Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    IPv6 stops working moments after booting after upgrade to 2.4.0

    IPv6
    2
    5
    517
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jassmith last edited by

      Ever since upgrading to 2.4 I can no longer get pfSense to maintain an IPv6 address for anyting except the WAN_DHCP6 Gateway. My WAN interface has no address, my LAN interface has no address. When pfSense first boots if I restart the device, everything works for just long enough for me to log into the UI and see that there is an IPv6 address and subnet assigned tot he correct interfaces.

      ISP: Comcast Residential
      Hardware Model: SG-4860

      I for the life of me can't figure out why ipv6 no longer works.

      Here is my WAN DHCP6 config: https://i.imgur.com/xzLd8bm.png

      EDIT - I rebooted the router again, this time I immediately refreshed my IPv6 address on a client machine and was indeed able to ping out for a good 20 to 30 seconds before connectivity was lost.

      1 Reply Last reply Reply Quote 0
      • ?
        Guest last edited by

        Can you post the dhcp & system logs from boot to when you lose the IPv6 link. Hide any IP's if you wish to.

        Also, how are you providing IPv6 on the LAN side, managed, assisted etc, and can the client ping the gateway on IPv6?

        Is your firewall default or are you using anything like pfBlocker etc.

        1 Reply Last reply Reply Quote 0
        • J
          jassmith last edited by

          dhcp log: https://gist.github.com/jassmith/a266bb2c8453526c17e18bfd15bdf737
          syslog: https://gist.github.com/jassmith/9564881c273ad9709a1485a74f7aefca

          Both logs start at system boot and go to just after ipv6 stops working.

          LAN is set up to Track Interface for IPv6. DHCPv6 Server and RA are default settings. I do not run pfBlocker and while my firewall is not default, it is not overly complex.

          WAN rules: https://i.imgur.com/kZULWEc.png

          LAN rules: https://i.imgur.com/tSc1mRS.png (note the pia_redirect_group is empty, I should probably delete those rules as I use a VLAN for that purpose now)

          1 Reply Last reply Reply Quote 0
          • ?
            Guest last edited by

            Can you uninstall suricata and try it then.

            Something is really screwed up. Is this a fresh install?

            1 Reply Last reply Reply Quote 0
            • J
              jassmith last edited by

              And boom goes the dynamite. Thanks man!

              It turns out Suricata was blocking some part of the communication. Basically the UDPv6 Checksum rule started hitting for whatever reason. I've disabled the rule entirely and all is good.

              Again, thank you for your time and effort.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy