[SOLVED] IPv6 LAN stops working during bootup.
-
I recently set up an HE tunnel to add IPv6 support to my network. When the router boots "Starting Firewall" rolls by twice on the console. After the first time, I'm able to ping the router's LAN IPv6 address from a computer on the network, as well as external IPv6 addresses (facebook). I'm also able to ping nodes on the LAN network without an issue. After the second time it rolls by I'm unable to reach the router via its IPv6 address from any node on the network and the router is unable to reach any ipv6 address on the LAN. Traceroutes to any node on the LAN network give me !A from the router's address. From the router I'm able to get to any external IPv6 through the tunnel.
I've verified IPv6 is enabled in Advanced Settings.
I've tried adding any/any rules to the firewall.
I've tried completely disabling the firewall temporarily.
I've tried blowing away the tunnel and just setting up an IPv6 lan with the same issue.
I've verified my routing tables are correct.At this point any help would be appreciated because I'm completely at a loss.
When it stops working the system.log looks like this:
Mar 28 12:11:57 firewall kernel: ..
Mar 28 12:11:59 firewall check_reload_status: updating dyndns WAN_DHCP
Mar 28 12:11:59 firewall check_reload_status: Restarting ipsec tunnels
Mar 28 12:11:59 firewall check_reload_status: Restarting OpenVPN tunnels/interfaces
Mar 28 12:11:59 firewall check_reload_status: Reloading filter
Mar 28 12:12:00 firewall check_reload_status: updating dyndns WANGW
Mar 28 12:12:00 firewall check_reload_status: Restarting ipsec tunnels
Mar 28 12:12:00 firewall check_reload_status: Restarting OpenVPN tunnels/interfaces
Mar 28 12:12:00 firewall check_reload_status: Reloading filter
Mar 28 12:12:23 firewall kernel: .done.
Mar 28 12:12:23 firewall kernel: ipfw2 (+ipv6) initialized, divert loadable, nat loadable, default to accept, logging disabled
Mar 28 12:12:23 firewall kernel: DUMMYNET 0 with IPv6 initialized (100409)
Mar 28 12:12:23 firewall kernel: load_dn_sched dn_sched FIFO loaded
Mar 28 12:12:23 firewall kernel: load_dn_sched dn_sched QFQ loaded
Mar 28 12:12:23 firewall kernel: load_dn_sched dn_sched RR loaded
Mar 28 12:12:23 firewall kernel: load_dn_sched dn_sched WF2Q+ loaded
Mar 28 12:12:23 firewall kernel: load_dn_sched dn_sched PRIO loadedMy routing tables look correct:
Routing tables
Internet6:
Destination Gateway Flags Netif Expire
::1 link#8 UH lo0
MYIPV6PREFIX::/64 link#2 U em1
MYIPV6PREFIX:3::5 link#2 UHS lo0
fe80::%em0/64 link#1 U em0
fe80::290:27ff:feee:a042%em0 link#1 UHS lo0
fe80::%em1/64 link#2 U em1
fe80::290:27ff:feee:a043%em1 link#2 UHS lo0
fe80::%lo0/64 link#8 U lo0
fe80::1%lo0 link#8 UHS lo0
fe80::%ovpns1/64 link#9 U ovpns1
fe80::290:27ff:feee:a042%ovpns1 link#9 UHS lo0
ff01::%em0/32 fe80::290:27ff:feee:a042%em0 U em0
ff01::%em1/32 fe80::290:27ff:feee:a043%em1 U em1
ff01::%lo0/32 ::1 U lo0
ff01::%ovpns1/32 fe80::290:27ff:feee:a042%ovpns1 U ovpns1
ff02::%em0/32 fe80::290:27ff:feee:a042%em0 U em0
ff02::%em1/32 fe80::290:27ff:feee:a043%em1 U em1
ff02::%lo0/32 ::1 U lo0
ff02::%ovpns1/32 fe80::290:27ff:feee:a042%ovpns1 U ovpns1 -
Deleting my Captive Portal resolved this issue. I haven't tried to find Captive Portal settings that work yet.
-
CP has never worked with IPv6.
-
I suspected CP early on and unchecked the "Enable Captive Portal" box in the config, clicked save, it didn't fix it. Rebooted, still didn't fix… it wasn't until much later that I realized that the checkbox doesn't seem to do anything. Once I clicked save and left the page assuming it accepted the setting, coming back to that page showed it was checked as enabled again. I tried a few times to just disable it and every time the box was left checked. Finally I just deleted the captive portal and everything IPv6 lit up as expected.