Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPv6 DHCP-PD – radvd dies after interface reset - dhcpv6 does not reaquire addr

    Scheduled Pinned Locked Moved 2.1 Snapshot Feedback and Problems - RETIRED
    166 Posts 21 Posters 75.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      eri--
      last edited by

      Yeah made some changes which should improve the situation.
      Test with newer snapshots.

      1 Reply Last reply Reply Quote 0
      • P
        priller
        last edited by

        @ermal:

        Yeah made some changes which should improve the situation.
        Test with newer snapshots.

        It gotten worse with the 20130318-1652 build.  I can get the WAN interface IPv6 address, but cannot get the PD for LAN.

        RADVD doesn't even start at all.

        After upgrade, getting this on the dashboard:
        [ There were error(s) loading the rules: pfctl: DIOCADDALTQ: Device busy - The line in question reads [0]: ]

        This message is constant:   dhcp6c[16530]: client6_recvadvert: XID mismatch

        –-----

        Reverted back to:

        2.1-BETA1 (amd64)
        built on Sun Mar 17 12:19:16 EDT 2013
        FreeBSD 8.3-RELEASE-p6

        ... and everything came back.

        1 Reply Last reply Reply Quote 0
        • E
          eri--
          last edited by

          It would have been helpful having the system logs rather than just it does not work!

          This message is constant:  dhcp6c[16530]: client6_recvadvert: XID mismatch

          This might be not important since you might be seeing other clients reply/advertisments.

          1 Reply Last reply Reply Quote 0
          • P
            priller
            last edited by

            Here's what I saw after applying the 20130318-1652 build.

            • IPv4 was working fine.

            • IPv6 - The WAN obtained an address.  There was never PD assigned to the LAN.

            • There are dozens of "client6_recvadvert: XID mismatch" messages.

            • I never saw RADVD start.  Never saw it in a 'stopped' state, it just never appeared. There is not a single syslog message about it.  Possibly it doesn't get called until there is IPV6 address on the LAN?

            • The dashboard kept flashing the following:
              There were error(s) loading the rules: pfctl: DIOCADDALTQ: Device busy - The line in question reads 0

            • I attempted to revert back to previous configuration from GUI.  Firmware –> Restore Full Backup.
              This failed twice (as in didn't do anything, no syslog message)

            • I then downloaded and installed the  Sun Mar 17 12:19:16 build.  When it came back up, system was normal.

            Here's syslogs that appear to be anywhere relevant to the issue.

            No indication that  rc.newwanipv6 ever ran.

            21:15:40 syslogd: kernel boot file is /boot/kernel/kernel
            21:15:41 php: : Restarting/Starting all packages.

            21:15:54 dhcp6c[15951]: client6_recvadvert: XID mismatch

            21:15:57 php: : Checking for and disabling any rules dependent upon disabled preprocessors for WAN…
            21:17:46 dhcp6c[15951]: client6_recvadvert: XID mismatch

            21:35:41 php: : rc.newwanip: Informational is starting ovpns1.
            21:35:42 apinger: Starting Alarm Pinger, apinger(23340)
            21:35:42 apinger: bind socket: Can't assign requested address
            21:35:45 dhcp6c[16042]: client6_recvadvert: XID mismatch

            21:35:48 php: : The command '/sbin/route change -inet6 default fe80::201:5cff:fe24:9301' returned exit code '1', the output was 'route: writing to routing socket: Network is unreachable route: writing to routing socket: Network is unreachable change net default: gateway fe80::201:5cff:fe24:9301: Network is unreachable'

            21:35:58 php: : Checking for and disabling any rules dependent upon disabled preprocessors for WAN…

            21:36:27 kernel: re1: promiscuous mode enabled

            21:36:37 dhcp6c[16042]: client6_recvadvert: XID mismatch

            1 Reply Last reply Reply Quote 0
            • E
              eri--
              last edited by

              Ok after a lot of fighting with it i finally think that tomorrow snapshot will behave ok.
              The problem was that multiple dhcp6c were running at same time.

              Test with tomorrows snapshot and let me know.

              1 Reply Last reply Reply Quote 0
              • P
                priller
                last edited by

                Thanks for all the work you have put into it.  I updated to ….

                2.1-BETA1 (amd64)
                built on Tue Mar 19 16:39:04 EDT 2013

                ... and I'm pulling IPv6 addressing.   A couple of issues/observations.

                1. RADVD -  It comes up and stops and I have to manually start it.

                Mar 19 19:29:51 pfsense radvd[57759]: version 1.9.1 started
                Mar 19 19:29:54 pfsense radvd[57888]: our AdvManagedFlag on re0 doesn't agree with fe80::201:5cff:fe24:9301  <<–- Confirmed Gateway addr
                Mar 19 19:29:57 pfsense radvd[57888]: our AdvManagedFlag on re0 doesn't agree with fe80::201:5cff:fe24:9301

                I have rebooted twice and same. It's stopped, but will manually start OK.

                1. Cannot pass IPv6 traffic from the LAN to the Internet
                • The LAN is assigned the PD
                • The hosts are seeing the RA.  I've captured with Wireshark, on the hosts,  and all looks correct.
                • The WAN IPv6 gateway is up
                • The default route on the hosts and pfsense is there.

                However, IPv6 traffic from the LAN cannot access the Internet.  My SWAG is that the error in #1 above has prevented the CMTS from inserting the LAN prefix into it's routing table, so I can't get anywhere (I've seen something like this before with other products).

                If if go back to the  Sun Mar 17 12:19:16 EDT 2013 build, everything starts working.

                I've very sorry, but I don't know what else to add.  ????

                1. /var/db/wan_ipv6   and   /var/db/wan_cacheipv6

                Neither reflects the current IPv6 WAN address.  Is that an issue?  It appeared to be a conflict when the address renews.   rc.newwanipv6 is erroneously triggered thinking the WAN address has changed, when in reality it has not.

                1 Reply Last reply Reply Quote 0
                • R
                  reslip
                  last edited by

                  I am getting the same types of issues with the March 19th 16:35 build.

                  Mar 20 08:02:53 php: : rc.newwanipv6: Informational is starting fxp1.
                  Mar 20 08:02:58 php: : rc.newwanipv6: Failed to update wan IPv6, restarting…
                  Mar 20 08:02:58 dhcp6c[29010]: check_exit: exiting
                  Mar 20 08:03:02 php: : rc.newwanipv6: Informational is starting fxp1.
                  Mar 20 08:03:07 php: : rc.newwanipv6: Failed to update wan IPv6, restarting…

                  It appears I can no longer use ping6 on the lan side, probably due to radvd not starting. I see radvd in the services section, but when I go to start it I get this error.
                  Mar 20 08:04:38 kernel: pid 89651 (radvd), uid 0: exited on signal 11 (core dumped)

                  1 Reply Last reply Reply Quote 0
                  • R
                    reslip
                    last edited by

                    Thank you for the continued work on this. I've updated to the latest Mar 21 04:30:58 EDT 2013.

                    A few notes on this build:

                    • In the system log I am seeing quite frequently… dhcp6c[34635]: client6_recvadvert: XID mismatch
                    • Ping6 works fine from the firewall, but not from any clients on the local lan.
                    • radvd does not start automatically. However, I can start it now without it giving a core dump. When I do start it, I can ping from the local lan as well. :)
                    1 Reply Last reply Reply Quote 0
                    • P
                      priller
                      last edited by

                      I updated to:

                      2.1-BETA1 (amd64)
                      built on Thu Mar 21 17:04:35 EDT 2013

                      Appears to working OK.  Only observations are:

                      1. I had to manually start radvd.  Once started, there were no errors.  IPv6 connectivity is good.

                      2. /var/db/wan_ipv6   and   /var/db/wan_cacheipv6   don't have the current WAN IPv6 address.  Problem or not???

                      So, I'll wait 48 hours and see what happens at dhcpv6 renewal time.  That's when I have been loosing the LAN PD and have to reboot.

                      1 Reply Last reply Reply Quote 0
                      • P
                        priller
                        last edited by

                        @priller:

                        So, I'll wait 48 hours and see what happens at dhcpv6 renewal time.  That's when I have been loosing the LAN PD and have to reboot.

                        It's now been over 72 hours and it's still solid.  So, it looks like a good fix.  Thanks!

                        1 Reply Last reply Reply Quote 0
                        • P
                          priller
                          last edited by

                          Guess I spoke too soon.   A different issue has shown itself now.

                          At exactly 4 days uptime, I lost all IPv6 addressing.  The WAN IPv6 address was gone; the PD for the LAN was also gone.

                          4 days just happens to be the IPv6 lease time from Comcast.  So, it looks like the lease expired and pfSense did not renew.

                          The only syslog during this event was:

                          Mar 26 07:35:03 dhcp6c[46766]: client6_timo: all information to be updated was canceled
                          Mar 26 07:38:12 dhcp6c[46766]: client6_timo: all information to be updated was canceled

                          1 Reply Last reply Reply Quote 0
                          • R
                            reslip
                            last edited by

                            I'm still having similar problems. It looks like it was around 48 hours later, then my ipv6 lan addressing was also dropped.

                            Mar 21 12:14:43 radvd[66853]: version 1.9.1 started <–-----------------STARTED
                            Mar 21 12:38:50 radvd[67052]: attempting to reread config file
                            Mar 21 12:38:50 radvd[67052]: resuming normal operation
                            Mar 21 12:43:50 radvd[67052]: attempting to reread config file
                            Mar 21 12:43:50 radvd[67052]: resuming normal operation
                            Mar 23 11:55:35 radvd[67052]: Exiting, sigterm or sigint received. <–----------RADVD STOPPED, NEVER RESTARTED

                            Wan IPv6 still works ok. I am using Comcast as well.

                            Using the latest Mar 26th build it looks like radvd is still not starting.
                            Mar 26 18:50:43 php: : rc.newwanip: Informational is starting fxp1.
                            Mar 26 18:50:43 php: : rc.newwanip: on (IP address: 71.238.140.xxx) (interface: wan) (real interface: fxp1).
                            Mar 26 18:50:43 php: : Accept router advertisements on interface fxp1
                            Mar 26 18:50:43 php: : ROUTING: setting default route to 71.238.140.1
                            Mar 26 18:50:43 php: : ROUTING: setting IPv6 default route to fe80::201:5cff:fe3d:xxxx%fxp1
                            Mar 26 18:50:43 php: : ROUTING: setting default route to 71.238.140.1
                            Mar 26 18:50:43 php: : ROUTING: setting IPv6 default route to fe80::201:5cff:fe3d:xxxx%fxp1
                            Mar 26 18:50:44 dhcpleases: Could not deliver signal HUP to process because its pidfile does not exist, No such file or directory.
                            Mar 26 18:50:44 dhcp6c[46524]: dhcp6_ctl_authinit: failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory
                            Mar 26 18:50:44 dhcp6c[46524]: client6_init: failed initialize control message authentication
                            Mar 26 18:50:44 dhcp6c[46524]: client6_init: skip opening control port

                            1 Reply Last reply Reply Quote 0
                            • P
                              priller
                              last edited by

                              Very interesting.  I had to start radvd manually every time the system booted.

                              I decided to do a total reinstall, now radvd starts reliably (I imported the config.xml into the fresh install)

                              Does applying the update builds leave stuff behind that in-turn causes conflicts or doesn't update something?

                              Have to wait and see if the IPv6 address renewal problem is any better now.

                              1 Reply Last reply Reply Quote 0
                              • D
                                darkcrucible
                                last edited by

                                I think I've fallen victim to this issue as well. IPv6 has disappeared from the LAN interface. RADVD service is simply gone from the services page now. It was there earlier. I think after 48 hours there is some sort of address renewal process which triggers this.

                                Without the LAN interface having any IPv6 connectivity, all IPv6 connectivity on the LAN has ceased. Strangely enough, the renewal code seems to correctly populate resolv.conf with the IPV6 DNS entries. Upon bootup, resolv.conf will only have IPv4 DNS. So startup and renewal each have their own issues.

                                This is on the March 26th snapshot nanobsd i386. ISP is Comcast.

                                1 Reply Last reply Reply Quote 0
                                • D
                                  darkcrucible
                                  last edited by

                                  I'm not sure if what I'm seeing after upgrading to the March 30th snapshot is the same issue for this thread but I don't have any IPv6 connectivity at all on the LAN. RADVD is sending advertisements, all LAN clients pick up an address (but not DNS) but there is no connectivity.

                                  I can't ping the router's LAN address

                                  I get a lot of failed to update WAN IPv6 address errors.

                                  Mar 31 17:18:05 	php: : ROUTING: setting IPv6 default route to fe80::201:5cff:fe31:b7c1%vr1
                                  Mar 31 10:18:08 	php: : rc.newwanipv6: Failed to update wan IPv6, restarting...
                                  Mar 31 17:18:11 	check_reload_status: Updating all dyndns
                                  Mar 31 10:18:18 	php: : rc.newwanip: Informational is starting vr1.
                                  Mar 31 10:18:18 	php: : rc.newwanip: on (IP address: 24.x.y.z) (interface: wan) (real interface: vr1).
                                  Mar 31 10:18:18 	php: : Accept router advertisements on interface vr1
                                  Mar 31 17:18:18 	check_reload_status: Restarting ipsec tunnels
                                  Mar 31 10:18:18 	php: : ROUTING: setting default route to 24.x.yyy.1
                                  Mar 31 10:18:18 	php: : ROUTING: setting IPv6 default route to fe80::201:5cff:fe31:b7c1%vr1
                                  Mar 31 17:18:20 	check_reload_status: Reloading filter
                                  Mar 31 10:18:21 	dhcp6c[18942]: client6_recvreply: status code: success
                                  Mar 31 10:18:21 	dhcp6c[48004]: dhcp6_ctl_authinit: failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory
                                  Mar 31 10:18:22 	dhcp6c[48004]: client6_init: failed initialize control message authentication
                                  Mar 31 10:18:22 	dhcp6c[48004]: client6_init: skip opening control port
                                  Mar 31 10:18:23 	php: : rc.newwanipv6: Informational is starting vr1.
                                  Mar 31 10:18:25 	php: : Resyncing OpenVPN instances for interface WAN.
                                  Mar 31 10:18:26 	php: : Creating rrd update script
                                  Mar 31 10:18:28 	php: : rc.newwanipv6: Failed to update wan IPv6, restarting...
                                  Mar 31 10:18:28 	dhcp6c[18942]: client6_recvadvert: XID mismatch
                                  Mar 31 10:18:28 	dhcp6c[18942]: client6_recvadvert: XID mismatch
                                  Mar 31 10:18:28 	dhcp6c[18942]: client6_recvadvert: XID mismatch
                                  Mar 31 10:18:28 	dhcp6c[18942]: client6_recvadvert: XID mismatch
                                  Mar 31 10:18:28 	dhcp6c[18942]: client6_recvadvert: XID mismatch
                                  Mar 31 10:18:28 	dhcp6c[18942]: client6_recvadvert: XID mismatch
                                  Mar 31 10:18:28 	dhcp6c[18942]: client6_recvreply: status code: success
                                  Mar 31 10:18:30 	php: : rc.newwanipv6: Informational is starting vr1.
                                  Mar 31 10:18:30 	php: : pfSense package system has detected an ip change 0.0.0.0 -> 24.x.y.z ... Restarting packages.
                                  Mar 31 17:18:30 	check_reload_status: Starting packages
                                  Mar 31 10:18:35 	php: : rc.newwanipv6: Failed to update wan IPv6, restarting...
                                  Mar 31 10:18:35 	dhcp6c[18942]: check_exit: exiting
                                  Mar 31 10:18:40 	php: : Restarting/Starting all packages.
                                  Mar 31 10:18:40 	php: : The OpenVPN Client Export Utility package is missing its configuration file and must be reinstalled.
                                  Mar 31 10:18:44 	php: : rc.newwanipv6: Informational is starting vr1.
                                  Mar 31 17:18:46 	check_reload_status: Syncing firewall
                                  Mar 31 10:18:49 	php: : rc.newwanipv6: Failed to update wan IPv6, restarting...
                                  Mar 31 17:18:54 	php: : Creating rrd update script
                                  Mar 31 17:19:38 	php: : PBI dir for zip-3.0-i386 was not found - cannot cleanup PBI files
                                  Mar 31 17:19:38 	php: : PBI dir for p7zip-9.20.1-i386 was not found - cannot cleanup PBI files
                                  Mar 31 17:19:40 	check_reload_status: Syncing firewall
                                  Mar 31 17:19:43 	php: : Beginning package installation for OpenVPN Client Export Utility .
                                  Mar 31 17:21:48 	check_reload_status: Syncing firewall
                                  Mar 31 10:21:49 	syslogd: exiting on signal 15
                                  Mar 31 10:21:49 	syslogd: kernel boot file is /boot/kernel/kernel
                                  Mar 31 10:21:51 	php: : Restarting/Starting all packages.
                                  
                                  1 Reply Last reply Reply Quote 0
                                  • P
                                    priller
                                    last edited by

                                    darkcrucible: Are you on a cable modem?

                                    When I have seen the "dhcp6c[18942]: client6_recvadvert: XID mismatch",  pfsense will just keep thrashing until I power cycle the cable modem and reboot pfsense. Then it clears and will obtain the IPv6 addressing (IPv4 is always fine).

                                    This seems to happen after updating to a newer snapshot.

                                    1 Reply Last reply Reply Quote 0
                                    • P
                                      priller
                                      last edited by

                                      Bit of update. Once again at renewal time, all IPv6 addressing was lost.  The only syslog message was:

                                      Apr 1 13:32:49 dhcp6c[29310]: client6_timo: all information to be updated was canceled

                                      During this time, I was also running a packet capture on the WAN.

                                      It was interesting to see that pfSense was getting two replies from Comcast, different server ID's.  One had the addresses that should have been renewed, the other had different addressing.  So, I suspect the pfSense didn't like that and killed everything.

                                      So, I have a contact within Comcast and will see what they have to say about the two different responses.  And what the expected client response should have been.

                                      Also, after a reboot, I'm back to having to manually start RADVD.

                                      1 Reply Last reply Reply Quote 0
                                      • johnpozJ
                                        johnpoz LAYER 8 Global Moderator
                                        last edited by

                                        I have been having issues with my comcast ipv6 as well - have not gotten around to looking into it yet, not something that I really need.. Just like having up to play with when I want to play with ipv6.

                                        But I am seeing

                                        Mar 31 11:44:38 radvd[55232]: Exiting, failed to read config file.
                                        Mar 31 11:44:38 radvd[55232]: error parsing or activating the config file: /var/etc/radvd.conf
                                        Mar 31 11:44:38 radvd[55232]: syntax error in /var/etc/radvd.conf, line 2:
                                        Mar 31 11:44:38 radvd[55232]: version 1.9.1 started

                                        You look in the conf and there is nothing there.

                                        cat /var/etc/radvd.conf

                                        Automatically Generated, do not edit

                                        Currently running
                                        2.1-BETA1 (i386)
                                        built on Fri Mar 22 11:05:31 EDT 2013
                                        FreeBSD 8.3-RELEASE-p6

                                        I will update when I get home and look into it a bit deeper.  I was working fine for long time, then just noticed a while back not working after update to snap..  I to was going to do a clean install, just have not go around to that either..

                                        If I do a sniff I do see this which seems odd - seems like offering 2 prefixes?

                                        2prefix.jpg
                                        2prefix.jpg_thumb

                                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                                        If you get confused: Listen to the Music Play
                                        Please don't Chat/PM me for help, unless mod related
                                        SG-4860 24.11 | Lab VMs 2.8, 24.11

                                        1 Reply Last reply Reply Quote 0
                                        • P
                                          priller
                                          last edited by

                                          I have opened the following bug:  https://redmine.pfsense.org/issues/2919

                                          I was running a packet capture when the lease expired.  The IPv6 DHCP server is responding properly, but pfSense never binds.

                                          1 Reply Last reply Reply Quote 0
                                          • D
                                            darkcrucible
                                            last edited by

                                            With the April 8th snapshot, IPv6 connectivity with my Comcast link is restored to the LAN clients. I skimmed through redmine to see what might be affecting this. A few items stood out. Not sure exactly which one.

                                            Getting connectivity back is certainly an improvement. pfsense itself still doesn't use the IPv6 DNS given to it by Comcast and none of the LAN clients seem to use the IPv6 LAN address of pfsense for DNS forwarding like they used to back in February.

                                            I'll report back in a few days after the renewal on whether connectivity remains and if the pfsense starts using IPv6 DNS at that point.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.