Unbound ipv6 problems anyone?
-
@marjohn56:
So, let's start with the basics, Scott, what are you running pfSense on?
I'm running it on an official pfSense (Negate) SG-2440 appliance.
Do you notice these messages in the dhcp log? They are the very first dhcp6c messages
I believe I have these messages in my log too, I will confirm and post when I get home from work.
-
Ignore those messages, they are in everyone's log and have been since day one. dhcp6c is looking for the a key that does not exist and will not exist as pfSense does not use that method of control, it's just noise in the log. I could stop it but it really is nothing.
-
@marjohn56:
Ignore those messages, they are in everyone's log and have been since day one. dhcp6c is looking for the a key that does not exist and will not exist as pfSense does not use that method of control, it's just noise in the log. I could stop it but it really is nothing.
If they are normal, I don't care that they are there. I was just wondering if dhcp6c was blocking momentarily because of some issue.
-
@marjohn56:
So, let's start with the basics, Scott, what are you running pfSense on?
I'm running it on an official pfSense (Negate) SG-2440 appliance.
I'm running on a hyper-v server. The guest has 2000 MB of RAM and 2 processors. It's basically idling. The server is lightly loaded.
Do you notice these messages in the dhcp log? They are the very first dhcp6c messages
I believe I have these messages in my log too, I will confirm and post when I get home from work.
It sounds like they are a non-issue.
-
@marjohn56:
It would appear that something is odd with your system Bimmer, otherwise Chris and Ned over here would be suffering also, and they are not having any issues.
Here is some further info that makes me wonder why dhcp6c and unbound messages start to appear in the log around the same time during the reboot. Not clear what is happening during the "Configuring WAN interface…done." phase, but it's a few steps before unbound is started, yet dhcp6c is only barely into the startup phase by the time unbound is starting.
 -
And here are a few more log messages from general:
Aug 4 09:19:22 php-fpm 291 /rc.newwanipv6: Removing static route for monitor fe80::ea4:2ff:fe29:5001 and adding a new route through fe80::ea4:2ff:fe29:5001%hn1 Aug 4 09:19:22 php-fpm 291 /rc.newwanipv6: ROUTING: setting IPv6 default route to fe80::ea4:2ff:fe29:5001%hn1 Aug 4 09:19:22 php-fpm 291 /rc.newwanipv6: ROUTING: setting default route to 154.20.116.1 Aug 4 09:19:22 php-fpm 291 /rc.newwanipv6: rc.newwanipv6: on (IP address: fe80::215:5dff:fe5c:e21d%hn1) (interface: wan) (real interface: hn1). Aug 4 09:19:22 php-fpm 291 /rc.newwanipv6: rc.newwanipv6: Info: starting on hn1. Aug 4 09:19:21 rtsold Received RA specifying route fe80::ea4:2ff:fe29:5001 for interface wan(hn1) Aug 4 09:19:17 kernel done. Aug 4 09:19:16 php-cgi rc.bootup: ROUTING: setting default route to 154.20.116.1 Aug 4 09:19:16 kernel .done. Aug 4 09:19:15 kernel pflog0: promiscuous mode enabled Aug 4 09:19:15 php-cgi rc.bootup: Resyncing OpenVPN instances. Aug 4 09:19:15 kernel hn0: link state changed to UP Aug 4 09:19:15 check_reload_status Linkup starting hn0 Aug 4 09:19:15 php-cgi rc.bootup: Starting dhcp6 client for interface wan hn1 in DHCP6 without RA modeThe first unbound log message appeared at 09:19:17.
-
scrapped my post as you already said its defaults, I would follow the advice given and compare ipv6 settings.
-
I'm using the same ipv6 settings that I've been using for months which are correct for my ISP. The only variable is whether or not to send a prefix hint and that makes no difference. Without the other settings are they are, the PD process will not complete.
I had thought this was a new problem since the other recent changes to unbound, but I restarted my 2.3.4 system and noticed it does the same thing. As I said before, I think this slipped through the cracks before because unbound used to restart so often on its own. However, when I rebooted my 2.3.4 system, I checked nslookup google.com immediately after booting and it failed. After restarting unbound, it worked.
Unless someone has another explanation, this problem appears to be caused by unbound starting before the PD process is complete.
-
I did a couple more packet captures with wireshark, two reboots from the 2.3.4 system and two from the 2.4 beta system.
The 2.3.4 system took 2.34 seconds and 1.36 seconds. The 2.4 beta system took 4.84 seconds both times.
Both systems have identical WAN ipv6 settings. It's interesting to notice that pfsense 2.3.4 appears to send the RS after sending the second dhcp request before the reply is received, rather than apparently waiting for the reply as pfsense 2.4 beta does. I have never noticed this behaviour before. It could be a coincidence.
You can see that the link-local address of the edge router is the same in both cases, so any difference is from pfsense, not the edge router.
 -
When I get some time to play I'll put something together for you. Don't know when that will be as real work is exceptionally busy at the moment.
-
I've issued a PR for this.
-
I installed the PR and I'm happy to confirm that it works perfectly.
So you can see it in action, here are some log messages:
Aug 11 10:23:32 php-cgi rc.bootup: sync unbound done. Aug 11 10:23:31 php-cgi rc.bootup: dhcp6 init complete. Continuing Aug 11 10:23:30 php-fpm 291 /rc.newwanipv6: Removing static route for monitor fe80::ea4:2ff:fe29:5001 and adding a new route through fe80::ea4:2ff:fe29:5001%hn1 Aug 11 10:23:30 php-fpm 291 /rc.newwanipv6: ROUTING: setting IPv6 default route to fe80::ea4:2ff:fe29:5001%hn1 Aug 11 10:23:30 php-fpm 291 /rc.newwanipv6: ROUTING: setting default route to *.*.116.1 Aug 11 10:23:30 php-fpm 291 /rc.newwanipv6: rc.newwanipv6: on (IP address: fe80::215:5dff:fe5c:e21d%hn1) (interface: wan) (real interface: hn1). Aug 11 10:23:30 php-fpm 291 /rc.newwanipv6: rc.newwanipv6: Info: starting on hn1. Aug 11 10:23:30 php-cgi rc.bootup: Unbound start waiting on dhcp6c. Aug 11 10:23:29 rtsold Received RA specifying route fe80::ea4:2ff:fe29:5001 for interface wan(hn1) Aug 11 10:23:29 php-cgi rc.bootup: Unbound start waiting on dhcp6c. Aug 11 10:23:28 php-cgi rc.bootup: Unbound start waiting on dhcp6c. Aug 11 10:23:27 php-cgi rc.bootup: Unbound start waiting on dhcp6c. Aug 11 10:23:33 php-cgi rc.bootup: Unbound start waiting on dhcp6c. Aug 11 10:23:32 php-cgi rc.bootup: Unbound start waiting on dhcp6c. Aug 11 10:23:31 php-cgi rc.bootup: Unbound start waiting on dhcp6c. Aug 11 10:23:31 php-cgi rc.bootup: ROUTING: setting default route to 154.20.116.1 Aug 11 10:23:30 php-cgi rc.bootup: Resyncing OpenVPN instances. Aug 11 10:23:30 kernel hn0: link state changed to UP Aug 11 10:23:30 check_reload_status Linkup starting hn0 Aug 11 10:23:30 php-cgi rc.bootup: Starting dhcp6 client for interface wan hn1 in DHCP6 without RA mode Aug 11 10:23:28 php-fpm 291 /rc.newwanip: rc.newwanip: on (IP address: *.*.118.8) (interface: WAN[wan]) (real interface: hn1). Aug 11 10:23:28 php-fpm 291 /rc.newwanip: rc.newwanip: Info: starting on hn1. Aug 11 10:23:27 php-cgi rc.bootup: Accept router advertisements on interface hn1 Aug 11 10:23:27 php-cgi rc.bootup: calling interface_dhcpv6_configure. Aug 11 10:23:27 check_reload_status rc.newwanip starting hn1Thank you very much for fixing this problem.
-
Apart from the weird time stamps. 8)
-
@marjohn56:
Apart from the weird time stamps. 8)
I never noticed that. I guess that's a bug in the log.
-
@marjohn56:
Apart from the weird time stamps. 8)
You've cracked time travel as well :-)
-
Just to be sure I did test this and seems to not break anything on uk sky connections. So good from my end.
-
bimmerdriver, is it possible that you have trouble with hardware clock? ???
-
@nivek1612:
@marjohn56:
Apart from the weird time stamps. 8)
You've cracked time travel as well :-)
I rebooted and took another look at the logs. I guess the time travel was a once-only event. Strange.
-
Maybe NTP daemon syncs sometimes in the same time unbound starts?
-
I think the time traveller idea is more fun. 8)
