IPv6 with track interface on LAN stopped working

Dudleydogg

I setup Syslog and can filter for dhcpd6, so I caught this in the Log when saving WAN/LAN forcing dhcpd6 to update:

0_1536243738300_ae793fc9-2b5c-490a-bcb5-23f9795f6de6-image.png reset a timer on vmx0
transmit failed: Can't assign requested address
set IA_PD
set IA_PD prefix
set option request (len 4)
set elapsed time (len 2)
set identity association
set client ID (len 18)
Sending Solicit
reset a timer on vmx0
transmit failed: Can't assign requested address
set IA_PD
set IA_PD prefix
set option request (len 4)
set elapsed time (len 2)
set identity association
set client ID (len 18)
Sending Solicit
reset a timer on vmx0
transmit failed: Can't assign requested address

dxmaster

@Derelict you live in Vegas so I’m guessing you have Cox as well. Any tips to get ipv6 working? I just redid my install from scratch, set lan to track, nothing checked on WAN. Still only getting link-local ipv6 address. It’s driving me crazy!

Derelict

This is what I use with Cox and a Netgear CM600:

0_1536248745484_Screen Shot 2018-09-06 at 8.44.46 AM.png

dxmaster

so these are the logs from dhcp, any hints from them as to what is going on? I even tried swapping interfaces just now and still no good.

Derelict

Anything else ever happen? It's not uncommon to take a few solicits before getting a response. Not sure why they delay.

With Cable it is strange because you are often actually talking to your modem, which is obtaining the address information from upstream via whatever method (I have never seen a Cable ISP any further up than the modem itself so it's a "black box" to me). Have you verified with Cox that your modem will work with IPv6 and that they don't have to enable something?

dxmaster

@derelict Yeah, if I go direct into my laptop from the modem I get an IPv6 address right away. I just switched back over to my edgerouter and boom, just like that it has an IPv6 address.

dxmaster

Ok, so if I plug the edgerouter into the modem then feed pfsense from the edgerouter it gets an ipv6 address but not direct to the modem. What the heck?!

Derelict

All I can say is those settings work. if pfSense is sending the solicit and getting no reply, not sure where to have you go except upstream to them. Maybe try the unplug WAN, reboot modem, let it sync, reconnect WAN dance.

Maybe edit/save a new DUID in System > Advanced, Networking. Resetting the DUID might kick the DHCP server into gear but just a guess.

The DUID should be saved in the config anyway. I use DUID-LLT. You can manually get a new time in seconds with date "+%s"

dxmaster

How can I view the actual DUID to confirm that its changing?

Derelict

Should be in the dhcp6c logs

Derelict

@dudleydogg That looks like the client cannot transmit on that interface at all.

Can't assign requested address likely means that the WAN interface addressing is pretty grossly misconfigured. Or maybe the default gateway is not something on the WAN subnet, or something else wrong with sending traffic out WAN. Hard to say based on that.

Derelict

The DHCPv6 server should probably be enabled and RA on the tracked interface should probably be set to "Assisted" but that will not prevent the DHCPv6 on WAN and the prefix delegation from occurring. Though I seem to remember that there was a bug preventing it from attempting to get a PD if there were no interfaces set to track. I believe that has been fixed though.

Dudleydogg

@derelict I have though as much and wonder if their is a way to reset WAN back to default like their is some request for an address that is stuck. Only ipv6 I can make work is HE tunnel. Previously native from Spectrum (TWC) was working perfectly.

Derelict

I'd call Cox. Or tweet (DM) them. They seem to respond there with some knowledge.

You might just have to let stuff expire (stop testing with laptops and routers) until they give you another lease.

Derelict

@dxmaster said in IPv6 with track interface on LAN stopped working:

I just redid my install from scratch, set lan to track, nothing checked on WAN.

Just looking back. What do you mean nothing checked? WAN needs to be set to DHCPv6.

dxmaster

Ok, so it has been a few hours and USPS dropped off a shiny new 4 port intel nic that I threw in a spare computer and tossed a 64GB SSD in and all is well in the world. I have a feeling its something related to my unRaid servers NIC cards or something with the virtualization of pfSense within unRaid. I might toss this nic in my unRaid box and see if I can get it working with the new nic but either way, im up and running just fine on a different computer.

Dudleydogg

no responses were received
reset a timer on vmx0
send request to ff02::1:2%vmx0
set IA_PD
set IA_PD prefix
set option request (len 4)
set elapsed time (len 2)
set identity association
set IA address
set server ID (len 14)
set client ID (len 14)
Sending Request
So my router is requesting and I see a PD and ipv6 ip in the Logs but the last part of the log file does state no responses were received. Is their anything that could be preventing this request to go out my WAN to the ISP?

and the send request does not seem to be a routable address is local link ff02

Derelict

That is not link-local. It is multicast to ff02::1:2 (All_DHCP_Relay_Agents_and_Servers).

https://en.wikipedia.org/wiki/DHCPv6

Your problem is there is no response.

In order to verify the packet is actually going out on the wire, you will have to capture on the wire itself.

Been doing this a while and I have never seen a transmission out a port in a pcap that was not actually sent out on the wire.

Dudleydogg

@derelict Misconfigured on my Part or the ISP? I have installed pfsense from scratch and configured only WAN And LAN to test or verify its nothing in my configuration So clean install I still hang on WAN at boot, and no ipv6 is assigned. Only hardware is TWC modem, but its bridged. are their settings even in Bridge mode I need to be aware of?
How else can I configure or Wipe the WAN settings back to Default?

Derelict

You can't. They can either provide the information you need to configure the WAN interface or I guess it doesn't work.

Not possible for me to try it for you because I don't have one of those connections available to test on.

Not really sure what to recommend that hasn't already been said. You have never posted any logs that actually showed any kind of response to the DHCPv6 solicits.