PFSense Not Working with DHCPV6 or Stateless on tracking interface
-
It's a setting in the pfSense 2.4 beta.
-
I'll have to watch for that new version. Any idea when it will be available?
-
I'll have to watch for that new version. Any idea when it will be available?
For several months now… Its in beta but its very stable. Either install from clean, my preference, or you can select 2.4 as you should find it in update/update settings.
-
You can also turn on 'Do not send release' which will prevent dhcp6c from sending a release signal, some ISP's will give you a new address/prefix if they get a release signal.
I've found that in v2.3.3 and have set it. Hopefully it works, so my prefix won't change simply because I unplugged my Ethernet cable.
Incidentally, why did pfSense send a DHCPv6 release when the computers was merely disconnected from the modem & reconnected? I could see that happening when I monitored the connection with Wireshark. A release is something that should be specifically requested and not occur for something as trivial as a disconnect/reconnect.
-
You can also turn on 'Do not send release' which will prevent dhcp6c from sending a release signal, some ISP's will give you a new address/prefix if they get a release signal.
I've found that in v2.3.3 and have set it. Hopefully it works, so my prefix won't change simply because I unplugged my Ethernet cable.
Incidentally, why did pfSense send a DHCPv6 release when the computers was merely disconnected from the modem & reconnected? I could see that happening when I monitored the connection with Wireshark. A release is something that should be specifically requested and not occur for something as trivial as a disconnect/reconnect.
Because dhcp6c exits and on exit it sends a release, hence the addition of the no-release flag and an updated dhcp6c client.
-
The question is why it sends the release by default. With IPv4 DHCP, a device normally requests the same address on re-connection and gets it if available. You have to specifically request a release. Why shouldn't it be the same with IPv6?
-
The question is why it sends the release by default. With IPv4 DHCP, a device normally requests the same address on re-connection and gets it if available. You have to specifically request a release. Why shouldn't it be the same with IPv6?
Because it's a totally different client and bears little resemblance to its v4 counterpart.
-
DHCPv6 has something called "DUID" the purpose of which is to identify the client so it get the same prefix. Having the default release means that no longer works. With IPv4, a changed address could affect a single device, but on IPv6 at least a /64, but often more, affecting potentially gazillions of addresses. When the prefix changed, I had to go and update all the DNS entries for devices on my network, even if I did nothing more than connect in a managed switch, so that I could monitor the traffic with Wireshark. I don't think the release should be happening, unless specifically requested, as happens with IPv4.
-
That's why it's been modified along with the DUID stored in the config.
-
I've found that in v2.3.3 and have set it. Hopefully it works, so my prefix won't change simply because I unplugged my Ethernet cable.
It appears to work. I have disconnected/reconnected the WAN cable several times since yesterday. My prefix stays the same and I'm not seeing any DHCPv6 release.
-
I've found that in v2.3.3 and have set it. Hopefully it works, so my prefix won't change simply because I unplugged my Ethernet cable.
It appears to work. I have disconnected/reconnected the WAN cable several times since yesterday. My prefix stays the same and I'm not seeing any DHCPv6 release.
:) That's OK then.
I began the work on dhcp6c almost a year ago when my ISP rolled out IPv6. There were quite a few issues to deal with, dhcp6 before RA being the first. Then there was loss of PD when ever the connection dropped, partially corrected by the no-release flag but if you ran a RAM drive then the DUID would change, this could be avoided by using an early shell command to copy the DUID from the drive to the RAM at boot, but it was still not held in the config; this was done a couple of months back. We are now awaiting a further PR to be accepted upstream which adds a few other features missing from dhcp6c. I and my testers are running it and we now have VERY quiet logs.
-
I'll keep an eye on it for a while. If it fails again, I'll report back.
-
It's been tested to death for the last 'n' months, solid as a rock. The only time we see any change in PD now is when the ISP resets their servers, and there's nothing we can do about that.
-
I just posted a message about this on a forum for customers of my ISP (Rogers).
-
I'm one of the people who has been testing these features since marjohn56 started to develop them. I'm on Telus and there are other Telus users who have also been using these features. I started a thread in www.dslreports.com/forum/telus about it.
-
I can confirm the changes in 2.4b by marjohn work wonders, on sky UK, it works with perfection now.
-
yes I'm also running @marjohn56 patch on Sky in the UK and its so stable its becoming a little dull now LOL
And my logs are ALL SO QUIET
-
Comcast has now assigned me a static IPv6, which has "resolved" my issue, in theory
I still think unmanaged RA + Tracking interface should work.
What would be a good way to collect information on why its not working?
-
Comcast has now assigned me a static IPv6, which has "resolved" my issue, in theory
I still think unmanaged RA + Tracking interface should work.
What would be a good way to collect information on why its not working?
Tracking interface refers to the ISP. Unmanaged RA refers to your LAN. Try using assisted.
-
Tracking for v6 sets the IP to something based off the IP used on the tracked interface
2604:301a:936:eb00::xxxx when tracked goes to 2604:301a:936:ebe0::xxxx
I altered my IP, as to not expose it to the forum.
If I have tracking on, and enable RA, RA doesn't assign my windows boxes IPs.
If I take the same exact totally unaltered IP that tracking gives me, and make it static, RA works.That screams bug to me.
Assisted doesn't make a difference. I've also tried it. It works exactly like unmanaged for IP assignment, from what I can tell.
I just want to make sure this is bug before I report it to the bugtracker
