Comcast IPv6 WAN address and delegated prefix added, then removed seconds later



  • The high level symptom is that IPv6 addresses always disappear from pfsense after a few days. Sometimes a reboot brings them back, sometimes not. I've been iterating through various options (don't wait for RA, never release, etc.) with no change in behavior.

    This is on a bare-metal installation of 2.4.4-RELEASE, and has been occuring ever since upgrading from 2.4.2-RELEASE.

    I have enabled debug mode for dhcp6d, and found that it does get the assignments from Comcast, however it removes them after a few seconds and subsequent solicitations go unanswered.

    dhcpd6c a reboot, addrs acquired:

    Nov 22 22:21:33	dhcp6c	45839	extracted an existing DUID from /var/db/dhcp6c_duid: 00:01:00:01:1d:8e:f5:9f:0c:c4:7a:69:e1:1c
    Nov 22 22:21:33	dhcp6c	45839	failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory
    Nov 22 22:21:33	dhcp6c	45839	failed initialize control message authentication
    Nov 22 22:21:33	dhcp6c	45839	skip opening control port
    Nov 22 22:21:33	dhcp6c	45839	<3>[interface] (9)
    Nov 22 22:21:33	dhcp6c	45839	<5>[igb0] (4)
    Nov 22 22:21:33	dhcp6c	45839	<3>begin of closure [{] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[send] (4)
    Nov 22 22:21:33	dhcp6c	45839	<3>[ia-na] (5)
    Nov 22 22:21:33	dhcp6c	45839	<3>[0] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>comment [# request stateful address] (26)
    Nov 22 22:21:33	dhcp6c	45839	<3>[send] (4)
    Nov 22 22:21:33	dhcp6c	45839	<3>[ia-pd] (5)
    Nov 22 22:21:33	dhcp6c	45839	<3>[0] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>comment [# request prefix delegation] (27)
    Nov 22 22:21:33	dhcp6c	45839	<3>[request] (7)
    Nov 22 22:21:33	dhcp6c	45839	<3>[domain-name-servers] (19)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[request] (7)
    Nov 22 22:21:33	dhcp6c	45839	<3>[domain-name] (11)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[script] (6)
    Nov 22 22:21:33	dhcp6c	45839	<3>["/var/etc/dhcp6c_wan_script.sh"] (31)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>comment [# we'd like some nameservers please] (35)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of closure [}] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[id-assoc] (8)
    Nov 22 22:21:33	dhcp6c	45839	<13>[na] (2)
    Nov 22 22:21:33	dhcp6c	45839	<13>[0] (1)
    Nov 22 22:21:33	dhcp6c	45839	<13>begin of closure [{] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of closure [}] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[id-assoc] (8)
    Nov 22 22:21:33	dhcp6c	45839	<13>[pd] (2)
    Nov 22 22:21:33	dhcp6c	45839	<13>[0] (1)
    Nov 22 22:21:33	dhcp6c	45839	<13>begin of closure [{] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[prefix] (6)
    Nov 22 22:21:33	dhcp6c	45839	<3>[::] (2)
    Nov 22 22:21:33	dhcp6c	45839	<3>[/] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[60] (2)
    Nov 22 22:21:33	dhcp6c	45839	<3>[infinity] (8)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[prefix-interface] (16)
    Nov 22 22:21:33	dhcp6c	45839	<5>[igb1] (4)
    Nov 22 22:21:33	dhcp6c	45839	<3>begin of closure [{] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[sla-id] (6)
    Nov 22 22:21:33	dhcp6c	45839	<3>[0] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[sla-len] (7)
    Nov 22 22:21:33	dhcp6c	45839	<3>[4] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of closure [}] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[prefix-interface] (16)
    Nov 22 22:21:33	dhcp6c	45839	<5>[igb2] (4)
    Nov 22 22:21:33	dhcp6c	45839	<3>begin of closure [{] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[sla-id] (6)
    Nov 22 22:21:33	dhcp6c	45839	<3>[1] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[sla-len] (7)
    Nov 22 22:21:33	dhcp6c	45839	<3>[4] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of closure [}] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[prefix-interface] (16)
    Nov 22 22:21:33	dhcp6c	45839	<5>[igb3] (4)
    Nov 22 22:21:33	dhcp6c	45839	<3>begin of closure [{] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[sla-id] (6)
    Nov 22 22:21:33	dhcp6c	45839	<3>[2] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>[sla-len] (7)
    Nov 22 22:21:33	dhcp6c	45839	<3>[4] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of closure [}] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of closure [}] (1)
    Nov 22 22:21:33	dhcp6c	45839	<3>end of sentence [;] (1)
    Nov 22 22:21:33	dhcp6c	45839	called
    Nov 22 22:21:33	dhcp6c	45839	called
    Nov 22 22:21:33	dhcp6c	45960	reset a timer on igb0, state=INIT, timeo=0, retrans=891
    Nov 22 22:21:34	dhcp6c	45960	Sending Solicit
    Nov 22 22:21:34	dhcp6c	45960	a new XID (25af49) is generated
    Nov 22 22:21:34	dhcp6c	45960	set client ID (len 14)
    Nov 22 22:21:34	dhcp6c	45960	set identity association
    Nov 22 22:21:34	dhcp6c	45960	set elapsed time (len 2)
    Nov 22 22:21:34	dhcp6c	45960	set option request (len 4)
    Nov 22 22:21:34	dhcp6c	45960	set IA_PD prefix
    Nov 22 22:21:34	dhcp6c	45960	set IA_PD
    Nov 22 22:21:34	dhcp6c	45960	send solicit to ff02::1:2%igb0
    Nov 22 22:21:34	dhcp6c	45960	reset a timer on igb0, state=SOLICIT, timeo=0, retrans=1091
    Nov 22 22:21:34	dhcp6c	45960	receive advertise from fe80::201:5cff:fe87:fe46%igb0 on igb0
    Nov 22 22:21:34	dhcp6c	45960	get DHCP option client ID, len 14
    Nov 22 22:21:34	dhcp6c	45960	DUID: 00:01:00:01:1d:8e:f5:9f:0c:c4:7a:69:e1:1c
    Nov 22 22:21:34	dhcp6c	45960	get DHCP option server ID, len 14
    Nov 22 22:21:34	dhcp6c	45960	DUID: 00:01:00:01:1c:e4:c0:0d:40:a8:f0:2e:8f:18
    Nov 22 22:21:34	dhcp6c	45960	get DHCP option identity association, len 40
    Nov 22 22:21:34	dhcp6c	45960	IA_NA: ID=0, T1=1800, T2=2880
    Nov 22 22:21:34	dhcp6c	45960	get DHCP option IA address, len 24
    Nov 22 22:21:34	dhcp6c	45960	IA_NA address: 2001:558:6045:e0:75a0:3e23:d52b:9d41 pltime=3600 vltime=3600
    Nov 22 22:21:34	dhcp6c	45960	get DHCP option IA_PD, len 41
    Nov 22 22:21:34	dhcp6c	45960	IA_PD: ID=0, T1=1800, T2=2880
    Nov 22 22:21:34	dhcp6c	45960	get DHCP option IA_PD prefix, len 25
    Nov 22 22:21:34	dhcp6c	45960	IA_PD prefix: 2601:642:c400:7500::/60 pltime=3600 vltime=3600
    Nov 22 22:21:34	dhcp6c	45960	get DHCP option DNS, len 32
    Nov 22 22:21:34	dhcp6c	45960	server ID: 00:01:00:01:1c:e4:c0:0d:40:a8:f0:2e:8f:18, pref=-1
    Nov 22 22:21:34	dhcp6c	45960	reset timer for igb0 to 0.964693
    Nov 22 22:21:35	dhcp6c	45960	picked a server (ID: 00:01:00:01:1c:e4:c0:0d:40:a8:f0:2e:8f:18)
    Nov 22 22:21:35	dhcp6c	45960	Sending Request
    Nov 22 22:21:35	dhcp6c	45960	a new XID (2e0926) is generated
    Nov 22 22:21:35	dhcp6c	45960	set client ID (len 14)
    Nov 22 22:21:35	dhcp6c	45960	set server ID (len 14)
    Nov 22 22:21:35	dhcp6c	45960	set IA address
    Nov 22 22:21:35	dhcp6c	45960	set identity association
    Nov 22 22:21:35	dhcp6c	45960	set elapsed time (len 2)
    Nov 22 22:21:35	dhcp6c	45960	set option request (len 4)
    Nov 22 22:21:35	dhcp6c	45960	set IA_PD prefix
    Nov 22 22:21:35	dhcp6c	45960	set IA_PD
    Nov 22 22:21:35	dhcp6c	45960	send request to ff02::1:2%igb0
    Nov 22 22:21:35	dhcp6c	45960	reset a timer on igb0, state=REQUEST, timeo=0, retrans=909
    Nov 22 22:21:35	dhcp6c	45960	receive reply from fe80::201:5cff:fe87:fe46%igb0 on igb0
    Nov 22 22:21:35	dhcp6c	45960	get DHCP option client ID, len 14
    Nov 22 22:21:35	dhcp6c	45960	DUID: 00:01:00:01:1d:8e:f5:9f:0c:c4:7a:69:e1:1c
    Nov 22 22:21:35	dhcp6c	45960	get DHCP option server ID, len 14
    Nov 22 22:21:35	dhcp6c	45960	DUID: 00:01:00:01:1c:e4:c0:0d:40:a8:f0:2e:8f:18
    Nov 22 22:21:35	dhcp6c	45960	get DHCP option identity association, len 40
    Nov 22 22:21:35	dhcp6c	45960	IA_NA: ID=0, T1=1800, T2=2880
    Nov 22 22:21:35	dhcp6c	45960	get DHCP option IA address, len 24
    Nov 22 22:21:35	dhcp6c	45960	IA_NA address: 2001:558:6045:e0:75a0:3e23:d52b:9d41 pltime=3600 vltime=3600
    Nov 22 22:21:35	dhcp6c	45960	get DHCP option IA_PD, len 41
    Nov 22 22:21:35	dhcp6c	45960	IA_PD: ID=0, T1=1800, T2=2880
    Nov 22 22:21:35	dhcp6c	45960	get DHCP option IA_PD prefix, len 25
    Nov 22 22:21:35	dhcp6c	45960	IA_PD prefix: 2601:642:c400:7500::/60 pltime=3600 vltime=3600
    Nov 22 22:21:35	dhcp6c	45960	get DHCP option DNS, len 32
    Nov 22 22:21:35	dhcp6c	45960	dhcp6c Received REQUEST
    Nov 22 22:21:35	dhcp6c	45960	nameserver[0] 2001:558:feed::1
    Nov 22 22:21:35	dhcp6c	45960	nameserver[1] 2001:558:feed::2
    Nov 22 22:21:35	dhcp6c	45960	make an IA: PD-0
    Nov 22 22:21:35	dhcp6c	45960	create a prefix 2601:642:c400:7500::/60 pltime=3600, vltime=3600
    Nov 22 22:21:35	dhcp6c	45960	add an address 2601:642:c400:7500:ec4:7aff:fe69:e11d/64 on igb1
    Nov 22 22:21:35	dhcp6c	45960	add an address 2601:642:c400:7501:ec4:7aff:fe69:e11e/64 on igb2
    Nov 22 22:21:35	dhcp6c	45960	add an address 2601:642:c400:7502:ec4:7aff:fe69:e11f/64 on igb3
    Nov 22 22:21:35	dhcp6c	45960	make an IA: NA-0
    Nov 22 22:21:35	dhcp6c	45960	create an address 2001:558:6045:e0:75a0:3e23:d52b:9d41 pltime=3600, vltime=15498334245746642448
    Nov 22 22:21:35	dhcp6c	45960	add an address 2001:558:6045:e0:75a0:3e23:d52b:9d41/128 on igb0
    Nov 22 22:21:35	dhcp6c	45960	executes /var/etc/dhcp6c_wan_script.sh
    

    Seconds later, addrs removed:

    Nov 22 22:21:43	dhcp6c		dhcp6c REQUEST on igb0 - running rc.newwanipv6
    Nov 22 22:21:43	dhcp6c	45960	script "/var/etc/dhcp6c_wan_script.sh" terminated
    Nov 22 22:21:43	dhcp6c	45960	removing an event on igb0, state=REQUEST
    Nov 22 22:21:43	dhcp6c	45960	removing server (ID: 00:01:00:01:1c:e4:c0:0d:40:a8:f0:2e:8f:18)
    Nov 22 22:21:43	dhcp6c	45960	got an expected reply, sleeping.
    Nov 22 22:22:11	dhcp6c	45960	Bypassing address release because of -n flag
    Nov 22 22:22:11	dhcp6c	45960	remove an IA: NA-0
    Nov 22 22:22:11	dhcp6c	45960	remove an address 2001:558:6045:e0:75a0:3e23:d52b:9d41
    Nov 22 22:22:11	dhcp6c	45960	remove an address 2001:558:6045:e0:75a0:3e23:d52b:9d41/128 on igb0
    Nov 22 22:22:11	dhcp6c	45960	reset a timer on igb0, state=INIT, timeo=0, retrans=118
    Nov 22 22:22:11	dhcp6c	45960	Bypassing address release because of -n flag
    Nov 22 22:22:11	dhcp6c	45960	remove an IA: PD-0
    Nov 22 22:22:11	dhcp6c	45960	remove a site prefix 2601:642:c400:7500::/60
    Nov 22 22:22:11	dhcp6c	45960	remove an address 2601:642:c400:7500:ec4:7aff:fe69:e11d/64 on igb1
    Nov 22 22:22:11	dhcp6c	45960	remove an address 2601:642:c400:7501:ec4:7aff:fe69:e11e/64 on igb2
    Nov 22 22:22:11	dhcp6c	45960	remove an address 2601:642:c400:7502:ec4:7aff:fe69:e11f/64 on igb3
    Nov 22 22:22:11	dhcp6c	45960	reset a timer on igb0, state=INIT, timeo=0, retrans=256
    Nov 22 22:22:11	dhcp6c	45960	removing an event on igb0, state=INIT
    Nov 22 22:22:11	dhcp6c	45960	removing an event on igb0, state=INIT
    Nov 22 22:22:11	dhcp6c	45960	executes /var/etc/dhcp6c_wan_script.sh
    Nov 22 22:22:11	dhcp6c		dhcp6c EXIT or RELEASE on igb0 running rc.newwanipv6
    Nov 22 22:22:11	dhcp6c	45960	script "/var/etc/dhcp6c_wan_script.sh" terminated
    Nov 22 22:22:11	dhcp6c	45960	exiting
    

    Steady-state behavior, solicitations sent every 10 seconds, indefinitely:

    Nov 22 23:37:42	dhcp6c	37443	Sending Solicit
    Nov 22 23:37:42	dhcp6c	37443	set client ID (len 14)
    Nov 22 23:37:42	dhcp6c	37443	set identity association
    Nov 22 23:37:42	dhcp6c	37443	set elapsed time (len 2)
    Nov 22 23:37:42	dhcp6c	37443	set option request (len 4)
    Nov 22 23:37:42	dhcp6c	37443	set IA_PD prefix
    Nov 22 23:37:42	dhcp6c	37443	set IA_PD
    Nov 22 23:37:42	dhcp6c	37443	send solicit to ff02::1:2%igb0
    Nov 22 23:37:42	dhcp6c	37443	reset a timer on igb0, state=SOLICIT, timeo=44, retrans=113136
    Nov 22 23:39:35	dhcp6c	37443	Sending Solicit
    Nov 22 23:39:35	dhcp6c	37443	set client ID (len 14)
    Nov 22 23:39:35	dhcp6c	37443	set identity association
    Nov 22 23:39:35	dhcp6c	37443	set elapsed time (len 2)
    Nov 22 23:39:35	dhcp6c	37443	set option request (len 4)
    Nov 22 23:39:35	dhcp6c	37443	set IA_PD prefix
    Nov 22 23:39:35	dhcp6c	37443	set IA_PD
    Nov 22 23:39:35	dhcp6c	37443	send solicit to ff02::1:2%igb0
    Nov 22 23:39:35	dhcp6c	37443	reset a timer on igb0, state=SOLICIT, timeo=45, retrans=123288
    

    Any input would be appreciated.



  • I had similar symptoms. I wanted to expand from single /64 to /60 with comcast. When I switch delegation size in WAN config I would see IPv6 addresses assigned to the multiple tacked LANs then disappear. Sometimes it would only allocate single /64. Rebooting the pfsense did not resolve the issue. Once I rebooted my comcast modem (zoom modem, not rented) it finally gave me the /60 I was looking for and stuck with it. Also check the DHCP6 DUID option in System/Advanced/Networking. Tweaking that value may trick it into getting a new delegated prefix.



  • I'm not having an issue getting a /60 allocated, that works fine, pfsense just removes it about 10 seconds after it receives it.

    Further investigation indicates this is related to pfsense starting multiple instances of dhcp6c. I have no idea why this is happening, since I have only one WAN interface, but the longer pfsense runs, the more instances start. When I first found this, 8 instances of dhcp6c were running, after about 1 week of uptime. Every day or so now I loose IPv6 connectivity, and check and find that 2 or 3 instances are running, kill them, restart the wan interface and have IPv6 working again. IPv6 connectivity was stable for months at a time with 2.4.2, so I'm not sure what introduced this behavior.


  • LAYER 8 Netgate

    Please try 2.4.4-p1



  • @derelict I updated to 2.4.4-p1 on Dec 5th, but it has not changed this behavior. Still accumulating dhcp6c instances.



  • Here is an example. It looks like I have accumulated a new dhcp6c instance every day for the last 3 days:

    root   35864   0.0  0.0   6968   2804  -  S    12:26        0:00.00 sh -c ps uxawww | grep dhcp6c 2>&1
    root   36185   0.0  0.0   6564   2460  -  S    12:26        0:00.00 grep dhcp6c
    root   41997   0.0  0.0   6340   2376  -  Is   15:16        0:00.19 /usr/local/sbin/dhcp6c -d -n -c /var/etc/dhcp6c_wan.conf -p /var/run/dhcp6c_igb0.pid igb0
    root   54792   0.0  0.0   6340   2400  -  Is   Tue15        0:00.97 /usr/local/sbin/dhcp6c -d -n -c /var/etc/dhcp6c_wan.conf -p /var/run/dhcp6c_igb0.pid igb0
    root   77657   0.0  0.0   6340   2376  -  Is   Wed15        0:00.41 /usr/local/sbin/dhcp6c -d -n -c /var/etc/dhcp6c_wan.conf -p /var/run/dhcp6c_igb0.pid igb0
    

    Killing these and restarting the wan interface fixes IPv6, but I have to do this every day.


  • LAYER 8 Netgate

    I'd be curious if the start time was the same every day.

    Then I would look for any logs around that time. For instance around 15:16 Thursday when that last dhcp6c was started.

    Not sure what Comcast might be doing. My Cox dhcp6c was started Dec19 - last time I restarted when I went to 2.4.4-p1.



  • After some digging around, it does appear that the start time is the same every day, and that it is about 1 minute after suricata downloads rule updates and restarts, which restarts each interface, followed by a large number of errors from various services. However, suricata updates 2 times per day, and the other update time doesn't result in new instances of dhcp6c.

    Jan 8 15:15:02	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Emerging Threats Open rules are up to date...
    Jan 8 15:15:03	php-cgi		suricata_check_for_rule_updates.php: [Suricata] There is a new set of Snort rules posted. Downloading snortrules-snapshot-3000.tar.gz...
    Jan 8 15:15:09	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Snort rules file update downloaded successfully.
    Jan 8 15:15:09	php-cgi		suricata_check_for_rule_updates.php: [Suricata] There is a new set of Snort GPLv2 Community Rules posted. Downloading community-rules.tar.gz...
    Jan 8 15:15:11	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Snort GPLv2 Community Rules file update downloaded successfully.
    Jan 8 15:15:14	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Hide Deprecated Rules is enabled. Removing obsoleted rules categories.
    Jan 8 15:15:14	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Removed 0 obsoleted rules category files.
    Jan 8 15:15:14	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Updating rules configuration for: WAN ...
    Jan 8 15:15:16	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Enabling any flowbit-required rules for: WAN...
    Jan 8 15:15:16	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Building new sid-msg.map file for WAN...
    Jan 8 15:15:17	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Updating rules configuration for: LAN ...
    Jan 8 15:15:18	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Building new sid-msg.map file for LAN...
    Jan 8 15:15:18	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Updating rules configuration for: DMZ ...
    Jan 8 15:15:21	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Enabling any flowbit-required rules for: DMZ...
    Jan 8 15:15:21	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Building new sid-msg.map file for DMZ...
    Jan 8 15:15:22	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Updating rules configuration for: HIGH ...
    Jan 8 15:15:24	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Building new sid-msg.map file for HIGH...
    Jan 8 15:15:24	SuricataStartup	48900	Suricata STOP for WAN(29994_igb0)...
    Jan 8 15:15:27	SuricataStartup	50496	Suricata STOP for LAN(3843_igb1)...
    Jan 8 15:15:30	SuricataStartup	52010	Suricata STOP for OPT1(46180_igb2)...
    Jan 8 15:15:32	SuricataStartup	53231	Suricata STOP for OPT2(6509_igb3)...
    Jan 8 15:15:34	php-cgi		suricata_check_for_rule_updates.php: [Suricata] Suricata has restarted with your new set of rules...
    Jan 8 15:15:34	php-cgi		suricata_check_for_rule_updates.php: [Suricata] The Rules update has finished.
    Jan 8 15:15:34	SuricataStartup	56701	Suricata START for WAN(29994_igb0)...
    Jan 8 15:15:34	check_reload_status		Syncing firewall
    Jan 8 15:15:35	SuricataStartup	57850	Suricata START for LAN(3843_igb1)...
    Jan 8 15:15:35	check_reload_status		Linkup starting igb1
    Jan 8 15:15:35	kernel		igb1: link state changed to DOWN
    Jan 8 15:15:36	SuricataStartup	59161	Suricata START for OPT1(46180_igb2)...
    Jan 8 15:15:36	php-fpm	19656	/rc.linkup: DEVD Ethernet detached event for lan
    Jan 8 15:15:36	check_reload_status		Reloading filter
    Jan 8 15:15:37	SuricataStartup	60711	Suricata START for OPT2(6509_igb3)...
    Jan 8 15:15:38	check_reload_status		Linkup starting igb3
    Jan 8 15:15:38	kernel		igb3: link state changed to DOWN
    Jan 8 15:15:39	php-fpm	69962	/rc.linkup: DEVD Ethernet detached event for opt2
    Jan 8 15:15:39	check_reload_status		Reloading filter
    Jan 8 15:15:39	check_reload_status		Linkup starting igb1
    Jan 8 15:15:39	kernel		igb1: link state changed to UP
    Jan 8 15:15:40	kernel		igb0: link state changed to DOWN
    Jan 8 15:15:40	check_reload_status		Linkup starting igb0
    Jan 8 15:15:40	php-fpm	80125	/rc.linkup: DEVD Ethernet attached event for lan
    Jan 8 15:15:40	php-fpm	80125	/rc.linkup: HOTPLUG: Configuring interface lan
    Jan 8 15:15:41	php-fpm	76441	/rc.linkup: DEVD Ethernet detached event for wan
    Jan 8 15:15:41	check_reload_status		Linkup starting igb1
    Jan 8 15:15:41	kernel		igb1: link state changed to DOWN
    Jan 8 15:15:41	dhcpleases		/etc/hosts changed size from original!
    Jan 8 15:15:41	php-fpm	80125	/rc.linkup: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
    Jan 8 15:15:41	check_reload_status		Restarting ipsec tunnels
    Jan 8 15:15:41	check_reload_status		Linkup starting igb3
    Jan 8 15:15:41	kernel		igb3: link state changed to UP
    Jan 8 15:15:42	php-fpm	75561	/rc.newwanipv6: rc.newwanipv6: Info: starting on igb0.
    Jan 8 15:15:42	php-fpm	75561	/rc.newwanipv6: rc.newwanipv6: No IPv6 address found for interface WAN [wan].
    Jan 8 15:15:42	dhcpleases		/etc/hosts changed size from original!
    Jan 8 15:15:42	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:15:42	php-fpm	75561	/rc.linkup: DEVD Ethernet attached event for opt2
    Jan 8 15:15:42	php-fpm	75561	/rc.linkup: HOTPLUG: Configuring interface opt2
    Jan 8 15:15:42	dhcpleases		kqueue error: unkown
    Jan 8 15:15:42	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:15:42	check_reload_status		Linkup starting igb3
    Jan 8 15:15:42	kernel		igb3: link state changed to DOWN
    Jan 8 15:15:42	php-fpm	75561	/rc.linkup: Default gateway setting Interface WAN_DHCP Gateway as default.
    Jan 8 15:15:42	php-fpm	75561	/rc.linkup: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
    Jan 8 15:15:42	check_reload_status		Restarting ipsec tunnels
    Jan 8 15:15:43	dhcpleases		/etc/hosts changed size from original!
    Jan 8 15:15:43	check_reload_status		Linkup starting igb0
    Jan 8 15:15:43	kernel		igb0: link state changed to UP
    Jan 8 15:15:43	dhcpleases		kqueue error: unkown
    Jan 8 15:15:44	check_reload_status		Linkup starting igb2
    Jan 8 15:15:44	kernel		igb2: link state changed to DOWN
    Jan 8 15:15:44	check_reload_status		updating dyndns lan
    Jan 8 15:15:44	check_reload_status		Reloading filter
    Jan 8 15:15:44	php-fpm	23478	/rc.linkup: DEVD Ethernet detached event for lan
    Jan 8 15:15:44	check_reload_status		Reloading filter
    Jan 8 15:15:45	check_reload_status		Linkup starting igb1
    Jan 8 15:15:45	kernel		igb1: link state changed to UP
    Jan 8 15:15:45	php-fpm	69962	/rc.linkup: DEVD Ethernet detached event for opt1
    Jan 8 15:15:45	php-fpm	76441	/rc.linkup: Shutting down Router Advertisment daemon cleanly
    Jan 8 15:15:45	check_reload_status		Reloading filter
    Jan 8 15:15:45	php-fpm	23478	/rc.linkup: DEVD Ethernet attached event for wan
    Jan 8 15:15:45	php-fpm	23478	/rc.linkup: HOTPLUG: Configuring interface wan
    Jan 8 15:15:46	check_reload_status		Linkup starting igb0
    Jan 8 15:15:46	kernel		igb0: link state changed to DOWN
    Jan 8 15:15:46	php-fpm	76441	/rc.linkup: DEVD Ethernet attached event for lan
    Jan 8 15:15:46	php-fpm	76441	/rc.linkup: HOTPLUG: Configuring interface lan
    Jan 8 15:15:46	dhcpleases		/etc/hosts changed size from original!
    Jan 8 15:15:46	php-fpm	76441	/rc.linkup: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
    Jan 8 15:15:46	check_reload_status		Restarting ipsec tunnels
    Jan 8 15:15:46	check_reload_status		Linkup starting igb3
    Jan 8 15:15:46	kernel		igb3: link state changed to UP
    Jan 8 15:15:46	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:15:46	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:15:47	dhcpleases		/etc/hosts changed size from original!
    Jan 8 15:15:47	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:15:47	dhcpleases		kqueue error: unkown
    Jan 8 15:15:47	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:15:47	check_reload_status		updating dyndns opt2
    Jan 8 15:15:47	check_reload_status		Reloading filter
    Jan 8 15:15:47	php-fpm	85465	/rc.linkup: DEVD Ethernet detached event for opt2
    Jan 8 15:15:47	check_reload_status		Reloading filter
    Jan 8 15:15:47	php-fpm	80125	/rc.linkup: DEVD Ethernet attached event for opt2
    Jan 8 15:15:47	php-fpm	80125	/rc.linkup: HOTPLUG: Configuring interface opt2
    Jan 8 15:15:47	check_reload_status		Linkup starting igb2
    Jan 8 15:15:47	kernel		igb2: link state changed to UP
    Jan 8 15:15:47	php-fpm	80125	/rc.linkup: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
    Jan 8 15:15:47	check_reload_status		Restarting ipsec tunnels
    Jan 8 15:15:49	php-fpm	85465	/rc.linkup: DEVD Ethernet attached event for opt1
    Jan 8 15:15:49	php-fpm	85465	/rc.linkup: HOTPLUG: Configuring interface opt1
    Jan 8 15:15:49	dhcpleases		/etc/hosts changed size from original!
    Jan 8 15:15:49	dhcpleases		kqueue error: unkown
    Jan 8 15:15:49	check_reload_status		Linkup starting igb2
    Jan 8 15:15:49	kernel		igb2: link state changed to DOWN
    Jan 8 15:15:49	php-fpm	85465	/rc.linkup: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP'
    Jan 8 15:15:49	php-fpm	85465	/rc.linkup: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
    Jan 8 15:15:49	check_reload_status		Restarting ipsec tunnels
    Jan 8 15:15:49	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:15:49	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:15:49	check_reload_status		Linkup starting igb0
    Jan 8 15:15:49	kernel		igb0: link state changed to UP
    Jan 8 15:15:50	check_reload_status		updating dyndns lan
    Jan 8 15:15:50	dhcpleases		/etc/hosts changed size from original!
    Jan 8 15:15:50	check_reload_status		Reloading filter
    Jan 8 15:15:50	dhcpleases		kqueue error: unkown
    Jan 8 15:15:52	check_reload_status		updating dyndns opt2
    Jan 8 15:15:52	check_reload_status		Reloading filter
    Jan 8 15:15:52	check_reload_status		Linkup starting igb2
    Jan 8 15:15:52	kernel		igb2: link state changed to UP
    Jan 8 15:15:53	check_reload_status		rc.newwanip starting igb0
    Jan 8 15:15:53	php-fpm	23478	/rc.linkup: calling interface_dhcpv6_configure.
    Jan 8 15:15:53	php-fpm	23478	/rc.linkup: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP'
    Jan 8 15:15:53	php-fpm	23478	/rc.linkup: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
    Jan 8 15:15:53	check_reload_status		Restarting ipsec tunnels
    Jan 8 15:15:53	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:15:53	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:15:54	php-fpm	75561	/rc.newwanip: rc.newwanip: Info: starting on igb0.
    Jan 8 15:15:54	php-fpm	75561	/rc.newwanip: rc.newwanip: on (IP address: 107.3.175.60) (interface: WAN[wan]) (real interface: igb0).
    Jan 8 15:15:54	dhcpleases		/etc/hosts changed size from original!
    Jan 8 15:15:54	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:15:54	check_reload_status		updating dyndns opt1
    Jan 8 15:15:54	check_reload_status		Reloading filter
    Jan 8 15:15:54	php-fpm	39800	/rc.linkup: DEVD Ethernet detached event for opt1
    Jan 8 15:15:54	dhcpleases		kqueue error: unkown
    Jan 8 15:15:54	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:15:54	check_reload_status		Reloading filter
    Jan 8 15:15:54	php-fpm	80125	/rc.linkup: DEVD Ethernet attached event for opt1
    Jan 8 15:15:54	php-fpm	80125	/rc.linkup: HOTPLUG: Configuring interface opt1
    Jan 8 15:15:54	php-fpm	80125	/rc.linkup: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP'
    Jan 8 15:15:54	php-fpm	80125	/rc.linkup: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
    Jan 8 15:15:54	check_reload_status		Restarting ipsec tunnels
    Jan 8 15:15:54	rc.gateway_alarm	73171	>>> Gateway alarm: WAN_DHCP (Addr:107.3.174.1 Alarm:1 RTT:10.717ms RTTsd:3.105ms Loss:21%)
    Jan 8 15:15:54	check_reload_status		updating dyndns WAN_DHCP
    Jan 8 15:15:54	check_reload_status		Restarting ipsec tunnels
    Jan 8 15:15:54	check_reload_status		Restarting OpenVPN tunnels/interfaces
    Jan 8 15:15:55	dhcpleases		/etc/hosts changed size from original!
    Jan 8 15:15:56	dhcpleases		kqueue error: unkown
    Jan 8 15:15:56	php-fpm	39800	/rc.dyndns.update: phpDynDNS (Home): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
    Jan 8 15:15:56	php-fpm	76441	/rc.openvpn: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP'
    Jan 8 15:15:56	php-fpm	76441	/rc.openvpn: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
    Jan 8 15:15:56	check_reload_status		updating dyndns wan
    Jan 8 15:15:56	check_reload_status		Reloading filter
    Jan 8 15:15:56	php-fpm	19656	/rc.linkup: DEVD Ethernet detached event for wan
    Jan 8 15:15:57	php-fpm	39800	/rc.dyndns.update: phpDynDNS (home.tancad.net): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
    Jan 8 15:15:58	php-fpm	39800	/rc.dyndns.update: Dynamic DNS (home.tancad.net) There was an error trying to determine the public IP for interface - wan (igb0 ).
    Jan 8 15:15:59	check_reload_status		Reloading filter
    Jan 8 15:15:59	php-fpm	75561	/rc.newwanip: The command '/sbin/route delete -host 2606:4700:4700::1001' returned exit code '68', the output was 'route: bad address: 2606:4700:4700::1001'
    Jan 8 15:15:59	php-fpm	75561	/rc.newwanip: The command '/sbin/route delete -host 2606:4700:4700::1111' returned exit code '68', the output was 'route: bad address: 2606:4700:4700::1111'
    Jan 8 15:15:59	php-fpm	75561	/rc.newwanip: The command '/sbin/route delete -host 2001:4860:4860::8888' returned exit code '68', the output was 'route: bad address: 2001:4860:4860::8888'
    Jan 8 15:15:59	php-fpm	75561	/rc.newwanip: The command '/sbin/route delete -host 2001:4860:4860::8844' returned exit code '68', the output was 'route: bad address: 2001:4860:4860::8844'
    Jan 8 15:15:59	dhcpleases		/etc/hosts changed size from original!
    Jan 8 15:15:59	php-fpm	75561	/rc.newwanip: Accept router advertisements on interface igb0
    Jan 8 15:15:59	php-fpm	75561	/rc.newwanip: Starting rtsold process
    Jan 8 15:16:00	php-fpm	19656	/rc.linkup: Shutting down Router Advertisment daemon cleanly
    Jan 8 15:16:00	check_reload_status		Reloading filter
    Jan 8 15:16:00	php-fpm	69962	/rc.linkup: DEVD Ethernet attached event for wan
    Jan 8 15:16:00	php-fpm	69962	/rc.linkup: HOTPLUG: Configuring interface wan
    Jan 8 15:16:00	check_reload_status		rc.newwanip starting igb0
    Jan 8 15:16:00	php-fpm	69962	/rc.linkup: calling interface_dhcpv6_configure.
    Jan 8 15:16:00	php-fpm	69962	/rc.linkup: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP'
    Jan 8 15:16:00	php-fpm	69962	/rc.linkup: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
    Jan 8 15:16:00	check_reload_status		Restarting ipsec tunnels
    Jan 8 15:16:01	php-fpm	85465	/rc.newwanip: rc.newwanip: Info: starting on igb0.
    Jan 8 15:16:01	php-fpm	85465	/rc.newwanip: rc.newwanip: on (IP address: 107.3.175.60) (interface: WAN[wan]) (real interface: igb0).
    Jan 8 15:16:01	dhcpleases		/etc/hosts changed size from original!
    Jan 8 15:16:01	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:16:01	dhcpleases		kqueue error: unkown
    Jan 8 15:16:01	dhcpleases		Could not deliver signal HUP to process because its pidfile (/var/run/dnsmasq.pid) does not exist, No such process.
    Jan 8 15:16:01	rtsold	58822	<interface_up> igb0 does not accept Router Advertisement.
    Jan 8 15:16:03	php-fpm	75561	/rc.newwanip: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
    Jan 8 15:16:03	check_reload_status		updating dyndns wan
    Jan 8 15:16:03	check_reload_status		Reloading filter
    Jan 8 15:16:05	php-fpm	39800	/rc.dyndns.update: phpDynDNS (Home): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
    Jan 8 15:16:06	php-fpm	75561	/rc.newwanip: phpDynDNS (Home): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
    Jan 8 15:16:06	php-fpm	39800	/rc.dyndns.update: phpDynDNS (home.tancad.net): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
    Jan 8 15:16:06	php-fpm	85465	/rc.newwanip: The command '/sbin/route delete -host 2606:4700:4700::1001' returned exit code '68', the output was 'route: bad address: 2606:4700:4700::1001'
    Jan 8 15:16:06	php-fpm	85465	/rc.newwanip: The command '/sbin/route delete -host 2606:4700:4700::1111' returned exit code '68', the output was 'route: bad address: 2606:4700:4700::1111'
    Jan 8 15:16:06	php-fpm	85465	/rc.newwanip: The command '/sbin/route delete -host 2001:4860:4860::8888' returned exit code '68', the output was 'route: bad address: 2001:4860:4860::8888'
    Jan 8 15:16:06	php-fpm	85465	/rc.newwanip: The command '/sbin/route delete -host 2001:4860:4860::8844' returned exit code '68', the output was 'route: bad address: 2001:4860:4860::8844'
    Jan 8 15:16:06	dhcpleases		/etc/hosts changed size from original!
    Jan 8 15:16:06	php-fpm	85465	/rc.newwanip: Accept router advertisements on interface igb0
    Jan 8 15:16:06	php-fpm	85465	/rc.newwanip: Starting rtsold process
    Jan 8 15:16:07	php-fpm	39800	/rc.dyndns.update: Dynamic DNS (home.tancad.net) There was an error trying to determine the public IP for interface - wan (igb0 ).
    Jan 8 15:16:07	php-fpm	75561	/rc.newwanip: phpDynDNS (home.tancad.net): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
    Jan 8 15:16:08	php-fpm	75561	/rc.newwanip: Dynamic DNS (home.tancad.net) There was an error trying to determine the public IP for interface - wan (igb0 ).
    Jan 8 15:16:09	php-fpm	75561	/rc.newwanip: Resyncing OpenVPN instances for interface WAN.
    Jan 8 15:16:09	php-fpm	75561	/rc.newwanip: Creating rrd update script
    Jan 8 15:16:09	rtsold		Received RA specifying route fe80::201:5cff:fe87:fe46 for interface wan(igb0)
    Jan 8 15:16:09	rtsold		Starting dhcp6 client for interface wan(igb0)
    Jan 8 15:16:10	php-fpm	85465	/rc.newwanip: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
    Jan 8 15:16:11	php-fpm	75561	/rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 107.3.175.60 -> 107.3.175.60 - Restarting packages.
    Jan 8 15:16:11	check_reload_status		Starting packages
    Jan 8 15:16:12	php-fpm	85465	/rc.newwanip: phpDynDNS (Home): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
    Jan 8 15:16:12	php-fpm	76441	/rc.start_packages: Restarting/Starting all packages.
    Jan 8 15:16:13	php-fpm	85465	/rc.newwanip: phpDynDNS (home.tancad.net): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
    Jan 8 15:16:14	php-fpm	85465	/rc.newwanip: Dynamic DNS (home.tancad.net) There was an error trying to determine the public IP for interface - wan (igb0 ).
    Jan 8 15:16:15	php-fpm	85465	/rc.newwanip: Resyncing OpenVPN instances for interface WAN.
    Jan 8 15:16:15	php-fpm	85465	/rc.newwanip: Creating rrd update script
    Jan 8 15:16:17	php-fpm	85465	/rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 107.3.175.60 -> 107.3.175.60 - Restarting packages.
    Jan 8 15:16:17	check_reload_status		Starting packages
    Jan 8 15:16:18	php-fpm	80125	/rc.start_packages: Skipping STARTing packages process because previous/another instance is already running
    Jan 8 15:16:35	ntopng		[HTTPserver.cpp:924] ERROR: [HTTP] set_ports_option: cannot bind to 3000s: Address already in use
    Jan 8 15:16:35	ntopng		[mongoose.c:4584] ERROR: set_ports_option: cannot bind to 3000s: No error: 0
    Jan 8 15:16:35	ntopng		[HTTPserver.cpp:1104] ERROR: Unable to start HTTP server (IPv4) on ports 3000s
    Jan 8 15:16:35	ntopng		[HTTPserver.cpp:1110] ERROR: Either port in use or another ntopng instance is running (using the same port)
    Jan 8 15:16:54	php-fpm	76441	[pfBlockerNG] Starting cron process.
    Jan 8 15:16:54	php-fpm	76441	/rc.start_packages: The command '/sbin/ifconfig 'igb1' delete '10.10.10.1'' returned exit code '1', the output was 'ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address'
    Jan 8 15:16:54	check_reload_status		Reloading filter
    Jan 8 15:16:55	radiusd	12401	Signalled to terminate
    Jan 8 15:16:55	radiusd	12401	Exiting normally
    Jan 8 15:16:55	radiusd	2646	Debugger not attached
    Jan 8 15:16:55	radiusd	13110	[/usr/local/etc/raddb/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay" found in filter list for realm "DEFAULT".
    Jan 8 15:16:55	radiusd	13110	[/usr/local/etc/raddb/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay-USec" found in filter list for realm "DEFAULT".
    Jan 8 15:16:55	radiusd	13110	Loaded virtual server <default>
    Jan 8 15:16:55	radiusd	13110	Loaded virtual server default
    Jan 8 15:16:55	radiusd	13110	Ignoring "sql" (see raddb/mods-available/README.rst)
    Jan 8 15:16:55	radiusd	13110	Ignoring "ldap" (see raddb/mods-available/README.rst)
    Jan 8 15:16:55	radiusd	13110	Loaded virtual server inner-tunnel-ttls
    Jan 8 15:16:55	radiusd	13110	Loaded virtual server inner-tunnel-peap
    Jan 8 15:16:55	radiusd	13110	Ready to process requests
    Jan 8 15:16:56	ntopng		[HTTPserver.cpp:924] ERROR: [HTTP] set_ports_option: cannot bind to 3000s: Address already in use
    Jan 8 15:16:56	ntopng		[mongoose.c:4584] ERROR: set_ports_option: cannot bind to 3000s: No error: 0
    Jan 8 15:16:56	ntopng		[HTTPserver.cpp:1104] ERROR: Unable to start HTTP server (IPv4) on ports 3000s
    Jan 8 15:16:56	ntopng		[HTTPserver.cpp:1110] ERROR: Either port in use or another ntopng instance is running (using the same port)
    Jan 8 15:17:42	kernel		pid 50390 (ntopng), uid 0: exited on signal 11 (core dumped)
    Jan 8 15:17:42	kernel		igb1: promiscuous mode disabled
    Jan 8 15:17:42	kernel		igb2: promiscuous mode disabled
    Jan 8 15:17:42	kernel		igb3: promiscuous mode disabled
    


  • @rohrej
    If Suricata does not actually update the rules, then it won't restart the interface. It checks for updates multiple times per day (as per the setting in GLOBAL SETTINGS), but it does not really download a new file unless the md5 checksums indicate a new rules file is posted. It will only restart itself (Suricata, that is) when a new file is downloaded and new rules are installed.

    Restarting Suricata, especially in Netmap IPS mode, will cycle an interface.



  • That makes sense that it would only restart the interfaces if there is actually a new ruleset. However, restarting the interfaces should not cause multiple dhcp6c instances to run simultaneously.



  • @rohrej said in Comcast IPv6 WAN address and delegated prefix added, then removed seconds later:

    That makes sense that it would only restart the interfaces if there is actually a new ruleset. However, restarting the interfaces should not cause multiple dhcp6c instances to run simultaneously.

    Agreed. This might be a problem with the way the daemon is handled when an interface cycles. Is pfSense terminating the running process before launching another, or does it perhaps just blindly start a new daemon instance when the interface comes up? I have not examined the code, so I'm not sure. Just throwing the question out there for consideration.



  • So, turning off suricata for the WAN interface did not fix this. It doesn't happen every day now, but still pretty often.

    root    2183   0.0  0.0   6340   2380  -  Is   21Jan19      0:02.81 /usr/local/sbin/dhcp6c -d -n -c /var/etc/dhcp6c_wan.conf -p /var/run/dhcp6c_igb0.pid igb0
    root   11215   0.0  0.0   6340   2376  -  Is   27Jan19      0:01.57 /usr/local/sbin/dhcp6c -d -n -c /var/etc/dhcp6c_wan.conf -p /var/run/dhcp6c_igb0.pid igb0
    root   13704   0.0  0.0   6968   2804  -  S    18:53        0:00.00 sh -c ps uxawww | grep dhcp6c 2>&1
    root   14116   0.0  0.0   6564   2460  -  S    18:53        0:00.00 grep dhcp6c
    root   38355   0.0  0.0   6340   2400  -  Ss   19Jan19      0:11.03 /usr/local/sbin/dhcp6c -d -n -c /var/etc/dhcp6c_wan.conf -p /var/run/dhcp6c_igb0.pid igb0
    root   41023   0.0  0.0   6340   2376  -  Is   15:15        0:00.04 /usr/local/sbin/dhcp6c -d -n -c /var/etc/dhcp6c_wan.conf -p /var/run/dhcp6c_igb0.pid igb0
    root   60339   0.0  0.0   6340   2376  -  Ss   22Jan19      0:02.64 /usr/local/sbin/dhcp6c -d -n -c /var/etc/dhcp6c_wan.conf -p /var/run/dhcp6c_igb0.pid igb0
    root   83791   0.0  0.0   6340   2376  -  Is   24Jan19      0:02.28 /usr/local/sbin/dhcp6c -d -n -c /var/etc/dhcp6c_wan.conf -p /var/run/dhcp6c_igb0.pid igb0
    root   98049   0.0  0.0   6340   2380  -  Is   Thu03        0:00.79 /usr/local/sbin/dhcp6c -d -n -c /var/etc/dhcp6c_wan.conf -p /var/run/dhcp6c_igb0.pid igb0
    

Log in to reply