Clients get no IPv6 address
-
Hi
My IPV6 configuration seem to stopped working after a few upgrades. It used to work before: I got all checks passed in IPv6 test sites.
My ISP is Proximus/Belgacom Belgium.
My interfaces do get a IPv6 address, as you can see in the screenshot. Also the DHCP6 gateway shows "Online".Also, I have a lot of logs like this:
Jul 28 09:56:55 kernel cannot forward src fe80:9::ec4:7aff:fe08:a09e, dst 2001:470:28:4d6::5, nxt 6, rcvif igb0_vlan2, outif pppoe0 Jul 28 09:51:55 kernel cannot forward src fe80:9::ec4:7aff:fe08:a09e, dst 2001:470:28:4d6::5, nxt 6, rcvif igb0_vlan2, outif pppoe0 Jul 28 09:46:55 kernel cannot forward src fe80:9::ec4:7aff:fe08:a09e, dst 2001:470:28:4d6::5, nxt 6, rcvif igb0_vlan2, outif pppoe0 Jul 28 09:41:54 kernel cannot forward src fe80:9::ec4:7aff:fe08:a09e, dst 2001:470:28:4d6::5, nxt 6, rcvif igb0_vlan2, outif pppoe0 Jul 28 09:36:55 kernel cannot forward src fe80:9::ec4:7aff:fe08:a09e, dst 2001:470:28:4d6::5, nxt 6, rcvif igb0_vlan2, outif pppoe0 Jul 28 09:31:54 kernel cannot forward src fe80:9::ec4:7aff:fe08:a09e, dst 2001:470:28:4d6::5, nxt 6, rcvif igb0_vlan2, outif pppoe0The destination is a Syncthing destination. Seems logical to me a link-local address can't be forwared to a public one.
The source is a server in the LAN network:laurens@Nova:~$ ifconfig em1 Link encap:Ethernet HWaddr 0c:c4:7a:08:a0:9e inet addr:10.0.0.107 Bcast:10.0.255.255 Mask:255.255.0.0 inet6 addr: fe80::ec4:7aff:fe08:a09e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:26054561 errors:0 dropped:35 overruns:15303 frame:0 TX packets:23368178 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:17826012674 (17.8 GB) TX bytes:13504370618 (13.5 GB) Memory:df160000-df17ffff
-
For the WAN Interface please show the advanced DHCP6 settings. What I experienced quite a lot was some inconsistent behavior of pfsense 2.x having those "advanced DHCP6 settings" changed. Most of the times a reboot of the firewall was necessary in order to get the new settings to take effect.
Also please show how the network interface configuration of a client looks like ( routing / ip addressing etc.)
What is the ICMP error message at the client when you do a ping?
-
It seems to work today, so it looks like it fails some days but not all:
Network interface configuration of a client, ping (no failing today) and route:
laurens@Nova:~$ route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 10.0.0.1 0.0.0.0 UG 0 0 0 em1 10.0.0.0 * 255.255.0.0 U 0 0 0 em1 10.1.0.0 * 255.255.0.0 U 0 0 0 em1.4 10.2.0.0 * 255.255.0.0 U 0 0 0 em1.5 10.8.0.0 * 255.255.0.0 U 0 0 0 em2 10.9.0.0 * 255.255.0.0 U 0 0 0 em3 laurens@Nova:~$ ping6 google.be PING google.be(ams16s22-in-x03.1e100.net) 56 data bytes 64 bytes from ams16s22-in-x03.1e100.net: icmp_seq=1 ttl=50 time=38.7 ms 64 bytes from ams16s22-in-x03.1e100.net: icmp_seq=2 ttl=50 time=38.5 ms ^C --- google.be ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 38.557/38.645/38.734/0.215 ms laurens@Nova:~$ ifconfig em1 Link encap:Ethernet HWaddr 0c:c4:7a:08:a0:9e inet addr:10.0.0.107 Bcast:10.0.255.255 Mask:255.255.0.0 inet6 addr: 2a02:a03f:128d:cf00:ec4:7aff:fe08:a09e/64 Scope:Global inet6 addr: fe80::ec4:7aff:fe08:a09e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2954727 errors:0 dropped:0 overruns:0 frame:0 TX packets:3067010 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1114624692 (1.1 GB) TX bytes:884804362 (884.8 MB) Memory:df160000-df17ffff em2 Link encap:Ethernet HWaddr 0c:c4:7a:08:a0:9f inet addr:10.8.0.1 Bcast:10.8.255.255 Mask:255.255.0.0 inet6 addr: fe80::ec4:7aff:fe08:a09f/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1 errors:0 dropped:0 overruns:0 frame:0 TX packets:23722 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:60 (60.0 B) TX bytes:8225677 (8.2 MB) Memory:df140000-df15ffff em3 Link encap:Ethernet HWaddr 0c:c4:7a:08:a0:a0 inet addr:10.9.0.1 Bcast:10.9.255.255 Mask:255.255.0.0 inet6 addr: fe80::ec4:7aff:fe08:a0a0/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:14 errors:0 dropped:0 overruns:0 frame:0 TX packets:23148 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1300 (1.3 KB) TX bytes:8000628 (8.0 MB) Memory:df120000-df13ffff em1.4 Link encap:Ethernet HWaddr 0c:c4:7a:08:a0:9e inet addr:10.1.0.107 Bcast:10.1.255.255 Mask:255.255.0.0 inet6 addr: 2a02:a03f:128d:cf01:c877:1e44:5666:19d9/64 Scope:Global inet6 addr: 2a02:a03f:128d:cf01:ec4:7aff:fe08:a09e/64 Scope:Global inet6 addr: fe80::ec4:7aff:fe08:a09e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2039242 errors:0 dropped:0 overruns:0 frame:0 TX packets:2060210 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:179046006 (179.0 MB) TX bytes:163363911 (163.3 MB) em1.5 Link encap:Ethernet HWaddr 0c:c4:7a:08:a0:9e inet addr:10.2.0.107 Bcast:10.2.255.255 Mask:255.255.0.0 inet6 addr: fe80::ec4:7aff:fe08:a09e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4623 errors:0 dropped:0 overruns:0 frame:0 TX packets:24323 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:360801 (360.8 KB) TX bytes:8316667 (8.3 MB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:2328427 errors:0 dropped:0 overruns:0 frame:0 TX packets:2328427 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:338707423 (338.7 MB) TX bytes:338707423 (338.7 MB)Advanced DHCP6 settings:
I will post this again the day it fails again. The Pfsense reboots every day. So it's a test every day.
-
Your DHCPv6 is not working, you get link local addresses (staring with fe08).
Perhaps you need to set your router advertisement mode to managed?
