changed LTE router, now heavy delay, but down/up Speed is fine
-
It might be providing a valid v6 prefix. By default LAN will start handing those to clients. But if you don't have a firewall rule on LAN to allow v6 you will see exactly this. Clients will try to use v6 in preference if they have it and will have to timeout before falling back to v4.
Steve
-
The rules are generally used to allow traffic in. I've never seen a rule to allow IPv6 to be used on a LAN. So, then perhaps someone has created a rule they shouldn't have.
-
The default ruleset has an allow rule for IPv6 on LAN.
If that has been removed or disabled but LAN is still handing out v6 IPs to clients this is exactly what you'll see.
I've done it myself and spent time troubleshooting it.
Steve
-
I don't have LAN anything in my rules, yet IPv6 works fine. In addtion to my main LAN, I have a test LAN, a VLAN and OpenVPN, all using IPv6.
-
Well you certainly have some rule passing IPv6 traffic or it would be blocked.
-
I have rules that allow specific destinations, just not the entire LAN.
-
You see this is a rule on the LAN to allow clients to connect out using IPv6 rule right? Nothing to do with LAN as a destination.
-
The word "LAN" appears nowhere in my rules. I do have a * with destination WAN for IPv6.
-
You will probably need to show your rules.
-
Hello,
thank you ... I changed the WAN Interface from static to dhcp, because I get a static IP from my provider. Maybe because of this the gateways are not correct?
Here are some screenshots:
-
-
It looks like it's not pulling a gateway via DHCP. But I assume, since you have redacted it, that is is pulling an IP address?
Is the gateway outside the WAN subnet perhaps?
Steve
-
Wouldn't a bad or no gateway address cause complete failure, rather than just slow?
-
I would think so, yes. But I assumed the change to dhcp might have broken everything.
Though there are 900 states and it appears able to check for updates....
-
Hello,
the gateway by DHCP are ok:
So how could I fix it in "Status/Gateway" ?
-
First thing I would do is restart the dpinger service if you have not already.
Then check the system and gateways log for errors.
Steve
-
Hello,
I already restarted pfSense.
-
I delete the static Gateway and the DHCP Gateway seems ok. The Gateway is not ping able ... so he show "Offline"
-
Ok, then change the gateway monitor target to something external that does respond to ping.
https://docs.netgate.com/pfsense/en/latest/book/routing/gateway-settings.html#monitor-ip
Steve
-
ok, thank you. use 1.1.1.1
Its now showing online
