Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Strange behavior with Apple Airport Extremes

    Scheduled Pinned Locked Moved Hardware
    6 Posts 3 Posters 779 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      Guest
      last edited by

      Sorry if this is in the wrong forum

      I'm seeing some rather strange behaviour from Apple Airport Extremes connected to pfSense 2.4 (yes I know its beta but I was seeing the same at 2.3)

      Basically every few minutes a number of the Apples devices (NOT ALL) will issue a solicit and my log is full of this type of sequence

      Feb 3 07:39:47 dhcpd Solicit message from fe80::66a5:c3ff:fe60:ecfa port 546, transaction ID 0x9DED4000
      Feb 3 07:39:47 dhcpd Advertise NA: address 2a02:wwww:xxxx:yyyy:eeee:9d4e:1f05:a4f to client with duid 00:03:00:01:64:a5:c3:60:ec:fa iaid = -1017058054 valid for 7200 seconds
      Feb 3 07:39:47 dhcpd Sending Advertise to fe80::66a5:c3ff:fe60:ecfa port 546

      The network topology of the Airports can be seen in the attached image
      The worse offender is the one marked Rectory Cinema

      I have tried swapping the AP around but it seems to be location based not specific to a AP.

      Cable tests show no issues

      I have NO connectivity issues and devices attached either wired or wirelessly to the AP's get both IPv4 and IPv6 address without problems

      ![Screen Shot 2017-02-03 at 07.13.23.png](/public/imported_attachments/1/Screen Shot 2017-02-03 at 07.13.23.png)
      ![Screen Shot 2017-02-03 at 07.13.23.png_thumb](/public/imported_attachments/1/Screen Shot 2017-02-03 at 07.13.23.png_thumb)

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Where is pfSense in that network?

        Which device is sending the solicit messages? Or does it vary/all of them?

        Steve

        1 Reply Last reply Reply Quote 0
        • ?
          Guest
          last edited by

          Sorry should have made that clear

          PfSense sits between the internet and rectory office (WAN out to internet  LAN out to Rectory Office AP)

          The troublesome AP's are

          Rectory Office
          Rectory Cinema

          I have swapped AP around but its always the AP in these locations

          1 Reply Last reply Reply Quote 0
          • ?
            Guest
            last edited by

            So I have discovered that by setting the Airport Extremes to link-local only (image 2) as apposed to the default of Automatic (image 1)

            The issue disappears and I am still able to distribute IPv4 and IPv6 address to any clients attached to the AP's

            Not sure thats actually a valid setup in true IPv6 terms, but it means my log is not filling up and I can still access clients via IPv6 which is my end goal so I can live with it until someone tells me what either I'm doing wrong or confirms that Apple is breaking some rules

            ![Screen Shot 2017-02-04 at 00.00.46.png](/public/imported_attachments/1/Screen Shot 2017-02-04 at 00.00.46.png)
            ![Screen Shot 2017-02-04 at 00.00.46.png_thumb](/public/imported_attachments/1/Screen Shot 2017-02-04 at 00.00.46.png_thumb)
            ![Screen Shot 2017-02-04 at 00.00.29.png](/public/imported_attachments/1/Screen Shot 2017-02-04 at 00.00.29.png)
            ![Screen Shot 2017-02-04 at 00.00.29.png_thumb](/public/imported_attachments/1/Screen Shot 2017-02-04 at 00.00.29.png_thumb)

            1 Reply Last reply Reply Quote 0
            • K
              kpa
              last edited by

              Link-local only is perfectly fine if you don't need a routable IPv6 addresses on the APs, they will be reachable on the same network segment by their link-local IPv6 addresses. If you use the automatic setting the device will keep sending router solicitation messages periodically and that's where your log spam is from.

              1 Reply Last reply Reply Quote 0
              • ?
                Guest
                last edited by

                @kpa:

                Link-local only is perfectly fine if you don't need a routable IPv6 addresses on the APs, they will be reachable on the same network segment by their link-local IPv6 addresses. If you use the automatic setting the device will keep sending router solicitation messages periodically and that's where your log spam is from.

                I would expect them to send solicitation messages every 2 hours or so as 7200 seconds is the lease time but they were doing it every few minutes

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.