No IPV6 after reboot!!!

jcyr

The config is attached (rename .txt to .xml).

Yes, radvd and unbound are running after boot. Don't seem to be doing much good till restarted though!

DHCPv6 is only useful for interfaces with static IPs, so not running here.

How do I take a boot time packet capture? What else?

I've gone back to Nov. 26 th build, which works fine with dnsmasq, but not with unbound.

config-router.sharon.lan-20141129205640.txt

jcyr

Ok, went back to latest build, rebooted (both radvd and unbound are running after boot), and took IPV6 capture of LAN interface during client connect. Nothing but link local stuff there!!!

packetcapture.cap.txt

eri--

Can you provide more details on your config and you radvd.conf?

jcyr

I've already provided the config file. What other configuration details could I provide?

I'm basically running a standard Comcast Cablemodem WAN side interface, and a single LAN side interface carrying 2 VLANs to a managed switch.

Like I've said before, the Nov 26th build works fine when dnsmasq configured. Any build after that has failed whether dnsmasq is provisioned or unbound.

Here's what radvd.conf looks like after reboot with today's build… clearly misconfigured!!! It's almost as if the radvd.conf was generated before Comcast has advertized its IPV6 options (which can take 5 to 6 seconds longer that IPV4).

Automatically Generated, do not edit

Generated config for dhcp6 delegation from wan on opt1

interface em1_vlan20 {
        AdvSendAdvert on;
        MinRtrAdvInterval 3;
        MaxRtrAdvInterval 10;
        AdvLinkMTU 1500;
        AdvOtherConfigFlag on;
                prefix ::/64 {
                AdvOnLink on;
                AdvAutonomous on;
                AdvRouterAddr on;
        };
        DNSSL sharon.lan { };
};

Generated config for dhcp6 delegation from wan on opt2

interface em1_vlan10 {
        AdvSendAdvert on;
        MinRtrAdvInterval 3;
        MaxRtrAdvInterval 10;
        AdvLinkMTU 1500;
        AdvOtherConfigFlag on;
                prefix ::/64 {
                AdvOnLink on;
                AdvAutonomous on;
                AdvRouterAddr on;
        };
        DNSSL sharon.lan { };
};

This is what it looks like after reboot using Nov. 26th build... Better, other than the inconsistencies between vlan10 and vlan20 configurations. At least this works!

Automatically Generated, do not edit

Generated for DHCPv6 Server opt2

interface em1_vlan10 {
        AdvSendAdvert on;
        MinRtrAdvInterval 5;
        MaxRtrAdvInterval 20;
        AdvLinkMTU 1500;
        AdvDefaultPreference medium;
        AdvManagedFlag on;
        AdvOtherConfigFlag on;
        prefix xxxxxxxx:xx0::/64 {
                DeprecatePrefix on;
                AdvOnLink on;
                AdvAutonomous on;
                AdvRouterAddr on;
        };
        route ::/0 {
                RemoveRoute on;
        };
        RDNSS fdd4:462a:d7f5:d223::1 { };
        DNSSL sharon.lan { };
};

Generated config for dhcp6 delegation from wan on opt1

interface em1_vlan20 {
        AdvSendAdvert on;
        MinRtrAdvInterval 3;
        MaxRtrAdvInterval 10;
        AdvLinkMTU 1500;
        AdvOtherConfigFlag on;
        prefix xxxxxxxx:xx4::/64 {
                AdvOnLink on;
                AdvAutonomous on;
                AdvRouterAddr on;
        };
        RDNSS xxxxxxxx:xx4:250:c2ff:fe23:571f { };
        DNSSL sharon.lan { };
};

jcyr

Still broken in:

2.2-BETA (i386)
built on Mon Dec 01 14:00:10 CST 2014

Same symptoms.

FisherKing

Just updated to:
2.2-BETA (i386)
built on Mon Dec 01 23:39:36 CST 2014

After reboot, I am no longer getting a IPv6 lease on my Comcast link where previously I was.
I am running a dual WAN, and the other WAN provider does not currently provide IPv6.  Comcast has been providing IPv6, but I have not yet confirmed with them if IPv6 is in production or just testing.

In any event, it was there before the update, and now it's gone.  I'll see about confirming IPv6 availability with them tomorrow.

MikeV7896

Comcast IPv6 is in production nationwide, and has been since the summer. They are not just testing anymore.

Try doing a release/renew on the Comcast interface and see if that changes anything. I've found that tends to fix most cases where IPv6 has issues.

eri--

Can you please provide your system logs after applying this change!
I think this would solve your issue in this regard.

diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc
index 45bd189..b2912b7 100644
--- a/etc/inc/interfaces.inc
+++ b/etc/inc/interfaces.inc
@@ -3142,7 +3142,7 @@ function interface_track6_configure($interface = "lan", $wancfg, $linkupevent =
                break;
        }

-       if (!platform_booting() && $linkupevent == false) {
+       if ($linkupevent == false) {
                if (!function_exists('services_dhcpd_configure'))
                        require_once("services.inc");

jcyr

Thanks ermal. I'll give it a try tonight.

FisherKing

@virgiliomi:

Comcast IPv6 is in production nationwide, and has been since the summer. They are not just testing anymore.

Try doing a release/renew on the Comcast interface and see if that changes anything. I've found that tends to fix most cases where IPv6 has issues.

Release / renew is not picking up an IPv6 lease.  I'll try the patch in reply #10.
https://forum.pfsense.org/index.php?topic=84741.msg465401#msg465401

jcyr

Ok, now works with dnsmasq.

Only works with unbound if Network Interfaces and Outgoing Network Interfaces are set to 'All'. If specific interfaces are selected the unbound only bind to IPV4 addresses of selected interfaces (as per generated unbound.conf)

Pull request #1358 fixes unbound problem

cmb

I saw this thread earlier and started digging, got sidetracked for a bit and didn't come back and look here until I'd already committed largely the same thing you sent as a pull request, Jean. Thanks though! I'm pretty sure that fixes the last remaining scenario where PD-assigned v6 IPs can be skipped.

edit: scratch that re: the CLA, I see you do have one, I missed it earlier.

If you can gitsync, or report back tomorrow once a new snapshot is out to confirm, it'd be appreciated.

Thanks!

FisherKing

Running 2.2-BETA (i386)
built on Wed Dec 03 13:29:19 CST 2014

I am now picking up an IPv6 lease.

jcyr

Nope… still does not work reliably. DNSV6 resolution after reboot only works half the time with unbound and specific interfaces selected.

dnsmasq works. unbound with all interfaces selected works.

I've pretty much given up on unbound working reliably in pfSense 2.2 with comcast IPV6!

jcyr

Ok, got to the bottom of this. In 2.2-BETA (i386) built on Wed Dec 03 13:29:19 CST 2014, selecting a link-local interface as unbound network interface causes an invalid access-control statement to be created since link-local addresses do not have a subnet. This causes unbound to fail at startup… resulting in no DNS support.

Fixed by pull request #1360

Everything seems to work now... (keeping fingers crossed)

cmb

Thanks for the help tracking that down.

I committed a change to switch unbound_configure and dhcpd_configure order in interfaces.inc, matching what you submitted. I don't see where it should make a difference either way, and I can't replicate what you're seeing there, but if you could provide feedback it'd be appreciated.

jcyr

You guys don't have a Comcast cablemodem link? Presently the largest deployed IPV6 supporting network… any problems there will affect many.

MikeV7896

I've rebooted my pfSense 2.2 box four times over the past two days - twice for snapshot updates. All times my Comcast IPv6 connection has come back online with no issues. I had issues in earlier builds where I would have to do a release/renew on my WAN interface to restore IPv6 connectivity, but that doesn't appear to be an issue for me anymore.

jcyr

The recent problems occurred only when using unbound with specific interfaces selected.

cmb

@jcyr:

You guys don't have a Comcast cablemodem link?

We're all fortunate enough to live somewhere where Comcast isn't the cable provider.