With multiple IPv6 WAN connections, dhcp6c broken



  • Hello,

    I have two WAN connections, each with IPv6. My plan was to use the new 1Gbps cable connection for my LAN and to continue using the 50 Mbps DSL connection for my servers and lab environments. This is working swell for IPv4, but there is a problem with v6. From these log messages:

    Aug 6 14:14:14 	dhcp6c 	33004 	unexpected interface (12)
    Aug 6 14:14:14 	dhcp6c 	86100 	reset a timer on pppoe0, state=SOLICIT, timeo=15, retrans=117972
    Aug 6 14:14:14 	dhcp6c 	86100 	send solicit to ff02::1:2%pppoe0
    Aug 6 14:14:14 	dhcp6c 	86100 	set IA_PD
    Aug 6 14:14:14 	dhcp6c 	86100 	set IA_PD prefix
    Aug 6 14:14:14 	dhcp6c 	86100 	set option request (len 4)
    Aug 6 14:14:14 	dhcp6c 	86100 	set elapsed time (len 2)
    Aug 6 14:14:14 	dhcp6c 	86100 	set client ID (len 14)
    Aug 6 14:14:14 	dhcp6c 	86100 	Sending Solicit 
    

    It appears that dhcp6c PID 86100 is sending a request and the server is immediately responding, however, dhcp6c PID 33004 is receiving the response and returning an unexpected interface error, since that PID is not servicing the pppoe0 interface.

    These processes have both bound themselves to all addresses:

    root     dhcp6c     86100 10 udp6   *:546                 *:*
    root     dhcp6c     33004 4  udp6   *:546                 *:*
    

    Since both processes are attempting to listen on all addresses, only the first process (the one that was able to make the binding) is able to receive responses.

    This, it seems, makes it impossible, or at least very difficult, to have more than one IPv6 WAN provider on the same pfSense router.

    I don't see any options to change this behavior and fear I may be stuck until dhcp6c is fixed. Unless I'm missing something.

    Has anybody come across this problem and found a work-around?

    Thank you!



  • I'd rather not, but I suppose I can just set up another instance for my DMZ. I've got some Palo Alto licenses. Maybe I'll try that instead.