Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPv6 Track Interface not getting IPv6

    Scheduled Pinned Locked Moved IPv6
    15 Posts 4 Posters 2.8k Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • cmcqueenC Offline
      cmcqueen
      last edited by cmcqueen

      I've got two issues with IPv6 "Track Interface" not getting its IPv6 address. pfSense 2.4.5.

      Firstly, I've been setting up an OPT1 interface. I configured everything correctly with IPv6 Configuration Type being "Track Interface", tracking the WAN. But still, I found that IPv6 would not start operating until I went to Status โ†’ Interfaces, and did "Release WAN" and then "Renew WAN". Then IPv6 started working. (I think this also happened when I originally set up the LAN interface in pfSense 2.4.4-p3, but I wasn't sure what was going on at the time. I think it may have started working when I changed a WAN configuration experimentally, which had a similar effect as releasing and renewing the WAN.)

      Secondly, with everything running fine, and the LAN and OPT1 both working with IPv6 addressesโ€” If the power goes out, then when the power comes back on, LAN and OPT1 don't get an IPv6 address. Then when I manually do a "Release WAN" and then "Renew WAN", they get their IPv6 addresses.

      I'm in Australia, using the NBN FttC through the NCD (NBN Connection Device which is a modem with reverse power feed to the fibre DPU on the street). My provider is Aussie Broadband, using IPoE giving the addresses with DHCP and DHCPv6. When the power goes off, the NCD, the pfSense box and all my switches all lose power, and then all switch on at the same time when the power comes back on.

      JKnottJ 1 Reply Last reply Reply Quote 1
      • JKnottJ Offline
        JKnott @cmcqueen
        last edited by

        @cmcqueen said in IPv6 Track Interface not getting IPv6:

        I'm in Australia

        So, you must work on the LAN Down Under. ๐Ÿ˜‰

        I'm not familiar with the term IPoE, apparently it's similar to PPPoE. However, perhaps you should consider a UPS. I have one here, which keeps pfSense and my modem up, even if there's a power hit. Failing that, perhaps you could create a script that pings some IPv6 address at interval and causes the DHCPv6 client to restart when it fails.

        PfSense running on Qotom mini PC
        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
        UniFi AC-Lite access point

        I haven't lost my mind. It's around here...somewhere...

        B 1 Reply Last reply Reply Quote 0
        • cmcqueenC Offline
          cmcqueen
          last edited by

          LAN Down Under โ€” ha, I like it!

          IPoE is really just a funny way of saying regular IP over Ethernet. The term is mostly used to contrast with PPPoE in the context of broadband internet service. See What exactly is IPoE?

          As for your suggestions... a UPS is a good idea, and I hope one day to get one. However, without a UPS, I think the pfSense should still be able to initiate IPv6 on the LAN interfaces once IPv6 is acquired on the WAN via DHCPv6. This seems like a pfSense bug. It's not a problem with the DHCPv6 client โ€” the WAN gets its IPv6 address fine, it's just the LAN interfaces configured for "Track Interface" that don't get their IPv6 address initialised properly.

          JKnottJ 1 Reply Last reply Reply Quote 0
          • JKnottJ Offline
            JKnott @cmcqueen
            last edited by JKnott

            @cmcqueen

            Last year, when I had an IPv6 problem with my ISP, I used Wireshark in order to see what was happening. In order to capture the frames, I configured a 5 port managed switch as a network tap, which I inserted between my modem and pfSense. I was then able to examine the DHCPv6 packets to see there was a problem at the cable company's head end. I was even able to identify the failing system by name. However, you'd need a UPS for something like that to survive a power hit, at least for the switch. You could use a notebook computer, with it's own battery, to run Wireshark on.

            PfSense running on Qotom mini PC
            i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
            UniFi AC-Lite access point

            I haven't lost my mind. It's around here...somewhere...

            1 Reply Last reply Reply Quote 0
            • cmcqueenC Offline
              cmcqueen
              last edited by

              Another important point:

              When I originally configured LAN IPv6 to "Track Interface", in pfSense 2.4.4-p3, and it didn't get an IPv6 address until I released and renewed the WAN โ€” that was using a different Internet provider. I was using Internode, with the WAN being PPPoE with VLAN tagging. Then when I switched Internet provider to Aussie Broadband, I had the same issue, but that uses IPoE instead.

              Since I've had the same issue with two different Internet providers, and with both PPPoE and IPoE, that makes it more likely that this is a pfSense issue, not an issue with a particular Internet provider.

              1 Reply Last reply Reply Quote 0
              • cmcqueenC Offline
                cmcqueen
                last edited by

                This might also be relevant:

                https://redmine.pfsense.org/issues/5999

                I do have a Virtual IPv6 address on my WAN (because my Internet provider (Aussie Broadband) appears to have broken routing on the IPv6 address that it assigns to my router WAN via DHCPv6).

                JKnottJ 1 Reply Last reply Reply Quote 0
                • JKnottJ Offline
                  JKnott @cmcqueen
                  last edited by

                  @cmcqueen

                  If it's the same as I experienced, I just manually added the ISP's prefix on the Router Advertisement. For some reason, pfSense stops automatically doing that, when you add a ULA prefix. However, I don't think that's your issue, as I don't recall you mentioning ULA before. I'm on a cable modem, so I can't help with PPPoE or IPoE.

                  PfSense running on Qotom mini PC
                  i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
                  UniFi AC-Lite access point

                  I haven't lost my mind. It's around here...somewhere...

                  1 Reply Last reply Reply Quote 0
                  • B Offline
                    biggsy @JKnott
                    last edited by

                    @cmcqueen

                    Would really like to know how you've got IPv6 working with ABB.

                    @JKnott said

                    So, you must work on the LAN Down Under. ๐Ÿ˜‰

                    This was sent to me when the movie was still relatively recent.

                    Silence.PNG

                    JKnottJ 1 Reply Last reply Reply Quote 0
                    • JKnottJ Offline
                      JKnott @biggsy
                      last edited by

                      @biggsy

                      Then there's the network song This LAN is Your LAN. ๐Ÿ˜‰

                      PfSense running on Qotom mini PC
                      i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
                      UniFi AC-Lite access point

                      I haven't lost my mind. It's around here...somewhere...

                      1 Reply Last reply Reply Quote 0
                      • cmcqueenC Offline
                        cmcqueen
                        last edited by

                        I've got 2.4.5-p1 running now. Today I switched the power off and back on. When the NBN device and the router restarted, all the IPv6 addresses were assigned properly. So that's a good improvement!

                        Other than the pfSense upgrade to 2.4.5-p1, I haven't changed any configuration. So maybe it's an improvement in 2.4.5-p1. But, I can't say for sure, because it's possible my Internet provider has made some configuration changes which improved it.

                        JKnottJ 1 Reply Last reply Reply Quote 0
                        • JKnottJ Offline
                          JKnott @cmcqueen
                          last edited by

                          @cmcqueen

                          Make sure you have Do not allow PD/Address release on the WAN page set.

                          PfSense running on Qotom mini PC
                          i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
                          UniFi AC-Lite access point

                          I haven't lost my mind. It's around here...somewhere...

                          cmcqueenC 1 Reply Last reply Reply Quote 0
                          • cmcqueenC Offline
                            cmcqueen
                            last edited by

                            A comment on Whirlpool says:

                            A lot of routers use the WIDE-DHCPV6 package. And many of them have not incorporated the patch listed below. Without the patch, if the DHCP client gets a response that it wasn't expecting, it just gives up and stops trying.

                            โ€“ Add patch 0018 to ignore advertise messages with none of
                              requested data and missed status codes.
                            

                            https://metadata.ftp-master.debian.org/changelogs/main/w/wide-dhcpv6/wide-dhcpv6_20080615-22_changelog

                            Patch: https://pastebin.com/a8wCHdHD

                            Does pfSense use the WIDE-DHCPV6 client? If so, does it incorporate this patch?

                            1 Reply Last reply Reply Quote 0
                            • cmcqueenC Offline
                              cmcqueen @JKnott
                              last edited by

                              @JKnott said in IPv6 Track Interface not getting IPv6:

                              Make sure you have Do not allow PD/Address release on the WAN page set.

                              Is this generic advice, or advice tuned to my Internet provider (Aussie Broadband)?

                              If it's generic advice, why is Do not allow PD/Address release a user option?

                              N JKnottJ 2 Replies Last reply Reply Quote 0
                              • N Offline
                                netblues @cmcqueen
                                last edited by

                                @cmcqueen 55d3e880-90b3-437c-a617-80a7b822948a-image.png

                                its there, on the wan interface page
                                Its not tuned to aussies :)

                                (but its not that important, since this is meaningful only when interfaces close gracefully.
                                On a power outage, line disconnection etc, you never get the time to send such things anyways)
                                And isp's often don't really care and always issue a new prefix upon reconnection

                                1 Reply Last reply Reply Quote 0
                                • JKnottJ Offline
                                  JKnott @cmcqueen
                                  last edited by

                                  @cmcqueen

                                  I'm in Canada, so it's not an Aussie thing. As for why it's there, previously it wasn't and the prefix would frequently change. I suppose there is a reason why someone would want to always release the prefix, but I don't know what that is, other than perhaps changing ISP or something.

                                  PfSense running on Qotom mini PC
                                  i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
                                  UniFi AC-Lite access point

                                  I haven't lost my mind. It's around here...somewhere...

                                  1 Reply Last reply Reply Quote 0
                                  • First post
                                    Last post
                                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.