4. RADVD regression on 2.4.3 / radvd can not run on bridge Interface anymore…

RADVD regression on 2.4.3 / radvd can not run on bridge Interface anymore…

  • N

    Hello
    I found a regression in pfsense version 2.4.3
    radvd will not start anymore on a bridge interface
    radvd version in pfsense 2.4.3 is radvd Version: 2.17

    LOG:

    Apr 1 23:46:28 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:46:44 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:47:00 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:47:16 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:47:32 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:47:48 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:48:04 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:48:20 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:48:36 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:48:52 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:49:08 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:49:24 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:49:40 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:49:56 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:50:12 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:50:28 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:50:44 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:51:00 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:51:16 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:51:32 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:51:48 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:52:04 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:52:20 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    Apr 1 23:52:36 radvd 81728 ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument

    I change my configuration because i don't need the bridge the next months but it would nice to get this feature back in the future!

    0
  • N

    Small debug log with bridge0

    [Apr 08 14:15:20] radvd (90823): version 2.17 started
    [Apr 08 14:15:20] radvd (90823): bridge0 interface definition ok
    [Apr 08 14:15:20] radvd (90823): config file, /var/etc/radvd.conf, syntax ok
    [Apr 08 14:15:20] radvd (90823): checking ipv6 forwarding not supported
    [Apr 08 14:15:20] radvd (90823): radvd startup PID is 90823
    [Apr 08 14:15:20] radvd (90823): opened pid file /var/run/radvd.pid
    [Apr 08 14:15:20] radvd (90823): locked pid file /var/run/radvd.pid
    [Apr 08 14:15:20] radvd (90823): opened pid file /var/run/radvd.pid
    [Apr 08 14:15:20] radvd (90823): radvd PID is 90823
    [Apr 08 14:15:20] radvd (90823): wrote pid 90823 to pid file: /var/run/radvd.pid
    [Apr 08 14:15:20] radvd (90823): validated pid file, /var/run/radvd.pid: 90823
    [Apr 08 14:15:20] radvd (90823): bridge0 if_index changed from 0 to 10
    [Apr 08 14:15:20] radvd (90823): ioctl(SIOCGIFFLAGS) succeeded on bridge0
    [Apr 08 14:15:20] radvd (90823): bridge0 is up
    [Apr 08 14:15:20] radvd (90823): bridge0 is running
    [Apr 08 14:15:20] radvd (90823): bridge0 supports multicast
    [Apr 08 14:15:20] radvd (90823): ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    [Apr 08 14:15:20] radvd (90823): interface bridge0 does not exist or is not set up properly, ignoring the interface
    [Apr 08 14:15:20] radvd (90823): polling for 0 second(s), next iface is bridge0
    [Apr 08 14:15:20] radvd (90823): timer_handler called for bridge0
    [Apr 08 14:15:20] radvd (90823): ioctl(SIOCGIFFLAGS) succeeded on bridge0
    [Apr 08 14:15:20] radvd (90823): bridge0 is up
    [Apr 08 14:15:20] radvd (90823): bridge0 is running
    [Apr 08 14:15:20] radvd (90823): bridge0 supports multicast
    [Apr 08 14:15:20] radvd (90823): ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    [Apr 08 14:15:20] radvd (90823): not sending RA for bridge0, interface is not ready
    [Apr 08 14:15:20] radvd (90823): send_ra_forall failed on interface bridge0
    [Apr 08 14:15:20] radvd (90823): bridge0 next scheduled RA in 16 second(s)
    [Apr 08 14:15:20] radvd (90823): polling for 16 second(s), next iface is bridge0
    [Apr 08 14:15:36] radvd (90823): timer_handler called for bridge0
    [Apr 08 14:15:36] radvd (90823): ioctl(SIOCGIFFLAGS) succeeded on bridge0
    [Apr 08 14:15:36] radvd (90823): bridge0 is up
    [Apr 08 14:15:36] radvd (90823): bridge0 is running
    [Apr 08 14:15:36] radvd (90823): bridge0 supports multicast
    [Apr 08 14:15:36] radvd (90823): ioctl(SIOCGIFMEDIA) failed on bridge0: Invalid argument
    [Apr 08 14:15:36] radvd (90823): not sending RA for bridge0, interface is not ready
    [Apr 08 14:15:36] radvd (90823): send_ra_forall failed on interface bridge0
    [Apr 08 14:15:36] radvd (90823): bridge0 next scheduled RA in 16 second(s)
    [Apr 08 14:15:36] radvd (90823): polling for 16 second(s), next iface is bridge0

    0
  • LAYER 8 Global Moderator

    already reported
    https://redmine.pfsense.org/issues/8429

    0
  • D

    Is there a workaround other than downgrading pfsense?

    0
  • LAYER 8 Global Moderator

    Don't bridge ;)  would be my suggestion… Use a switch like every other sane person on the planet does when they need a switch port...

    0
  • D

    so how does a switch help me bridge a VPN tap port and a physical interface?

    0
  • LAYER 8 Global Moderator

    Don't tap either.. Use TUN…

    So you smited me for that - really???

    0
  • M

    So are bridges not supported on pfSense?

    0
  • T

    @johnpoz:

    Don't tap either.. Use TUN…

    So you smited me for that - really???

    There are reasons for doing this, for example being to Steam In-Home stream from a distant network using a VPN. Just because it's not the most sane thing to bridge ports on a router doesn't mean there aren't valid use cases, so don't just smack down people for doing so. There's a reason they are in pfSense. In my network I have a 10GbE card in my router and workstation, which are bridged to a bonded fiber port to my switch for the rest of the network, and a similar situation for my file server. I don't have $500 - $1k sitting around for a fancy 10GbE switch, so pfSense does my heavy lifting until I can get my hands on that beautiful Unifi 16 XG

    @MrClayPole:

    So are bridges not supported on pfSense?

    They are, but are not suggested due to things like this, and it requires your router to interact with the packet which is slower than the in-hardware stuff traditional switches have. Hopefully this is patched sooner than later, but for now stay at an older version of pfSense if you need router advertisement and IPv6.

    I use bridges just fine, aside from the issue in OP's post.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy