Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPv6 stops working moments after booting after upgrade to 2.4.0

    Scheduled Pinned Locked Moved IPv6
    5 Posts 2 Posters 906 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jassmith
      last edited by

      Ever since upgrading to 2.4 I can no longer get pfSense to maintain an IPv6 address for anyting except the WAN_DHCP6 Gateway. My WAN interface has no address, my LAN interface has no address. When pfSense first boots if I restart the device, everything works for just long enough for me to log into the UI and see that there is an IPv6 address and subnet assigned tot he correct interfaces.

      ISP: Comcast Residential
      Hardware Model: SG-4860

      I for the life of me can't figure out why ipv6 no longer works.

      Here is my WAN DHCP6 config: https://i.imgur.com/xzLd8bm.png

      EDIT - I rebooted the router again, this time I immediately refreshed my IPv6 address on a client machine and was indeed able to ping out for a good 20 to 30 seconds before connectivity was lost.

      1 Reply Last reply Reply Quote 0
      • ?
        Guest
        last edited by

        Can you post the dhcp & system logs from boot to when you lose the IPv6 link. Hide any IP's if you wish to.

        Also, how are you providing IPv6 on the LAN side, managed, assisted etc, and can the client ping the gateway on IPv6?

        Is your firewall default or are you using anything like pfBlocker etc.

        1 Reply Last reply Reply Quote 0
        • J
          jassmith
          last edited by

          dhcp log: https://gist.github.com/jassmith/a266bb2c8453526c17e18bfd15bdf737
          syslog: https://gist.github.com/jassmith/9564881c273ad9709a1485a74f7aefca

          Both logs start at system boot and go to just after ipv6 stops working.

          LAN is set up to Track Interface for IPv6. DHCPv6 Server and RA are default settings. I do not run pfBlocker and while my firewall is not default, it is not overly complex.

          WAN rules: https://i.imgur.com/kZULWEc.png

          LAN rules: https://i.imgur.com/tSc1mRS.png (note the pia_redirect_group is empty, I should probably delete those rules as I use a VLAN for that purpose now)

          1 Reply Last reply Reply Quote 0
          • ?
            Guest
            last edited by

            Can you uninstall suricata and try it then.

            Something is really screwed up. Is this a fresh install?

            1 Reply Last reply Reply Quote 0
            • J
              jassmith
              last edited by

              And boom goes the dynamite. Thanks man!

              It turns out Suricata was blocking some part of the communication. Basically the UDPv6 Checksum rule started hitting for whatever reason. I've disabled the rule entirely and all is good.

              Again, thank you for your time and effort.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.