RADVD timer issues
-
@JonathanLee what pfSense version are you using? I mean to remember that this was an issue a quite while back.
Checking with 2.8.0, if I for example set MaxRtrAdvInterval to 900 then AdvDNSSLLifetime is automagically set to 3*MaxRtrAdvInterval = 2700:
[2.8.0-RELEASE][root@pfSense.home.arpa]/root: cat /var/etc/radvd.conf # Automatically Generated, do not edit # Generated config for dhcp6 delegation from wan on lan interface em1 { ... MinRtrAdvInterval 300; MaxRtrAdvInterval 900; ... DNSSL home.arpa { AdvDNSSLLifetime 2700; }; }; -
@patient0 This is on 23.05.01 is there a work around to fix this?
-
This is on 23.05.01 is there a work around to fix this?
I can't remember right now, you would have to look through the available system patches.
Maybe I'll remember in a bit. -
@patient0 I have all the patches installed for them on 23.05.01. Thanks for your help, I still have this issue with the patches
-
@JonathanLee said in RADVD timer issues:
I have all the patches installed for them on 23.05.01. Thanks for your help, I still have this issue with the patches
It's only a warning. Of course you can try lower the MaxRtrAdvInterval value. If the default value for AdvDNSSLLifetime is also 1800 for that version of radvd, then try setting MaxRtrAdvInterval to a value < 1800/2.
I don't have a 23.05 running, @stephenw10 has probably a way better brain then me and can rember the fix. Maybe a commit one can reference for a patch.
-
-
@patient0 Thanks
Description Fetch Apply Revert View Debug Auto Apply Actions NTP Auth patch A Redmine #8794 NTP View AUTH patch A Redmine #8794 Memory boot error Redmine #14011 Option to configure a custom value for the PHP memory limit Redmine #13377 OS Boot Log timestamp typo #15106 NTP GUI FIX NTP GUI 3 AES-GCM Workaround for Terrapin SSH Attack (After applying the patch, reboot or restart the SSH daemon, FreeBSD-SA-23:19.openssh, Terrapin Attack) Fix CRL generation for intermediate certificate authorities (Save/Apply services using CRLs with intermediate CAs (or reboot) and export new copies of affected CRLs as needed, Redmine #9889) Fix Static ARP entries not being configured at boot (Redmine #14374) Fix log rotation not active when configuration contains an empty syslog section (Redmine #14517) Fix per-log settings for file size and retenation count not being respected (Redmine #14545) Fix Firewall rule bulk copy function not respecting Convert interface definitions option (Redmine #14576) Fix Captive Portal link to view custom HTML not working (Redmine #14598) Fix DHCPv6 Prefix Delegation not installing routes (Requires manual "pkg install dhcpleases6", Redmine #14502) Fix OpenVPN selecting wrong interface address when VIPs are present (Redmine #14646) Fix Unicast CARP reverting to multicast when adding IP alias using this CARP VIP as parent (Redmine #14586) Fix Potential XSS via PPP Provider Selection (Redmine #14547) Fix Potential XSS via Dynamic Filter Logs (Redmine #14548) Fix potential arbitrary command execution in GIF/GRE interface management (Redmine #14549) Fix potential arbitrary command execution in Packet Capture (Redmine #14809) Fix IPsec restart in CARP event not triggering properly (Redmine #14738) Fix OpenVPN resync potentially acting on unrelated interfaces (Redmine #14781) Fix PHP Error viewing traffic graphs in iftop mode (Redmine #14500) Fix PHP Error with one.com Dynamic DNS Provider (Redmine #14649) Fix list of Dynamic DNS Providers with split host and domain name parts missing several providers (Redmine #14783) Fix PHP error in status_ipsec.php after removing an active tunnel (Redmine #14525) Fix Captive Portal incorrectly allowing creation of voucher rolls with leading zeroes (Edit and save affected rolls after applying patch to correct the roll configuration, Redmine #14325) Fix PHP Error in CSRF with invalid time value (Redmine #14394) Fix copying a user group does not work for first entry in list (Redmine #14695) Fix crash dumps not being recovered properly on systems with multiple swap partitions (e.g. ZFS mirrored disks) (Redmine #14767) Fix GUI TCP port not being updated when left blank (Redmine #14820) Fix update check in GUI not honoring proxy settings (Redmine #14609) Add Intel Speed Shift options (Redmine #14047) Add option to invalidate GUI login sessions if client IP address changes (Redmine #14265) Fix ctype_xdigit result is invalid for values <= 255 (Redmine #14702)This is the stuff I have applied
@stephenw10 can you please help direct me to what patch id I am missing? -
Maybe I can apply this
https://redmine.pfsense.org/projects/pfsense/repository/2/revisions/54b3109f0b1978e22866117b6d93715eb8d78c29
https://forum.netgate.com/topic/164399/do-the-default-ra-s-need-tweaking/23
-
@JonathanLee said in RADVD timer issues:
Maybe I can apply this
Looking at the patch and a current
/etc/inc/services.incon 2.8.0 I would say there is a good change that this fixes it. It does make sure that MaxRtrAdvInterval is 3*MaxRtrAdvInterval and with that the warning condition should not be met. -
@patient0 it wont work with 23.05.01 for me
-
@JonathanLee said in RADVD timer issues:
it wont work with 23.05.01 for me
Oh, bummer. Does the patch apply at all?
Btw: what is the actual content of the
radvd.conffile, isMaxRtrAdvIntervalset at all?Edit: the oldest ZFS snapshot I have on that pfSense+ VM is 23.09.1 and there it seems to be fixed already. Any change you can upgrade to that at all?
-
@patient0 it is not listed inside that file it is missing it, the patch fails for me
-
@JonathanLee said in RADVD timer issues:
the patch fails for me
As the other thread, that patch (link shown above) was based against 'a 4 years old pfSense version' like (can't remember) : 2.3.x ?
Your /etc/inc/services.inc is many generation older or .... more recent. -
@Gertjan plus I have that authenticated ntp patch on that file also
