IPv6 No Gateway after 2.5 upgrade
-
@provels
Haven't had to do it myself, but my understanding is you disable v6, then delete /var/db/dhcp6c_duid, reboot and re-enable. I may have too many or too few reboots in there. -
@dotdash
Thanks. Gave it a shot but no difference. Thanks again.FWIW, I'm on Comcast, too.
-
Upgraded from 2.4.5-p1 and also encountering this issue with Spectrum (legacy TWC). IPv6 and PD is working, but the gateway status is not being monitored. Reboot did not help. Also rebooted modem. I also tried switching off "do not wait for RA" on the WAN interface, thinking that it needed to see the router IP from the RA, but that also did not change anything.
This was affecting my dynamic DNS, as the IPv6 address wasn't being picked up off of the WAN interface anymore. Saving the WAN_DHCP6 gateway in Gateway settings fixed that, but it still doesn't report the gateway status, and simply shows "Pending".
-
Same issue here after upgrade an hour or so ago.
Pending a resolution I have disabled IPV6 and IPV6 gateway.
-
Found a workaround: Edit the IPv6 gateway and manually set the Monitor IP to the link-local address of the gateway.
It doesn’t fix that this should be automatically read, presumably out of the routing table, but it at least gets the gateway monitor working until a more permanent resolution is known.
-
I am having the same issue. Everything IPv6 is working post 21.02 (2.5) upgrade except for the monitoring. I've tried countless configuration changes and am giving up for the night.
-
Have you configured something to happen when the monitor fails? If not, why use it?
-
Renabled IP6 / XFinity this morning. Disabled monitoring.
From the SSH console interface I can ping the Google IP6 DNS servers fine.
From a shell I cannot ping the Google IP6 DNS servers.
Disabled IP6 and deleted the DUID file under /var/db/dhcp6c_duid
per
Comcast's IPv6 prefix delegation is based on the DUID of your system as generated when it was first being set up.
-
@jknott It seemed to be affecting dynamic DNS.
Dynamic DNS (RFC2136 clients) was only publishing an A record for a DDNS update that should have included the v4 and v6 IPs of the WAN interface, and had with 2.4.5-p1. That's what originally led me to start looking to see if something odd was going on with IPv6 or DHCP6 after the upgrade.
Once I added the gateway monitor manually, it immediately posted a new DDNS update with a AAAA record added.
-
Could you provide more information about your configuration?
Unable to reproduce it in my testing environment:
-
Renabled IP6 on the WAN interface.
I can now ping the Google IP6 DNS server: 2001:4860:4860::8888
From the console:
root: ping6 2001:4860:4860::8888
PING6(56=40+8+8 bytes) 2607:XXX --> 2001:4860:4860::8888
16 bytes from 2001:4860:4860::8888, icmp_seq=0 hlim=117 time=40.559 ms
16 bytes from 2001:4860:4860::8888, icmp_seq=1 hlim=117 time=30.148 ms
16 bytes from 2001:4860:4860::8888, icmp_seq=2 hlim=117 time=39.546 ms
16 bytes from 2001:4860:4860::8888, icmp_seq=3 hlim=117 time=39.262 msTesting Comcast test-ipv6.comcast.net and ipv6-test.com shows I have no IP6.
IP6 Gateway states on Dashboard shows pending with status unknown.
-
@viktor_g I'm happy to assist, but I'm not certain what information to give. Can you be more specific?
Here's a bunch of stuff that may or may not be helpful :)
WAN
LAN
GATEWAY
RA
-
An update: my clients are now routing IPv6 correctly, but the gateway issue persists.
I needed to update a couple firewall rules, but my rules have been failing to apply since my CoDel limiter requires an address on my IPv6 gateway to function. I disabled the IPv6 pass rule that applies the limiter so that I could complete my other update. After doing so, IPv6 traffic has begun to flow again.
So it seems there is no issue with the underlying routing, in my case. Only that without a gateway address populated on the interface, I'm unable to apply my limiter. Possibly other issues? Not sure, but perhaps this changes the conversation a bit?
-
@k3nb5t What is that IPv6 Address pointed to for your monitor IP?
-
@spacey That's Google Public DNS. I don't use their DNS services, but I do ping them :)
https://developers.google.com/speed/public-dns/docs/using
-
@k3nb5t said in IPv6 No Gateway after 2.5 upgrade:
https://developers.google.com/speed/public-dns/docs/using
I'd hate to hijack the thread but I am also experiencing this issue with WAN IPv6 on Comcast, strangely under interfaces it says it has an IPv6 address, even for LAN, but under Gateways it says Unknown and Pending for IPv6- where it didn't previously before updating. I tried everything mentioned in this thread, also not quite sure why after editing the monitor IP (which didn't work) for WAN DHCPv6 it shows an anchor now
-
Actually Update- it works now after restarting and putting the monitor IP as Google (which I don't understand why this has to be done I don't want to use Google at all and never had this previously at all)
But still doesn't display correctly
-
@spacey said in IPv6 No Gateway after 2.5 upgrade:
why after editing the monitor IP (which didn't work) for WAN DHCPv6 it shows an anchor now
Because once you edited it and saved the gateway, it overrides the default in the list. If you delete it, the default will reappear and will not have an anchor. You will also notice that you won't be able to delete the default.
-
Got it working here too using the IP6 address on the WAN interface as a monitor ID.
On the LAN side I can now ping Google's IP6 DNS servers.
May change the monitor IP to Google IP6 DNS server as it was before.
1 - "What is my IP" is showing an IP6 address
2 - test-ipv6.comcast.net shows a 10 now
3 - ipv6-test.com shows 17/20.
4 - not showing an IP 6 gateway address in Dashboard
5 - not showing an IP 6 address in console
6 - can ping google's IP6 DNS servers from the console shell and pingAs mentioned above looks like but not sure that it is a DHCP6 issue or PFSense doesn't display gateway address anymore??
-
Seems like the IPv6 link-local gateway address is not being parsed and populated neither for Status | Gateways or Status | Interfaces
From my experience, it was partially defunct (restarting dpinger solved this after a reboot) on 2.4.5-p1 and completely borked now with pfSense+ 21.02 and pfSense CE 2.5.
