Dual WAN Setup - LAN interfaces lost their IPv6 adresses.
-
I don't know if this will affect it, but have you set router priority? This is on the Router Advertisement page and the choices are high, normal and low. You'd decide which connection you want to be priority. Also, any reason why you're using DHCP6 on the LAN? SLAAC generally does what's needed and Android devices don't work properly with DHCP6.
-
DHCPv6 was only activated for testing reasons. In the meantime it is deactivated.
-
At the moment it is working, but pfsense doesn't do it independently.
You have to trigger, or wait a long time (<10-15 min)
Before it works I got this error message:
After triggering (Interface Off, Interface On, Interface Off ....) I got this log, and everything looks good.
-
pfSense works best when interfaces stop flapping around.
This would impact IPv6 and IPv4.
You mission, if you accept it : do whatever is needed so interfaces don't get pulled down anymore.A plan Z : put a switch between you pfSense WAN and the upstream device.
This can have a minor negative impact : when the upstream ISP device goes belly up (again), pfSense doesn't get informed ... so it will presume that the connection is still ok, but it isn't, it broken again.
The gateway observer (dpinger - System > Routing > Gateways) would notice something bad has happened, and will try to rebuild the connection .... It does this by resetting the WAN interface .... which would introduce the same scenario, but at least dhcp6c wouldn't fail as it get starts when the interface is up.edit : wait : you've showed dhcp6c issues.
All this time, the IPv4 party of the WAN connection had no issues ?
If so, then the connection by itself is ok, and it seems tjhe IPv6 part that is "broken". -
@Gertjan
I think you misunderstand me...I have to trigger that it works. I do this by turning the VDSL Interface off and on and again.
After a clean restart IPv6 is not working and I get the error message above (Permission denied- transmit failed)
Then I trigger the VDSL interface by turning it off and on, then it takes a few seconds and all LAN interface have a working IPv6 connection. -
Do you see any
Received RAmessages in the main system log?If not do you have 'Do not wait for a RA' set in the dhcpv6 client setup?
It sounds like you may need that.
Also are you using if_pppoe in 2.8?
-
@heiko3001 said in Dual WAN Setup - LAN interfaces lost their IPv6 adresses.:
I do this by turning the VDSL Interface off and on and again.
That's what I understood.
The dhcp6c gets started when the WAN interface becomes active.
And then it fails with the message "Transmit failed - Permission denied" which means : the interface is down (again).Or, is this something else :
at 04h42:31 a solicit is send - it does this very often, I see Solicit every 300 seconds or so.
at 04h46:27 same thing, 116 seconds later,
at 04h46:35 same thing, 8 seconds later .... wow...
at 04h46:35 This solicit failed - interface gone.If you saved the WAN config at that moment - between 46:27 and 46:35 - then I presume the dhcp6c would log would show a lot more - like the logs you've showed above.
Btw : Not sure if this is related - dhcprelay - are you using dhcprelay ?
-
Yes I use a DHCP Relay. DHCP Server runs on Windows Server 2025.
-
Same interface ?
Or another interface that went (also) down ? -
@Gertjan Yes, it is on the same Interface, but only v4.
For IPv6 I deactivated DHCPv6 (on the Pfsense) and at the moment I run only Slaac / Router Advertisement. -
Hmm, so you are passing a prefix delegation from your ISP to an internal dhcpv6 server?
Please show how your pppoe interface is configured. Is it set to prefix only? Is it set for 'do not wait for RA'?
-
No, the DHCP Relay is only for my internal LAN-Interface, and only IPv4, I think this was an missunderstanding.
and one of the LAN Interfaces (called EXT)
-
If you uncheck 'do not wait for RA' does it eventually receive an RA and complete the connection?
Edit: So when this happens it loses the PD but not the address on the WAN directly?
-
@stephenw10 I will give it a try, and give a feedback after.
