Odd IPv6 Issue

JKnott

Does pfSense maintain an IPv6 address?

BTW, why don't people ever have even issues?  ;)

jamesonp

It does maintain an IP and can ping ipv6.google.com

junicast

Might be a good idea to sniff with wireshark and have look at what messages you see from your router (router advertisements or answers to router discoveries). You might want to filter for ICMP6 packages.
Did you set the router lifetime in the RA settings on the firewall?

jamesonp

@pmisch:

Might be a good idea to sniff with wireshark and have look at what messages you see from your router (router advertisements or answers to router discoveries). You might want to filter for ICMP6 packages.
Did you set the router lifetime in the RA settings on the firewall?

I changed the router lifetime to 1800 and still no change.  I ran Wireshark and didn't see anything abnormal with the RA messages.  Although I am new at reading these.  Maybe you could have a look:

RA

Frame 118915: 246 bytes on wire (1968 bits), 246 bytes captured (1968 bits) on interface 0
Ethernet II, Src: AdiEngin_xx:xx:xx (xx:xx:xx:xx:xx:xx), Dst: AsustekC_39:04:98 (xx:xx:xx:xx:xx:xx)
Internet Protocol Version 6, Src: fe80::1:1, Dst: fe80::e899:1dd9:b899:72ae
    0110 .... = Version: 6
    .... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
    .... .... .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000
    Payload Length: 192
    Next Header: ICMPv6 (58)
    Hop Limit: 255
    Source: fe80::1:1
    Destination: fe80::e899:1dd9:b899:72ae
    [Source GeoIP: Unknown]
    [Destination GeoIP: Unknown]
Internet Control Message Protocol v6
    Type: Router Advertisement (134)
    Code: 0
    Checksum: 0x6d13 [correct]
    [Checksum Status: Good]
    Cur hop limit: 64
    Flags: 0x08, Prf (Default Router Preference): High
    Router lifetime (s): 1800
    Reachable time (ms): 0
    Retrans timer (ms): 0
    ICMPv6 Option (Prefix information : 2606:6000:xxxx:xxxx::/64)
        Type: Prefix information (3)
        Length: 4 (32 bytes)
        Prefix Length: 64
        Flag: 0xe0, On-link flag(L), Autonomous address-configuration flag(A), Router address flag(R)
        Valid Lifetime: 86400
        Preferred Lifetime: 14400
        Reserved
        Prefix: 2606:6000:xxxx:xxxx::
    ICMPv6 Option (Route Information : Medium ::/0)
        Type: Route Information (24)
        Length: 3 (24 bytes)
        Prefix Length: 0
        Flag: 0x00, Route Preference: Medium
        Route Lifetime: 60
        Prefix: ::
    ICMPv6 Option (Recursive DNS Server 2001:4860:4860::8888 2001:4860:4860::8844)
        Type: Recursive DNS Server (25)
        Length: 5 (40 bytes)
        Reserved
        Lifetime: 20
        Recursive DNS Servers: 2001:4860:4860::8888
        Recursive DNS Servers: 2001:4860:4860::8844
    ICMPv6 Option (DNS Search List Option home.internal.yyyy.com home.internal.yyyy.com)
        Type: DNS Search List Option (31)
        Length: 8 (64 bytes)
        Reserved
        Lifetime: 20
        Domain Names: home.internal.yyyy.com
        Domain Names: home.internal.yyyy.com
    ICMPv6 Option (MTU : 1500)
        Type: MTU (5)
        Length: 1 (8 bytes)
        Reserved
        MTU: 1500
    ICMPv6 Option (Source link-layer address : xx:xx:xx:xx:xx:xx)
        Type: Source link-layer address (1)
        Length: 1 (8 bytes)
        Link-layer address: AdiEngin_xx:xx:xx (xx:xx:xx:xx:xx:xx)

jamesonp

So I think I've identified the issue but I don't have any clue what would be causing it.  When I do an ipconfig /renew6, the default gateway of fe80::1:1%2 is added.  After approximately 1 minute, the default gateway is dropped and only the IPv4 gateway remains.

Gertjan

Just a wild shot : your device can actually "ICMP" pfSense ? (I guess without it a IPV6 ping reply  it will drop the gateway …)

jamesonp

@Gertjan:

Just a wild shot : your device can actually "ICMP" pfSense ? (I guess without it a IPV6 ping reply  it will drop the gateway …)

The fe80::1:1 still is pingable and so is the actual IPv6 address after the fe80::1:1 gateway is dropped…I have no idea what the issue is!!!

jamesonp

I keep getting this when starting radvd:

[Dec 02 19:44:36] radvd (87691): ioctl(SIOCGIFFLAGS) succeeded on igb1.10
[Dec 02 19:44:36] radvd (87691): igb1.10 is up
[Dec 02 19:44:36] radvd (87691): igb1.10 is running
[Dec 02 19:44:36] radvd (87691): igb1.10 supports multicast
[Dec 02 19:44:36] radvd (87691): ioctl(SIOCGIFFLAGS) succeeded on igb1.10
[Dec 02 19:44:36] radvd (87691): igb1.10 is up
[Dec 02 19:44:36] radvd (87691): igb1.10 is running
[Dec 02 19:44:36] radvd (87691): igb1.10 supports multicast
[Dec 02 19:44:36] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:44:39] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:44:42] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:44:45] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:44:48] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:44:51] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:44:52] radvd (87691): ioctl(SIOCGIFFLAGS) succeeded on igb1.10
[Dec 02 19:44:52] radvd (87691): igb1.10 is up
[Dec 02 19:44:52] radvd (87691): igb1.10 is running
[Dec 02 19:44:52] radvd (87691): igb1.10 supports multicast
[Dec 02 19:44:54] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:44:57] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:00] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:06] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:08] radvd (87691): ioctl(SIOCGIFFLAGS) succeeded on igb1.10
[Dec 02 19:45:08] radvd (87691): igb1.10 is up
[Dec 02 19:45:08] radvd (87691): igb1.10 is running
[Dec 02 19:45:08] radvd (87691): igb1.10 supports multicast
[Dec 02 19:45:09] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:12] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:15] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:18] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:21] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:24] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:27] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:30] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:33] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:36] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:36] radvd (87691): ioctl(SIOCGIFFLAGS) succeeded on igb1.10
[Dec 02 19:45:36] radvd (87691): igb1.10 is up
[Dec 02 19:45:36] radvd (87691): igb1.10 is running
[Dec 02 19:45:36] radvd (87691): igb1.10 supports multicast
[Dec 02 19:45:39] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:41] radvd (87691): ioctl(SIOCGIFFLAGS) succeeded on igb1.10
[Dec 02 19:45:41] radvd (87691): igb1.10 is up
[Dec 02 19:45:41] radvd (87691): igb1.10 is running
[Dec 02 19:45:41] radvd (87691): igb1.10 supports multicast
[Dec 02 19:45:42] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:45] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:48] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:51] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:53] radvd (87691): ioctl(SIOCGIFFLAGS) succeeded on igb1.10
[Dec 02 19:45:53] radvd (87691): igb1.10 is up
[Dec 02 19:45:53] radvd (87691): igb1.10 is running
[Dec 02 19:45:53] radvd (87691): igb1.10 supports multicast
[Dec 02 19:45:54] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:45:57] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:46:00] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1

Everytime I do a manual /renew6, the logs show:

[Dec 02 19:45:53] radvd (87691): igb1.10 is up
[Dec 02 19:45:53] radvd (87691): igb1.10 is running
[Dec 02 19:45:53] radvd (87691): igb1.10 supports multicast

Followed by this over and over again until the new /renew6:

[Dec 02 19:46:15] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:46:18] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:46:21] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:46:24] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1
[Dec 02 19:46:27] radvd (87691): igb0 received icmpv6 RS/RA packet on an unknown interface with index 1

Guest

How is RADVD set up?

jamesonp

Thanks for the replies.  The issue ended up being a bug with IGMP snooping on my Ubiquiti Edgeswitch.  Disabling IGMP snooping on the specific VLAN with unmanaged RAs set allowed the RAs to be broadcasted to the clients.