Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPv6 with track interface on LAN stopped working

    Scheduled Pinned Locked Moved IPv6
    43 Posts 5 Posters 10.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DerelictD
      Derelict LAYER 8 Netgate
      last edited by

      The DHCPv6 server should probably be enabled and RA on the tracked interface should probably be set to "Assisted" but that will not prevent the DHCPv6 on WAN and the prefix delegation from occurring. Though I seem to remember that there was a bug preventing it from attempting to get a PD if there were no interfaces set to track. I believe that has been fixed though.

      Chattanooga, Tennessee, USA
      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
      Do Not Chat For Help! NO_WAN_EGRESS(TM)

      1 Reply Last reply Reply Quote 0
      • DudleydoggD
        Dudleydogg @Derelict
        last edited by

        @derelict I have though as much and wonder if their is a way to reset WAN back to default like their is some request for an address that is stuck. Only ipv6 I can make work is HE tunnel. Previously native from Spectrum (TWC) was working perfectly.

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          I'd call Cox. Or tweet (DM) them. They seem to respond there with some knowledge.

          You might just have to let stuff expire (stop testing with laptops and routers) until they give you another lease.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            @dxmaster said in IPv6 with track interface on LAN stopped working:

            I just redid my install from scratch, set lan to track, nothing checked on WAN.

            Just looking back. What do you mean nothing checked? WAN needs to be set to DHCPv6.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • D
              dxmaster
              last edited by

              Ok, so it has been a few hours and USPS dropped off a shiny new 4 port intel nic that I threw in a spare computer and tossed a 64GB SSD in and all is well in the world. I have a feeling its something related to my unRaid servers NIC cards or something with the virtualization of pfSense within unRaid. I might toss this nic in my unRaid box and see if I can get it working with the new nic but either way, im up and running just fine on a different computer.

              1 Reply Last reply Reply Quote 0
              • DudleydoggD
                Dudleydogg
                last edited by

                no responses were received
                reset a timer on vmx0
                send request to ff02::1:2%vmx0
                set IA_PD
                set IA_PD prefix
                set option request (len 4)
                set elapsed time (len 2)
                set identity association
                set IA address
                set server ID (len 14)
                set client ID (len 14)
                Sending Request
                So my router is requesting and I see a PD and ipv6 ip in the Logs but the last part of the log file does state no responses were received. Is their anything that could be preventing this request to go out my WAN to the ISP?

                and the send request does not seem to be a routable address is local link ff02

                1 Reply Last reply Reply Quote 0
                • DerelictD
                  Derelict LAYER 8 Netgate
                  last edited by Derelict

                  That is not link-local. It is multicast to ff02::1:2 (All_DHCP_Relay_Agents_and_Servers).

                  https://en.wikipedia.org/wiki/DHCPv6

                  Your problem is there is no response.

                  In order to verify the packet is actually going out on the wire, you will have to capture on the wire itself.

                  Been doing this a while and I have never seen a transmission out a port in a pcap that was not actually sent out on the wire.

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • DudleydoggD
                    Dudleydogg @Derelict
                    last edited by Dudleydogg

                    @derelict Misconfigured on my Part or the ISP? I have installed pfsense from scratch and configured only WAN And LAN to test or verify its nothing in my configuration So clean install I still hang on WAN at boot, and no ipv6 is assigned. Only hardware is TWC modem, but its bridged. are their settings even in Bridge mode I need to be aware of?
                    How else can I configure or Wipe the WAN settings back to Default?

                    1 Reply Last reply Reply Quote 0
                    • DerelictD
                      Derelict LAYER 8 Netgate
                      last edited by Derelict

                      You can't. They can either provide the information you need to configure the WAN interface or I guess it doesn't work.

                      Not possible for me to try it for you because I don't have one of those connections available to test on.

                      Not really sure what to recommend that hasn't already been said. You have never posted any logs that actually showed any kind of response to the DHCPv6 solicits.

                      Chattanooga, Tennessee, USA
                      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                      Do Not Chat For Help! NO_WAN_EGRESS(TM)

                      DudleydoggD 2 Replies Last reply Reply Quote 0
                      • DudleydoggD
                        Dudleydogg @Derelict
                        last edited by

                        @derelict I do appreciate you helping me sorry if I neglected to upload a log. If I debug the logfile for just DHCP this is what I capture from Solicit too Failure:
                        0_1536608957165_3bf08d17-dfcb-4a94-ae53-751097ceeeaa-image.png Debug 10.0.1.254 removing server (ID: 00:01:00:01:21:c2:86:9d:00:50:56:97:d7:cd)
                        Debug 10.0.1.254 removing an event on vmx0 state=REQUEST
                        Info 10.0.1.254 no responses were received
                        Debug 10.0.1.254 reset a timer on vmx0 state=REQUEST timeo=9 retrans=30729
                        Debug 10.0.1.254 send request to ff02::1:2%vmx0
                        Debug 10.0.1.254 set IA_PD
                        Debug 10.0.1.254 set IA_PD prefix
                        Debug 10.0.1.254 set option request (len 4)
                        Debug 10.0.1.254 set elapsed time (len 2)
                        Debug 10.0.1.254 set identity association
                        Debug 10.0.1.254 set IA address
                        Debug 10.0.1.254 set server ID (len 14)
                        Debug 10.0.1.254 set client ID (len 18)
                        Info 10.0.1.254 Sending Request
                        Debug 10.0.1.254 reset a timer on vmx0 state=REQUEST timeo=8 retrans=32136
                        Debug 10.0.1.254 send request to ff02::1:2%vmx0
                        Debug 10.0.1.254 set IA_PD
                        Debug 10.0.1.254 set IA_PD prefix
                        Debug 10.0.1.254 set option request (len 4)
                        Debug 10.0.1.254 set elapsed time (len 2)
                        Debug 10.0.1.254 set identity association
                        Debug 10.0.1.254 set IA address
                        Debug 10.0.1.254 set server ID (len 14)
                        Debug 10.0.1.254 set client ID (len 18)
                        Info 10.0.1.254 Sending Request
                        Debug 10.0.1.254 reset a timer on vmx0 state=REQUEST timeo=7 retrans=32529
                        Debug 10.0.1.254 send request to ff02::1:2%vmx0
                        Debug 10.0.1.254 set IA_PD
                        Debug 10.0.1.254 set IA_PD prefix
                        Debug 10.0.1.254 set option request (len 4)
                        Debug 10.0.1.254 set elapsed time (len 2)
                        Debug 10.0.1.254 set identity association
                        Debug 10.0.1.254 set IA address
                        Debug 10.0.1.254 set server ID (len 14)
                        Debug 10.0.1.254 set client ID (len 18)
                        Info 10.0.1.254 Sending Request
                        Debug 10.0.1.254 reset a timer on vmx0 state=REQUEST timeo=6 retrans=27864
                        Debug 10.0.1.254 send request to ff02::1:2%vmx0
                        Debug 10.0.1.254 set IA_PD
                        Debug 10.0.1.254 set IA_PD prefix
                        Debug 10.0.1.254 set option request (len 4)
                        Debug 10.0.1.254 set elapsed time (len 2)
                        Debug 10.0.1.254 set identity association
                        Debug 10.0.1.254 set IA address
                        Debug 10.0.1.254 set server ID (len 14)
                        Debug 10.0.1.254 set client ID (len 18)
                        Info 10.0.1.254 Sending Request
                        Debug 10.0.1.254 reset a timer on vmx0 state=REQUEST timeo=5 retrans=29423
                        Debug 10.0.1.254 send request to ff02::1:2%vmx0
                        Debug 10.0.1.254 set IA_PD
                        Debug 10.0.1.254 set IA_PD prefix
                        Debug 10.0.1.254 set option request (len 4)
                        Debug 10.0.1.254 set elapsed time (len 2)
                        Debug 10.0.1.254 set identity association
                        Debug 10.0.1.254 set IA address
                        Debug 10.0.1.254 set server ID (len 14)
                        Debug 10.0.1.254 set client ID (len 18)
                        Info 10.0.1.254 Sending Request
                        Debug 10.0.1.254 reset a timer on vmx0 state=REQUEST timeo=4 retrans=14139
                        Debug 10.0.1.254 send request to ff02::1:2%vmx0
                        Debug 10.0.1.254 set IA_PD
                        Debug 10.0.1.254 set IA_PD prefix
                        Debug 10.0.1.254 set option request (len 4)
                        Debug 10.0.1.254 set elapsed time (len 2)
                        Debug 10.0.1.254 set identity association
                        Debug 10.0.1.254 set IA address
                        Debug 10.0.1.254 set server ID (len 14)
                        Debug 10.0.1.254 set client ID (len 18)
                        Info 10.0.1.254 Sending Request
                        Debug 10.0.1.254 reset a timer on vmx0 state=REQUEST timeo=3 retrans=7426
                        Debug 10.0.1.254 send request to ff02::1:2%vmx0
                        Debug 10.0.1.254 set IA_PD
                        Debug 10.0.1.254 set IA_PD prefix
                        Debug 10.0.1.254 set option request (len 4)
                        Debug 10.0.1.254 set elapsed time (len 2)
                        Debug 10.0.1.254 set identity association
                        Debug 10.0.1.254 set IA address
                        Debug 10.0.1.254 set server ID (len 14)
                        Debug 10.0.1.254 set client ID (len 18)
                        Info 10.0.1.254 Sending Request
                        Debug 10.0.1.254 reset a timer on vmx0 state=REQUEST timeo=2 retrans=3731
                        Debug 10.0.1.254 send request to ff02::1:2%vmx0
                        Debug 10.0.1.254 set IA_PD
                        Debug 10.0.1.254 set IA_PD prefix
                        Debug 10.0.1.254 set option request (len 4)
                        Debug 10.0.1.254 set elapsed time (len 2)
                        Debug 10.0.1.254 set identity association
                        Debug 10.0.1.254 set IA address
                        Debug 10.0.1.254 set server ID (len 14)
                        Debug 10.0.1.254 set client ID (len 18)
                        Info 10.0.1.254 Sending Request
                        Debug 10.0.1.254 reset a timer on vmx0 state=REQUEST timeo=1 retrans=1873
                        Debug 10.0.1.254 send request to ff02::1:2%vmx0
                        Debug 10.0.1.254 set IA_PD
                        Debug 10.0.1.254 set IA_PD prefix
                        Debug 10.0.1.254 set option request (len 4)
                        Debug 10.0.1.254 set elapsed time (len 2)
                        Debug 10.0.1.254 set identity association
                        Debug 10.0.1.254 set IA address
                        Debug 10.0.1.254 set server ID (len 14)
                        Debug 10.0.1.254 set client ID (len 18)
                        Info 10.0.1.254 Sending Request
                        Debug 10.0.1.254 reset a timer on vmx0 state=REQUEST timeo=0 retrans=983
                        Debug 10.0.1.254 send request to ff02::1:2%vmx0
                        Debug 10.0.1.254 set IA_PD
                        Debug 10.0.1.254 set IA_PD prefix
                        Debug 10.0.1.254 set option request (len 4)
                        Debug 10.0.1.254 set elapsed time (len 2)
                        Debug 10.0.1.254 set identity association
                        Debug 10.0.1.254 set IA address
                        Debug 10.0.1.254 set server ID (len 14)
                        Debug 10.0.1.254 set client ID (len 18)
                        Debug 10.0.1.254 a new XID (ddf60e) is generated
                        Info 10.0.1.254 Sending Request
                        Debug 10.0.1.254 server ID: 00:01:00:01:21:c2:86:9d:00:50:56:97:d7:cd pref=255
                        Debug 10.0.1.254 preference: 255
                        Debug 10.0.1.254 get DHCP option preference len 1
                        Debug 10.0.1.254 IA_PD prefix: 2603:9000:b501:cb00::/56 pltime=500360 vltime=500360
                        Debug 10.0.1.254 get DHCP option IA_PD prefix len 25
                        Debug 10.0.1.254 IA_PD: ID=0 T1=250180 T2=400288
                        Debug 10.0.1.254 get DHCP option IA_PD len 41
                        Debug 10.0.1.254 IA_NA address: 2603:9000:ff00:b5:420:f8c9:65a7:82d pltime=500360 vltime=500360
                        Debug 10.0.1.254 get DHCP option IA address len 24
                        Debug 10.0.1.254 IA_NA: ID=0 T1=250180 T2=400288
                        Debug 10.0.1.254 get DHCP option identity association len 40
                        Debug 10.0.1.254 DUID: 00:01:00:01:21:c2:86:9d:00:50:56:97:d7:cd
                        Debug 10.0.1.254 get DHCP option server ID len 14
                        Debug 10.0.1.254 DUID: 00:04:87:ae:49:01:54:64:11:cb:bb:2c:9d:4b:6c:e6:b1:0e
                        Debug 10.0.1.254 get DHCP option client ID len 18
                        Debug 10.0.1.254 receive advertise from fe80::2bc:60ff:fe93:1419%vmx0 on vmx0
                        Debug 10.0.1.254 reset a timer on vmx0 state=SOLICIT timeo=8 retrans=117984
                        Debug 10.0.1.254 send solicit to ff02::1:2%vmx0
                        Debug 10.0.1.254 set IA_PD
                        Debug 10.0.1.254 set IA_PD prefix
                        Debug 10.0.1.254 set option request (len 4)
                        Debug 10.0.1.254 set elapsed time (len 2)
                        Debug 10.0.1.254 set identity association
                        Debug 10.0.1.254 set client ID (len 18)
                        Info 10.0.1.254 Sending Solicit

                        1 Reply Last reply Reply Quote 0
                        • DudleydoggD
                          Dudleydogg @Derelict
                          last edited by

                          @derelict Finally after all this time I see this in the Logs Now:
                          got an expected reply, sleeping
                          so Magically all the sudden ipv6 for the moment is working.

                          DudleydoggD 1 Reply Last reply Reply Quote 0
                          • DudleydoggD
                            Dudleydogg @Dudleydogg
                            last edited by

                            @dudleydogg said in IPv6 with track interface on LAN stopped working:

                            @derelict Finally after all this time I see this in the Logs Now:
                            got an expected reply, sleeping
                            so Magically all the sudden ipv6 for the moment is working.

                            I spoke too soon, I can ping and trace ipv6 from lan and wan using diag in pfsense, but no pc's on network can route traffic out. and when I can do tracert from pc first hope is LAN ip not Gateway IP.

                            1 Reply Last reply Reply Quote 0
                            • DerelictD
                              Derelict LAYER 8 Netgate
                              last edited by

                              Going to have to show us the interface config you end up with on the client, the routing table on the client, and the firewall rules on the LAN interface for starters. And the routing table on the firewall.

                              Chattanooga, Tennessee, USA
                              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                              Do Not Chat For Help! NO_WAN_EGRESS(TM)

                              1 Reply Last reply Reply Quote 0
                              • luckman212L
                                luckman212 LAYER 8 @Derelict
                                last edited by luckman212

                                @derelict said in IPv6 with track interface on LAN stopped working:

                                The DUID should be saved in the config anyway. I use DUID-LLT. You can manually get a new time in seconds with date "+%s"

                                If you want the DUID-LLT to more closely resemble the one pfSense generates, use this, since they actually calculate from 1/1/2000 instead of 1/1/1970...

                                expr $(date +%s) - 946684800
                                
                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.