gif0 does not come up after reboot
-
That's with the gif0 using LAN as parent. PPPoE is first in list, yes.
So instead of using DHCPv6 as configuration type, should I use something else there?
Yeah, I switched to monitoring the IPv6 CG-NAT/AFTR address.
This is the complete log of booting with gif0 and WAN as parent:
Oct 26 21:45:42 php-fpm 366 /index.php: Successful login for user 'admin' from: 10.100.198.249 (Local Database) Oct 26 21:45:37 sshguard 61915 Now monitoring attacks. Oct 26 21:45:37 login 59892 login on ttyv0 as root Oct 26 21:45:36 root 51758 Bootup complete Oct 26 21:45:35 php-fpm 366 /rc.start_packages: Restarting/Starting all packages. Oct 26 21:45:35 kernel done. Oct 26 21:45:35 syslogd kernel boot file is /boot/kernel/kernel Oct 26 21:45:35 syslogd exiting on signal 15 Oct 26 21:45:35 php 411 rc.bootup: Creating rrd update script Oct 26 21:45:31 kernel .....done. Oct 26 21:45:31 php 411 rc.bootup: The command '/usr/local/sbin/strongswanrc stop' returned exit code '1', the output was 'strongswan not running? (check /var/run/daemon-charon.pid).' Oct 26 21:45:30 check_reload_status 395 Updating all dyndns Oct 26 21:45:30 kernel done. Oct 26 21:45:30 kernel done. Oct 26 21:45:30 kernel done. Oct 26 21:45:29 kernel done. Oct 26 21:45:29 php 411 rc.bootup: NTPD is starting up. Oct 26 21:45:29 kernel done. Oct 26 21:45:29 php 411 rc.bootup: The command '/usr/bin/timeout -k 45 30 /usr/local/sbin/ntpd -g -q -c /dev/null 216.239.35.0 216.239.35.4 216.239.35.8 216.239.35.12' returned exit code '124', the output was '26 Oct 21:44:59 ntpd[75103]: ntpd 4.2.8p15@1.3728-o Wed Jan 12 15:39:52 UTC 2022 (1): Starting 26 Oct 21:44:59 ntpd[75103]: Command line: /usr/local/sbin/ntpd -g -q -c /dev/null 216.239.35.0 216.239.35.4 216.239.35.8 216.239.35.12 26 Oct 21:44:59 ntpd[75103]: ---------------------------------------------------- 26 Oct 21:44:59 ntpd[75103]: ntp-4 is maintained by Network Time Foundation, 26 Oct 21:44:59 ntpd[75103]: Inc. (NTF), a non-profit 501(c)(3) public-benefit 26 Oct 21:44:59 ntpd[75103]: corporation. Support and training for ntp-4 are 26 Oct 21:44:59 ntpd[75103]: available at https://www.nwtime.org/support 26 Oct 21:44:59 ntpd[75103]: ---------------------------------------------------- 26 Oct 21:44:59 ntpd[75103]: proto: precision = 0.123 usec (-23) 26 Oct 21:44:59 ntpd[75103]: line 0 column 0 syntax error, unexpected $end 26 Oct 21:44:59 ntpd[75103]: basedate set to 2021-12-31 26 Oct 21:44:59 ntpd[75103]: gps base set to 2022-01-02 (week 2191) 26 Oct 21:44:59 ntpd[75103]: Listen and drop on 0 v6wildcard [::]:123 26 Oct 21:44:59 ntpd[75103]: Listen and drop on 1 v4wildcard 0.0.0.0:123 26 Oct 21:44:59 ntpd[75103]: Listen normally on 2 vtnet0 [fe80::905d:58ff:fe1f:81ff%1]:123 26 Oct 21:44:59 ntpd[75103]: Listen normally on 3 vtnet0 10.100.198.2:123 26 Oct 21:44:59 ntpd[75103]: Listen normally on 4 vtnet0 [fe80::1:1%1]:123 26 Oct 21:44:59 ntpd[75103]: Listen normally on 5 vtnet0 [2001:a62:5d1:aa00:905d:58ff:fe1f:81ff]:123 26 Oct 21:44:59 ntpd[75103]: Listen normally on 6 vtnet1 [fe80::4424:cff:fef0:9ed1%2]:123 26 Oct 21:44:59 ntpd[75103]: Listen normally on 7 lo0 [::1]:123 26 Oct 21:44:59 ntpd[75103]: Listen normally on 8 lo0 [fe80::1%5]:123 26 Oct 21:44:59 ntpd[75103]: Listen normally on 9 lo0 127.0.0.1:123 26 Oct 21:44:59 ntpd[75103]: Listen normally on 10 pppoe0 Oct 26 21:44:59 kernel done. Oct 26 21:44:59 php 411 rc.bootup: sync unbound done. Oct 26 21:44:59 kernel done. Oct 26 21:44:57 php-fpm 367 /rc.newwanipv6: Gateway, NONE AVAILABLE Oct 26 21:44:57 php-fpm 367 /rc.newwanipv6: rc.newwanipv6: on (IP address: fe80::905d:58ff:fe1f:81ff%pppoe0) (interface: wan) (real interface: pppoe0). Oct 26 21:44:57 php-fpm 367 /rc.newwanipv6: rc.newwanipv6: Info: starting on pppoe0. Oct 26 21:44:57 php 411 rc.bootup: dhcp6 init complete. Continuing Oct 26 21:44:56 php-fpm 366 /rc.newwanipv6: Gateway, NONE AVAILABLE Oct 26 21:44:56 php-fpm 366 /rc.newwanipv6: rc.newwanipv6: on (IP address: fe80::905d:58ff:fe1f:81ff%pppoe0) (interface: wan) (real interface: pppoe0). Oct 26 21:44:56 php-fpm 366 /rc.newwanipv6: rc.newwanipv6: Info: starting on pppoe0. Oct 26 21:44:56 php 411 rc.bootup: Unbound start waiting on dhcp6c. Oct 26 21:44:55 ppp 9410 [wan] IFACE: Add description "WAN" Oct 26 21:44:55 ppp 9410 [wan] IFACE: Rename interface ng0 to pppoe0 Oct 26 21:44:55 ppp 9410 [wan] IFACE: Up event Oct 26 21:44:55 check_reload_status 395 rc.newwanipv6 starting pppoe0 Oct 26 21:44:55 rtsold 41957 Starting dhcp6 client for interface wan(pppoe0) Oct 26 21:44:55 rtsold 41008 Received RA specifying route fe80::2cc:34ff:fe44:b067 for interface wan(pppoe0) Oct 26 21:44:55 php 411 rc.bootup: Unbound start waiting on dhcp6c. Oct 26 21:44:55 kernel done. Oct 26 21:44:55 kernel pflog0: promiscuous mode enabled Oct 26 21:44:55 kernel done. Oct 26 21:44:55 php 411 rc.bootup: Gateway, NONE AVAILABLE Oct 26 21:44:55 php 411 rc.bootup: Resyncing OpenVPN instances. Oct 26 21:44:55 php 411 rc.bootup: calling interface_dhcpv6_configure. Oct 26 21:44:54 check_reload_status 395 Rewriting resolv.conf Oct 26 21:44:54 kernel ng_pppoe[12]: no matching session Oct 26 21:44:53 sshguard 12833 Now monitoring attacks. Oct 26 21:44:53 sshd 12231 Server listening on 0.0.0.0 port 22. Oct 26 21:44:53 sshd 12231 Server listening on :: port 22. Oct 26 21:44:52 php 10463 /usr/local/sbin/ppp-ipv6: Starting rtsold process Oct 26 21:44:52 php 10463 /usr/local/sbin/ppp-ipv6: Accept router advertisements on interface pppoe0 Oct 26 21:44:52 ppp 9410 [wan] 905d:58ff:fe1f:81ff -> 02cc:34ff:fe44:b067 Oct 26 21:44:52 ppp 9410 [wan] IPV6CP: LayerUp Oct 26 21:44:52 ppp 9410 [wan] IPV6CP: state change Ack-Sent --> Opened Oct 26 21:44:52 ppp 9410 [wan] IPV6CP: rec'd Configure Ack #1 (Ack-Sent) Oct 26 21:44:52 ppp 9410 [wan] IPV6CP: state change Req-Sent --> Ack-Sent Oct 26 21:44:52 ppp 9410 [wan] IPV6CP: SendConfigAck #120 Oct 26 21:44:52 ppp 9410 [wan] IPV6CP: rec'd Configure Request #120 (Req-Sent) Oct 26 21:44:52 ppp 9410 [wan] IPCP: LayerFinish Oct 26 21:44:52 ppp 9410 [wan] IPCP: state change Req-Sent --> Stopped Oct 26 21:44:52 ppp 9410 [wan] IPCP: protocol was rejected by peer Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: protocol IPCP was rejected Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: rec'd Protocol Reject #106 (Opened) Oct 26 21:44:52 ppp 9410 [wan] IPV6CP: SendConfigReq #1 Oct 26 21:44:52 ppp 9410 [wan] IPV6CP: state change Starting --> Req-Sent Oct 26 21:44:52 ppp 9410 [wan] IPV6CP: Up event Oct 26 21:44:52 ppp 9410 [wan] SECDNS 0.0.0.0 Oct 26 21:44:52 ppp 9410 [wan] PRIDNS 0.0.0.0 Oct 26 21:44:52 ppp 9410 [wan] COMPPROTO VJCOMP, 16 comp. channels, no comp-cid Oct 26 21:44:52 ppp 9410 [wan] IPADDR 0.0.0.0 Oct 26 21:44:52 ppp 9410 [wan] IPCP: SendConfigReq #1 Oct 26 21:44:52 ppp 9410 [wan] IPCP: state change Starting --> Req-Sent Oct 26 21:44:52 ppp 9410 [wan] IPCP: Up event Oct 26 21:44:52 ppp 9410 [wan] IPV6CP: LayerStart Oct 26 21:44:52 ppp 9410 [wan] IPV6CP: state change Initial --> Starting Oct 26 21:44:52 ppp 9410 [wan] IPV6CP: Open event Oct 26 21:44:52 ppp 9410 [wan] IPCP: LayerStart Oct 26 21:44:52 ppp 9410 [wan] IPCP: state change Initial --> Starting Oct 26 21:44:52 ppp 9410 [wan] IPCP: Open event Oct 26 21:44:52 ppp 9410 [wan] Bundle: Status update: up 1 link, total bandwidth 64000 bps Oct 26 21:44:52 ppp 9410 [wan_link0] Link: Join bundle "wan" Oct 26 21:44:52 ppp 9410 [wan_link0] Link: Matched action 'bundle "wan" ""' Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: authorization successful Oct 26 21:44:52 ppp 9410 [wan_link0] CHAP: rec'd SUCCESS #191 len: 4 Oct 26 21:44:52 ppp 9410 [wan_link0] CHAP: sending RESPONSE #191 len: 51 Oct 26 21:44:52 ppp 9410 [wan_link0] CHAP: Using authname "XXXXXXXXXX@mdsl.mnet-online.de" Oct 26 21:44:52 ppp 9410 [wan_link0] Name: "ac3.nue2" Oct 26 21:44:52 ppp 9410 [wan_link0] CHAP: rec'd CHALLENGE #191 len: 31 Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: LayerUp Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: auth: peer wants CHAP, I want nothing Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: state change Ack-Sent --> Opened Oct 26 21:44:52 ppp 9410 [wan_link0] MAGICNUM 0xe30caada Oct 26 21:44:52 ppp 9410 [wan_link0] MRU 1492 Oct 26 21:44:52 ppp 9410 [wan_link0] PROTOCOMP Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: rec'd Configure Ack #1 (Ack-Sent) Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: state change Req-Sent --> Ack-Sent Oct 26 21:44:52 ppp 9410 [wan_link0] MAGICNUM 0x0397bc67 Oct 26 21:44:52 ppp 9410 [wan_link0] AUTHPROTO CHAP MD5 Oct 26 21:44:52 ppp 9410 [wan_link0] MRU 1492 Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: SendConfigAck #105 Oct 26 21:44:52 ppp 9410 [wan_link0] MAGICNUM 0x0397bc67 Oct 26 21:44:52 ppp 9410 [wan_link0] AUTHPROTO CHAP MD5 Oct 26 21:44:52 ppp 9410 [wan_link0] MRU 1492 Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: rec'd Configure Request #105 (Req-Sent) Oct 26 21:44:52 ppp 9410 [wan_link0] MAGICNUM 0xe30caada Oct 26 21:44:52 ppp 9410 [wan_link0] MRU 1492 Oct 26 21:44:52 ppp 9410 [wan_link0] PROTOCOMP Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: SendConfigReq #1 Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: state change Starting --> Req-Sent Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: Up event Oct 26 21:44:52 ppp 9410 [wan_link0] Link: UP event Oct 26 21:44:52 ppp 9410 [wan_link0] PPPoE: connection successful Oct 26 21:44:52 ppp 9410 PPPoE: rec'd ACNAME "ac3.nue2" Oct 26 21:44:52 ppp 9410 [wan_link0] PPPoE: Connecting to '' Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: LayerStart Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: state change Initial --> Starting Oct 26 21:44:52 ppp 9410 [wan_link0] LCP: Open event Oct 26 21:44:52 kernel ng0: changing name to 'pppoe0' Oct 26 21:44:52 ppp 9410 [wan_link0] Link: OPEN event Oct 26 21:44:52 ppp 9410 [wan] Bundle: Interface ng0 created Oct 26 21:44:52 ppp 9410 web: web is not running Oct 26 21:44:52 ppp 9410 process 9410 started, version 5.9 Oct 26 21:44:52 ppp 9410 Multi-link PPP daemon for FreeBSD Oct 26 21:44:52 kernel vtnet1: link state changed to UP Oct 26 21:44:52 kernel done. Oct 26 21:44:52 check_reload_status 395 Linkup starting vtnet1 Oct 26 21:44:52 php 411 rc.bootup: The command '/sbin/ifconfig 'gif0' description '4IN6'' returned exit code '1', the output was 'ifconfig: interface gif0 does not exist' Oct 26 21:44:52 check_reload_status 395 Linkup starting vtnet0 Oct 26 21:44:52 kernel vtnet0: link state changed to UP
As I already mentioned: With this configuration the 4IN6 tunnel does not work.
Thanks again for having a look into this.
-
Hmm. Even with that don't see it trying to restart the gif tunnel (even if it would fail) after the WAN connects and gets a new IPv6 address and I would expect it to trigger that.
It could be because it's link-local only and that is not seen as a valid address. Though it is valid for a transport link and that's common on WAN. Or potentially it comes up at boot and somethings are suppressed during boot to prevent flapping.However what you're seeing is exactly this: https://redmine.pfsense.org/issues/8273
Which should be fixed by this: https://redmine.pfsense.org/issues/6507
But that is in 2.6.Does manually running
/etc/rc.newwanipv6 lan
after boot bring the gif tunnel up? What is logged when you do that?Steve
-
@stephenw10 Hi Stephen,
this is logged when I manually start
/etc/rc.newwanipv6 lan
:Oct 27 21:36:59 php-fpm 366 /rc.start_packages: Restarting/Starting all packages. Oct 27 21:36:58 check_reload_status 395 Starting packages Oct 27 21:36:58 php 80074 rc.newwanipv6: pfSense package system has detected an IP change or dynamic WAN reconnection - 2001:a62:5d9:f100:905d:58ff:fe1f:81ff -> 2001:a62:5d9:f600:905d:58ff:fe1f:81ff - Restarting packages. Oct 27 21:36:58 php 80074 rc.newwanipv6: Creating rrd update script Oct 27 21:36:58 php 80074 rc.newwanipv6: Gateway, NONE AVAILABLE Oct 27 21:36:58 kernel gif0: link state changed to UP Oct 27 21:36:58 kernel gif0: link state changed to DOWN Oct 27 21:36:58 kernel gif0: link state changed to UP Oct 27 21:36:58 php 80074 rc.newwanipv6: Default gateway setting Interface 4IN6_TUNNELV4 Gateway as default. Oct 27 21:36:58 php 80074 rc.newwanipv6: Resyncing OpenVPN instances for interface LAN. Oct 27 21:36:55 dhcpleases 6384 Could not deliver signal HUP to process 80756: No such process. Oct 27 21:36:54 check_reload_status 395 Reloading filter Oct 27 21:36:54 php 80074 rc.newwanipv6: Gateway, NONE AVAILABLE Oct 27 21:36:54 php 80074 rc.newwanipv6: rc.newwanipv6: on (IP address: 2001:a62:5d9:f600:905d:58ff:fe1f:81ff) (interface: lan) (real interface: lan). Oct 27 21:36:54 php 80074 rc.newwanipv6: rc.newwanipv6: Info: starting on lan.
The gif0 tunnel is up after doing this.
-
Ok, interesting. So after running some tests here it appears that never gets called because it's not actually a WAN. I've asked internally because it's not clear to me what should happen there currently. As far as I can see it only restarts DNS and DHCPv6 on the tracking interface.
Steve
-
@stephenw10 Just an hypothetical question: Would this bug be fixed if I paid for one of your support contracts and opened a case?
Regards
Alex -
No. Support contracts are not paid development so it would make no difference here.
There are large number of moving parts currently and development time is at minimum. I didn't see much of a response previosuly. Let me retry....
Steve
-
Hello
Interesting, after 3 years, I am experiencing the very same problem. I wonder, if I found something new. But sounds very familiar to me. Maybe, the problem is still not fixed?
I have a Netgate 6100 running pfSense+, Version:
25.07.1-RELEASE (amd64)
built on Wed Aug 20 14:17:00 CEST 2025
FreeBSD 15.0-CURRENTI have an ISP (Deutsche Giganetz) providing an IPv6 connection and DS-Lite. Everything runs without any problem. But, after reboot the GIF does not come up.
I solved the problem by creating a script which I start from rc.d. Additionally I update the dynamic AFTR address.
Script is attached. Password is pfsense.
Regarding my configuration: I sent it to Netgate support and they said: No problem.
Shouldn't the problem be fixed by now?
Thanks
Armin
-
If you don't use the script I assume you can create the GIF tunnel successfully by just resaving the interface once the IPv6 is established?
-
Yes, "save" and "apply changes" will restart the gif. Everything is reproducable.
-
I seem to have the same issue.
slightly different config-
GIF on an IPSec interface, GIF set as L2 with 0.0.0.0/1 as the endpoint IPs. GIF doesn't pass traffic after boot, but as soon as I hit save for the GIF config with no changes made the GIF comes up and passes traffic.If anyone's found a solution to get it to come up at boot, I'd be greatly appreciative!
-
Hmm, hoe does it appear after boot when it's not passing traffic? If he gif interface present?
What pfSense version are you testing in?
-
@stephenw10 sorry to be more clear the gif0 interface isn't created at boot. Once the config save button is hit the interface is created and starts passing traffic.
v. 25.07.1-RELEASE
Would it be possible/advisable to run a sleep 45; the run interfaces_gif_edit.php after boot has completed? Or in my case after the IPSec interface is up, without the sleep?