Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [SOLVED] IPv6 LAN stops working during bootup.

    Scheduled Pinned Locked Moved IPv6
    4 Posts 2 Posters 787 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      datahazard
      last edited by

      I recently set up an HE tunnel to add IPv6 support to my network. When the router boots "Starting Firewall" rolls by twice on the console.  After the first time, I'm able to ping the router's LAN IPv6 address from a computer on the network, as well as external IPv6 addresses (facebook). I'm also able to ping nodes on the LAN network without an issue.  After the second  time it rolls by I'm unable to reach the router via its IPv6 address from any node on the network and the router is unable to reach any ipv6 address on the LAN.  Traceroutes to any node on the LAN network give me !A from the router's address. From the router I'm able to get to any external IPv6 through the tunnel.

      I've verified IPv6 is enabled in Advanced Settings.
      I've tried adding any/any rules to the firewall.
      I've tried completely disabling the firewall temporarily.
      I've tried blowing away the tunnel and just setting up an IPv6 lan with the same issue.
      I've verified my routing tables are correct.

      At this point any help would be appreciated because I'm completely at a loss.

      When it stops working the system.log looks like this:
      Mar 28 12:11:57 firewall kernel: ..
      Mar 28 12:11:59 firewall check_reload_status: updating dyndns WAN_DHCP
      Mar 28 12:11:59 firewall check_reload_status: Restarting ipsec tunnels
      Mar 28 12:11:59 firewall check_reload_status: Restarting OpenVPN tunnels/interfaces
      Mar 28 12:11:59 firewall check_reload_status: Reloading filter
      Mar 28 12:12:00 firewall check_reload_status: updating dyndns WANGW
      Mar 28 12:12:00 firewall check_reload_status: Restarting ipsec tunnels
      Mar 28 12:12:00 firewall check_reload_status: Restarting OpenVPN tunnels/interfaces
      Mar 28 12:12:00 firewall check_reload_status: Reloading filter
      Mar 28 12:12:23 firewall kernel: .done.
      Mar 28 12:12:23 firewall kernel: ipfw2 (+ipv6) initialized, divert loadable, nat loadable, default to accept, logging disabled
      Mar 28 12:12:23 firewall kernel: DUMMYNET 0 with IPv6 initialized (100409)
      Mar 28 12:12:23 firewall kernel: load_dn_sched dn_sched FIFO loaded
      Mar 28 12:12:23 firewall kernel: load_dn_sched dn_sched QFQ loaded
      Mar 28 12:12:23 firewall kernel: load_dn_sched dn_sched RR loaded
      Mar 28 12:12:23 firewall kernel: load_dn_sched dn_sched WF2Q+ loaded
      Mar 28 12:12:23 firewall kernel: load_dn_sched dn_sched PRIO loaded

      My routing tables look correct:

      Routing tables

      Internet6:
      Destination                      Gateway                      Flags      Netif Expire
      ::1                                    link#8                        UH          lo0
      MYIPV6PREFIX::/64          link#2                        U          em1
      MYIPV6PREFIX:3::5          link#2                        UHS        lo0
      fe80::%em0/64                    link#1                        U          em0
      fe80::290:27ff:feee:a042%em0      link#1                        UHS        lo0
      fe80::%em1/64                    link#2                        U          em1
      fe80::290:27ff:feee:a043%em1      link#2                        UHS        lo0
      fe80::%lo0/64                    link#8                        U          lo0
      fe80::1%lo0                      link#8                        UHS        lo0
      fe80::%ovpns1/64                  link#9                        U        ovpns1
      fe80::290:27ff:feee:a042%ovpns1  link#9                        UHS        lo0
      ff01::%em0/32                    fe80::290:27ff:feee:a042%em0  U          em0
      ff01::%em1/32                    fe80::290:27ff:feee:a043%em1  U          em1
      ff01::%lo0/32                    ::1                          U          lo0
      ff01::%ovpns1/32                  fe80::290:27ff:feee:a042%ovpns1 U        ovpns1
      ff02::%em0/32                    fe80::290:27ff:feee:a042%em0  U          em0
      ff02::%em1/32                    fe80::290:27ff:feee:a043%em1  U          em1
      ff02::%lo0/32                    ::1                          U          lo0
      ff02::%ovpns1/32                  fe80::290:27ff:feee:a042%ovpns1 U        ovpns1

      1 Reply Last reply Reply Quote 0
      • D
        datahazard
        last edited by

        Deleting my Captive Portal resolved this issue. I haven't tried to find Captive Portal settings that work yet.

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned
          last edited by

          CP has never worked with IPv6.

          1 Reply Last reply Reply Quote 0
          • D
            datahazard
            last edited by

            I suspected CP early on and unchecked the "Enable Captive Portal" box in the config, clicked save, it didn't fix it. Rebooted, still didn't fix… it wasn't until much later that I realized that the checkbox doesn't seem to do anything. Once I clicked save and left the page assuming it accepted the setting, coming back to that page showed it was checked as enabled again. I tried a few times to just disable it and every time the box was left checked. Finally I just deleted the captive portal and everything IPv6 lit up as expected.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.