet of fiber and powering with solar. Netgate 4100 with SFP ports was attractive. Starlink not an option.
That's an ID10T error you idiot!
-
@stephenw10 said in Can't Save LAN Interface Settings - IPV6 Configuration Type set to None:
It's possible to get into a chicken/egg situation with the IPv6 DHCPv6/RA server. It can only run on an interface configured with IPv6 so if it's enabled you can't set LAN v6 type to none. However if that does somehow get set to none the tab where you would disable those services is hidden.
Hence you have enable v6 on LAN in order to disable it!It used to be possible to hit this if you set the interface at the CLI but that should be fixed:
https://redmine.pfsense.org/issues/11609Steve
Thank you for posting this where I finally found a solution via search.
I had the exact same issue as the OP, discovered when going through each and every page to verify I did not have an error somewhere in my settings. This issue came up and it has been driving me crazy. Long ago I had ipV6 enabled but abandoned it since I don't see that I need it at this time.
Your solution guided me, with much effort (I had to find an ipV6 addr to enter to enable) then I found on the RA page of dhcpV6 server the 'enabled' toggle for RA.
This has been a long, frustrating journey and thanks again for your comment.
