Let me know if you're looking for someone to test the fix for Bug 5993



  • I'm one of the users trying to get pfsense to work with an ISP that requires the prefix to be delegated before RS will be sent. If you're looking for someone to test the fix, let me know.



  • Hi.

    It's been working fine on my system for a couple of months, I've created a pull for this patch to go to the mainline, pending some testing by others in the prod team it should appear shortly.

    If you want to try it, use the system/patches in pfSense and use this commit URL 8c661bc8555321b76656e8a9723b4a7189eceb30

    Once the patch is in place, got to your WAN settings and tick 'Do not wait for a RA', save the WAN settings. Don't forget to get rid of your manual DHCP6C client launch process however you have done it and then reboot just to make sure there are no stray clients left hanging about.

    Good luck and you do so at your own risk!  :)

    BTW, this patch is up to date with the current release.



  • Thanks for the reply. I'll give it a try and report back.



  • You can apply the patch to test. I merged the PR, but only to 2.4 as it'll need more run time in snapshots before putting out a release and 2.3.2 release likely will be built tomorrow.



  • I tried applying the patch to 2.3.1 p5, as well as to 2.3.2 latest (to both stable and development branches). It did not work in either case. I verified it's not a problem with the isp edge router by manually starting dhcp6c, which did result in a /56 prefix being delegated and my test pc getting both ipv4 and ipv6 addresses, although the dhcp6 gateway status was showing pending, not online. If it matters, I'm testing on a hyper-v.

    I'd like to do whatever I can to help get this feature working. What baseline should I be working with to test the patch? What logs should I post and where should I post them (i.e., here or https://redmine.pfsense.org/issues/5993)?



  • @bimmerdriver:

    I tried applying the patch to 2.3.1 p5, as well as to 2.3.2 latest (to both stable and development branches). It did not work in either case. I verified it's not a problem with the isp edge router by manually starting dhcp6c, which did result in a /56 prefix being delegated and my test pc getting both ipv4 and ipv6 addresses, although the dhcp6 gateway status was showing pending, not online. If it matters, I'm testing on a hyper-v.

    I'd like to do whatever I can to help get this feature working. What baseline should I be working with to test the patch? What logs should I post and where should I post them (i.e., here or https://redmine.pfsense.org/issues/5993)?

    Are you saying the patch failed to apply or it made no difference?

    If the patch is failing to apply that's a bit weird. If the patch applied but did not work for you then I'll work with you to try and find out why not.



  • @marjohh:

    @bimmerdriver:

    I tried applying the patch to 2.3.1 p5, as well as to 2.3.2 latest (to both stable and development branches). It did not work in either case. I verified it's not a problem with the isp edge router by manually starting dhcp6c, which did result in a /56 prefix being delegated and my test pc getting both ipv4 and ipv6 addresses, although the dhcp6 gateway status was showing pending, not online. If it matters, I'm testing on a hyper-v.

    I'd like to do whatever I can to help get this feature working. What baseline should I be working with to test the patch? What logs should I post and where should I post them (i.e., here or https://redmine.pfsense.org/issues/5993)?

    Are you saying the patch failed to apply or it made no difference?

    If the patch is failing to apply that's a bit weird. If the patch applied but did not work for you then I'll work with you to try and find out why not.

    Thank you for the reply. The patch appeared to apply correctly, but it doesn't work. There is no visible difference other than the new setting appearing. After applying the setting, I tried various things such as disabling and re-enabling the WAN interface, releasing and renewing DHCP on status / interfaces and rebooting. Before and after applying the patch, WAN_DHCP6 gateway status is "pending" and status / DHCP6 leases says there is no lease file and the DHCP6 is not running. If I manually start dhcp6c in a shell, it seems to start and the PC acquires an ipv6 address (ipv6 is working), even though this has no effect on the status of the gateway.

    As I said above, I applied the patch to the latest (as of last night) development snapshot of 2.3.2. If I should be using another release, I will do so.

    I hope that helps. Let me know if I should post logs.

    Thanks again.



  • We've taken this to pm whilst we sort this out.



  • @marjohh:

    We've taken this to pm whilst we sort this out.

    It turns out there was a minor issue with the original patch (8c661bc8555321b76656e8a9723b4a7189eceb30) that was causing dhcp6c to not start. This has been fixed by a second patch (8deada1f3e8db508e8e583e5287e465548f33325). (The original patch must be installed prior to the second patch.) I have these patches installed on pfSense-CE-2.3.2-DEVELOPMENT-amd64-20160718-2327.iso and they are working well. The DHCP6 WAN gateway starts reliably and comes online right away. In the case of my ISP, it seems fully compatible. Anyone wanting to give it a try should go ahead and do so.

    For the record, the test configuration is the following:

    ISP: Telus
    Service: Internet 50 (bonded)
    Modem: Actiontec T2200H
    WAN IF: Bridged port 1

    I have two instances of pfsense connected to the WAN IF. They are both running on a windows 2012R2 hyper-v server. One is using a tunnelbroker tunnel for ipv6. The other is getting native ipv6 using the patches. I'm testing this instance of pfsense with a single windows 10 client vm connected with a private virtual switch.

    As I said above, the WAN gateway is working reliably but I have noticed some anomalous behaviour of dhcpd -6. Sometimes it doesn't start after a reboot. "Status DHCPv6 Leases" shows "No leases file found. Is the DHCPv6 server active" and there is no process running. In this case, I've found that disabling the dhcpv6 service  and re-enabling it causes the process to start. Also, occasionally, I see the same message even though the dhcpd -6 process is running. In this case, I've found that disabling and re-enabling the ethernet adapter on the client pc and causes the lease to show up. I've also noticed occasionally that disabling the dhcpv6 service and re-enabling it results in two instances of dhcpd -6 and dhcpleases6 to be running. This goes away with a reboot.



  • I did a fresh installation of 2.3.2 and then installed the patches. They work fine. The DHCP6 WAN gateway comes online right away.



  • I've been using these patches for a week now. I was originally running with a single windows 10 client, but I created some additional vms so there are now 4 clients. Another user from my ISP is also testing it. As far as I know, it's working properly for him. Hopefully tomorrow, I'll have time to switch my LAN over to use this patch, which will be a bigger test of 20-30 *nix, windows and android clients.

    It would be great if some other users could give the patches a test so the feedback can be reported to the developers. Even if you don't require the patch, your test results are useful. The patch needs to be tested with and without the "do not wait for RA" setting enabled.



  • It appears that Netflix in their wisdom are now blocking Hurricane Electric's tunnel broker so I spent some time today playing with Telus' IPv6 on pfsense (previously I gave up without success, turned out it was because of the bug discussed upthread).

    I've applied both patches mentioned and I can now pick up a prefix and am successfully handing out addresses to my LAN. It all seems to be working as advertised and after a couple of reconfigurations and reboots I haven't seen any difficulties. Thanks very much for the pointers! Bimmerdriver I've been e-stalking you around various threads here and on the Telus forums while I figured this out, so thanks for doing all the hard work for me  :D

    I'm now trying to decide whether I'm going to stick with this or move over to ULAs. I don't know how static Telus' delegated prefix will be and I don't like the idea of having to reconfigure things on my network if it changes. I saw a discussion elsewhere about a 1:1 NAT mapping between PD addresses and ULAs, I'll have to see if that's a possibility…



  • @turkeycannon:

    It appears that Netflix in their wisdom are now blocking Hurricane Electric's tunnel broker so I spent some time today playing with Telus' IPv6 on pfsense (previously I gave up without success, turned out it was because of the bug discussed upthread).

    I've applied both patches mentioned and I can now pick up a prefix and am successfully handing out addresses to my LAN. It all seems to be working as advertised and after a couple of reconfigurations and reboots I haven't seen any difficulties. Thanks very much for the pointers! Bimmerdriver I've been e-stalking you around various threads here and on the Telus forums while I figured this out, so thanks for doing all the hard work for me  :D

    I'm now trying to decide whether I'm going to stick with this or move over to ULAs. I don't know how static Telus' delegated prefix will be and I don't like the idea of having to reconfigure things on my network if it changes. I saw a discussion elsewhere about a 1:1 NAT mapping between PD addresses and ULAs, I'll have to see if that's a possibility…

    Glad to hear it's working for you. We also discovered that netflix is blocking HE, so it's nice to have native ipv6 finally. The added benefit is that native ipv6 is a lot faster than HE. (In my case, the performance of ipv4 and ipv6 for ping, upload and download is the same, using the xfinity speedtest.)

    WRT the prefix, an engineer at Telus told me it "should" be static as long as the DUID doesn't change and the router doesn't go offline for an extended duration.

    Note, the patches aren't necessarily final. The person who wrote them is still looking at some minor changes so it better handles  start-up and shut-down.

    Watch this space.



  • Where did I found the patch for 2.3.2 p1 ?