IPv6 changes in 2.2.5

hda

Testing the patch RELENG_2_2…davidjwood:RELENG_2_2-ppp-ipv6-new.diff

Alix2D13/i386 with 2.2.6 /no rfc4638 patch.  PPPoE/DHCP6c (PD) & Advanced for IPv6 fixed /48, with Static & RA and DHCPv6-Server & RA for LAN's configged. (so no Track Interface).

REBOOT:
(non-fatal) crash report:  PHP Parse error:  syntax error, unexpected end of file in /etc/rc.newwanip on line 255.
Link-Local & Address == fe80::b370/vr0  :: OK.
tested browser IPv6 vr0 & vr2 OK.

DISCONNECT/CONNECT:
~10min : Link-Local & Address == fe80::b370/vr0  :: OK.
(non-fatal) crash report:  PHP Parse error:  syntax error, unexpected end of file in /etc/rc.newwanip on line 255.
tested browser IPv6 vr0 & vr2 OK.

INTERFACES-WAN ((CHANGE) || SAVE):
Link-Local & Address == fe80::b370/vr0  :: OK.
(non-fatal) crash report:  PHP Parse error:  syntax error, unexpected end of file in /etc/rc.newwanip on line 255.
tested browser IPv6 vr0 & vr2 OK.

LEASE-RENEWAL:
1hr renewal no entry in syslog…
ultimate 2hr renewal... Nope. IPv6 discontinued

Not good enough for me so I revert back to previous patch for the time being  :D

Inq

Hi David,

Thanks a lot for your work on this issue and on the RFC 4638 patch.
I've installed the patch on a 2.2.6 machine with a dual stack connection provided by my ISP through a PPPoE connection. My ISP (RDS-RCS) is delegating a dynamic /64.
Current settings on WAN interface:
-Use IPv4 connectivity as parent interface - check
-Request only an IPv6 prefix - unckeck
-DHCPv6 Prefix Delegation size - 64
-Send IPv6 prefix hint - check
LAN interface is set to track interface.

Now, without the patch i had a hard time acquiring an IPV6 address and delegated prefix (it involved multiple reboots or a combination of re-saving general setup settings and/or re-saving WAN configuration).

After i applied the patch the system acquired the IPV6 address and a delegated prefix without a hitch after every reboot. I'm testing remote atm so i cannot disconnect/connect the wan interface right now. The only problem is that after rebooting, pfsense is trowing out a crash report complaining about "syntax error, unexpected end of file in /etc/rc.newwanip on line 255"

Here are some SS of Status:Interfaces (first without patch , 2nd after applying the patch and rebooting 3rd after another reboot)…

Later edit:
The link local IPV6 address of the parent interface for the pppoe connection (em0) is identical between connect/disconnect attempts (based on mac address of em0). The pppoe link local changes every time.


HiddenWolf

Hi David,

I just made a post inquiring about a not-getting-an-IPv6-on-pppoe problem before I found this thread.
My setup is described here: https://forum.pfsense.org/index.php?topic=104895.0

I've tried applying your patch to see if I could get ipv6 on WAN, but it doesn't appear to work for my problem.
If there's anything I can do to help, I'd be happy to.
Screenshot from first boot after applying the patch attached.

David_W

@hda:

(non-fatal) crash report:  PHP Parse error:  syntax error, unexpected end of file in /etc/rc.newwanip on line 255.

Bother. Such are the perils of rebasing patches from master (2.3) to RELENG_2_2 (2.2), as updated coding style has been applied to all code in 2.3.

The fix is trivial - I've pushed it to the git repository, so if you revert, re-fetch and reapply the patch using the instructions in the earlier post, everything should work correctly now.

hda

@HiddenWolf:

I've tried applying your patch to see if I could get ipv6 on WAN, but it doesn't appear to work for my problem.

You have to wait until @M_Devil chimes in. He has a 500/500 working (on Track Interface) I understood.

Did you try my config in: https://forum.pfsense.org/index.php?topic=103990.msg579876#msg579876 on the vLAN in pfSense
or are you ?

And you know the "permanent" /48 you have, in order to config static LAN(s)  ;)

HiddenWolf

@hda:

@HiddenWolf:

I've tried applying your patch to see if I could get ipv6 on WAN, but it doesn't appear to work for my problem.

You have to wait until M_Devil chimes in. He has a 500/500 I understood.

Did you try my config in: https://forum.pfsense.org/index.php?topic=103990.msg579876#msg579876 on the vLAN in pfSense
or are you ?

And you know the "permanent" /48 you have, in order to config static LAN(s)  ;)

I had not set dhcp6 advanced options. I've just tried it, and it does not appear to make a difference. IPv6 still comes up on LAN reliably, and local machines get assigned IP's as well, but no IPv6 route and no IP for the WAN.

Note: my WAN is set up as PPPOE(igb0,igb0_vlan6). IP connectivity is on vlan6, IPTV is on vlan4 (which I haven't gotten to work just yet)


David_W

@HiddenWolf:

I just made a post inquiring about a not-getting-an-IPv6-on-pppoe problem before I found this thread.
My setup is described here: https://forum.pfsense.org/index.php?topic=104895.0

I've tried applying your patch to see if I could get ipv6 on WAN, but it doesn't appear to work for my problem.
If there's anything I can do to help, I'd be happy to.
Screenshot from first boot after applying the patch attached.

I've just replied in your other thread.

I urge you to give MTU 1500 operation a go using RFC 4638, as I described in that thread - it should work with your setup, assuming bhyve and your NIC is capable of using jumbo frames on your WAN interface.

HiddenWolf

@David_W:

@HiddenWolf:

I just made a post inquiring about a not-getting-an-IPv6-on-pppoe problem before I found this thread.
My setup is described here: https://forum.pfsense.org/index.php?topic=104895.0

I've tried applying your patch to see if I could get ipv6 on WAN, but it doesn't appear to work for my problem.
If there's anything I can do to help, I'd be happy to.
Screenshot from first boot after applying the patch attached.

I've just replied in your other thread.

I urge you to give MTU 1500 operation a go using RFC 4638, as I described in that thread - it should work with your setup, assuming bhyve and your NIC is capable of using jumbo frames on your WAN interface.

MTU 1500 works as advertised. But I'm not getting an IPv6 on WAN (yet)

hda

@David_W:

…Bother...

Thanks. All OK and after the 1hr lease renewal. I approve of this patch !  :)

M_Devil

Steps
revert previous patch, delete it
update to newest built:
2.3-BETA (amd64)
built on Wed Jan 06 07:53:18 CST 2016
FreeBSD 10.2-STABLE

create newest patch (from your description), fetch it

After fetch, test it, but…

Apply = clean
Reverted = not clean

/usr/bin/patch --directory=/ -f -p2 -i /var/patches/568d8e2e969e1.patch --check --reverse --ignore-whitespace

Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc
|index 49fd2ca..73879ce 100644
|--- a/src/etc/inc/interfaces.inc
|+++ b/src/etc/inc/interfaces.inc
--------------------------
Patching file etc/inc/interfaces.inc using Plan A...
Hunk #1 failed at 1998.
Hunk #2 failed at 2020.
Hunk #3 failed at 3349.
Hunk #4 failed at 3958.
4 out of 4 hunks failed while patching etc/inc/interfaces.inc
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|diff --git a/src/etc/rc.newwanip b/src/etc/rc.newwanip
|index 45cef96..5bc6a61 100755
|--- a/src/etc/rc.newwanip
|+++ b/src/etc/rc.newwanip
--------------------------
Patching file etc/rc.newwanip using Plan A...
Hunk #1 failed at 170.
1 out of 1 hunks failed while patching etc/rc.newwanip
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|diff --git a/src/usr/local/sbin/ppp-ipv6 b/src/usr/local/sbin/ppp-ipv6
|index aa0536c..4d47de2 100755
|--- a/src/usr/local/sbin/ppp-ipv6
|+++ b/src/usr/local/sbin/ppp-ipv6
--------------------------
Patching file usr/local/sbin/ppp-ipv6 using Plan A...
Hunk #1 failed at 23.
Hunk #2 failed at 63.
2 out of 2 hunks failed while patching usr/local/sbin/ppp-ipv6
done

Apply patch
reboot

Test 1
after reboot no IPv6 traffic
Multiple Interface disconnect-connects, still no IPv6

Test 2
Same after several reboots:

• IPv6 Link Local
• IPv6 Address
• Gateway IPv6

Leaving me in a non operationel IPv6 state now.
If you like, I can do more tests

Edit: If I find the time, I will reinstall 2.3.b and recover the configuration to make sure the problem has nothing to do with all the updates I performed.

M_Devil

After uninstalling patch, again updated to newest (2.3.b 7-jan 2:26) version of pfSense refetch, apply en reboot IPv6 is working again. Also after several reboots

Don't have a clue why it did't work te last attempt, maybe I made an configuration mistake (It was late on the evening…)

David_W

@M_Devil:

After uninstalling patch, again updated to newest (2.3.b 7-jan 2:26) version of pfSense refetch, apply en reboot IPv6 is working again. Also after several reboots

Don't have a clue why it did't work te last attempt, maybe I made an configuration mistake (It was late on the evening…)

It's good news that things are now stable with your IPv6 connectivity.

It would be useful if you'd try the patch again. It hasn't changed since you last tried it.

Please also give outline details of the connection - especially the settings for "IPv4 Configuration Type", "IPv6 Configuration Type" and "Use IPv4 connectivity as parent interface" (in the "DHCP6 Client Configuration" section).

I hope to reach a point of having confidence in this patch so that I can submit a pull request. I'm confident in the work-round used for Issue 2 (a proper fix needs changes in mpd5). Though I now believe I understand Issue 1 well, I would like some additional user experience of the fix for Issue 1 before submitting a pull request because of the complexity of the underlying issues.

David_W

I've posted a link to this thread in the 2.3-BETA forum, in the hope of further feedback on these issues.

maverick_slo

Well thats odd…

On 2.3 with or without patch pfsense can communicate via IPv6 with outside world but LAN clients cannot.

What?

hda

@maverick_slo:

What?

Your config & data could make it interesting ;)

maverick_slo

Upgraded from 2.2.6 to 2.3 rebooted 2 times all was working.
Then I just saved pppoe iface and now only pfsense can talk ipv6 hosts not.

maverick_slo

Some screens of my config

David_W

@maverick_slo:

Upgraded from 2.2.6 to 2.3 rebooted 2 times all was working.
Then I just saved pppoe iface and now only pfsense can talk ipv6 hosts not.

Your PPPoE configuration looks correct, assuming your ISP uses a similar configuration to mine (WAN IPv6 address allocated via SLAAC, static address allocation for local networks but you have to delegate the prefix from the ISP to install a route to that prefix) and you are allocating static IPv6 prefixes to your local networks from the correct prefix.

If this is what you are trying to do, you will need to enable Router Advertisements on your local networks unless you are installing a static route on each machine.

What is unclear is whether dhcp6c is running and, if so, what it is doing.

Can you run the four shell commands I introduced and explained earlier in this thread (either using SSH or Diagnostics -> Command Prompt), copying and pasting the results (as text) into a private message to me. These commands are:
clog /var/log/ppp.log | grep -A 1 -E -e 'IPV6CP: LayerUp' | tail -n 2
ifconfig pppoe0 inet6 | grep -E -e '( fe80::|nd6)'
ps -auwwx | grep -E -e '(dhcp6c|rtsold)'
clog /var/log/dhcpd.log | grep dhcp6c | tail -n 40

If you get no output from the second command, the interface might be called pppoe rather than pppoe0.

It would also help if you save your configuration, open it in a text editor and include the section between <interfaces>and</interfaces> in your private message. This section will be fairly near the top of the file. That's the most concise and accurate way to let me see your full interface settings. The <dhcpdv6>to</dhcpdv6> section would also be useful - this contains the DHCPv6 server and Router Advertisement settings.

maverick_slo

I found the bug and it`s actually old one :) But upgraded :)

This is it: https://forum.pfsense.org/index.php?topic=90699.msg501975#msg501975

GUI generates WRONG .conf file.

I used this:

interface pppoe0 {
 send ia-pd 0; # request prefix delegation
 request domain-name-servers;
 request domain-name;
 script "/var/etc/dhcp6c_opt2_script.sh"; # we'd like some nameservers please
};
id-assoc pd 0 {
};

And it`s working great now.

Gui generated this (WHICH IS GREAT BUT SEE BELOW)

interface pppoe0 {
 send ia-pd 0; # request prefix delegation
 request domain-name-servers;
 request domain-name;
 script "/var/etc/dhcp6c_opt2_script.sh"; # we'd like some nameservers please
};
id-assoc pd 0 {
};

After I click APPLY CHANGES on pppoe interface this OK conf dissapears and few seconds later newly generated config appears (below one).

interface pppoe0 {
	request domain-name-servers;
	request domain-name;
	script "/var/etc/dhcp6c_opt2_script.sh"; # we'd like some nameservers please
};

So GUI generates good config but apply button messes it up completley.
Just a heads up guys!

jimp

Can you try this in 2.3 and see if it happens there?