Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Sudden Issue with PPPoE & DHCP6

    Scheduled Pinned Locked Moved IPv6
    8 Posts 4 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      breakaway
      last edited by

      I look after a number of pfSense installations. My ISP hands out /48, /56 or /64 depending on what we've told them. The pfSense uses PPPoE to authenticate and get a static IPv4. For LAN, I use "IPv6 Conf Type: Track Interface" and set the WAN side interface to track.

      The settings I use are in a screenshot at the bottom of this post. This as worked flawlessly for about a year. But now suddenly I am having issues where if the PPPoE session drops or if the router is rebooted, the connection will FLAP (i.e. go up and down) for over 20 minutes. During this time if I view the log (Diagnostics > System Log > PPP) the connection is going up and down, up and down like crazy. Eventually (anywhere between 5-20 minutes), the PPPoE will establishes, but NO IPv6.

      During these 20 minutes, if I run a ping to this router's WAN IPv4, I see this:

      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 5.6.7.8: bytes=32 time=4ms TTL=60
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Request timed out.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 5.6.7.8: bytes=32 time=5ms TTL=60
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Request timed out.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 5.6.7.8: bytes=32 time=5ms TTL=60
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 5.6.7.8: bytes=32 time=5ms TTL=60
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Request timed out.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 5.6.7.8: bytes=32 time=4ms TTL=60
      Request timed out.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      Reply from 1.2.3.4: Destination host unreachable.
      

      So there's two problems here.
      1. If the router is ever rebooted or the PPP session drops, we're looking at a 5-20 minute outage!
      2. IPv6 isn't working at all.

      I have ruled this being a hardware problem out by trying multiple boxes running pfSense and even tried running a pfSense in a VM which was built from scratch (I have tried both 2.3.2 and 2.3.3) - nothing works.

      ISP doesn't want to play ball. They are saying "You're not using a CPE that is on our supported list so we can't help you". I am positive this is an issue at their end since all the connections that manifested this irritating bug started at around the same time. The only common factor is the ISP.

      What do I do to figure this out?

      1 Reply Last reply Reply Quote 0
      • ?
        Guest
        last edited by

        What happens if you run an approved CPE device, do you still see the same PPoE issue?

        1 Reply Last reply Reply Quote 0
        • B
          bimmerdriver
          last edited by

          Have you tried disabling the setting to request the prefix using ipv4? If you can use wireshark to capture the packets on the wan interface, it might help you figure out what's happening.

          1 Reply Last reply Reply Quote 0
          • B
            breakaway
            last edited by

            I have tried every setting from reducing the MTU to un-ticking that box. Nothing makes any difference.

            If I fired up wireshark, what am I looking for? I'm afraid my PPPoE session establishment is somewhat rusty!

            1 Reply Last reply Reply Quote 0
            • B
              bimmerdriver
              last edited by

              I'm not a wireshark expert, but I got it working by using the ip6 capture filter and I manually entered a display filter to remove everything else that I didn't want to see.

              Screen captures of the display filter and captured packets are attached.

              ![display filter.PNG](/public/imported_attachments/1/display filter.PNG)
              ![display filter.PNG_thumb](/public/imported_attachments/1/display filter.PNG_thumb)
              Capture.PNG
              Capture.PNG_thumb

              1 Reply Last reply Reply Quote 0
              • JKnottJ
                JKnott
                last edited by

                You could have filtered on ICMP6.

                PfSense running on Qotom mini PC
                i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                UniFi AC-Lite access point

                I haven't lost my mind. It's around here...somewhere...

                1 Reply Last reply Reply Quote 0
                • B
                  bimmerdriver
                  last edited by

                  @JKnott:

                  You could have filtered on ICMP6.

                  But then you don't get the dhcpv6 messages. Maybe I need to learn more about how wireshark capture filters work, but they seem to be very inflexible.

                  1 Reply Last reply Reply Quote 0
                  • ?
                    Guest
                    last edited by

                    I think the OP's problem is the same as reported here:

                    https://forum.pfsense.org/index.php?topic=126828.0

                    If so and it is 2.4 the OP is using, then it's fixed and a snapshot update will solve his issues.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.