ipv6 broken: radvd: can't join ipv6-allrouters on <interface>
-
@kiokoman
One thing that looks quite different for me is that radvd can't join routers right after start, not hours later as we have it now.EDITED: Oh yes, epic fail. -
@kiokoman I agree, 2.5 will be left in beta until someone fixes it.
-
@rschell good work about that update on redmine
personally i had decided to wait for 2.5 to advance before trying to do anything as any patch that we come out today it will probably be lost resulting in a waste of time as it is a kernel problem and not a pfsense's fault -
Ipv6 problem also caused problems with FRR
-
@rschell
I see you have some progress on 12.1 builds, but you did not report back on redmine, is it working? -
@w0w said in ipv6 broken: radvd: can't join ipv6-allrouters on <interface>:
@rschell
I see you have some progress on 12.1 builds, but you did not report back on redmine, is it working?I have updated #9577, but for some reason the issue doesn't showup on the 2.5 issue list anymore. My version is running well and RADVD continues to work past 24 hours. The version is built on releng/12.1-RC2 with cherry-picked commits from 2.5 back to mid-February.
Once the pfSense is rebased on releng/12.1 or stable/12 and the message logging in RADVD is removed, these problems should be resolved.
@yon-0 said in ipv6 broken: radvd: can't join ipv6-allrouters on <interface>:
Ipv6 problem also caused problems with FRR
I haven't used FRR, so I can't speak to whether this will resolve those issues.
-
@rschell
frr use with openvpn ipv6 has issue, add two ipv6 Neighbor openvpn will happen.
-
@jimp, any news? Did Netgate choose the FreeBSD version already? 12.1 is released a few days ago.
-
We are aware of the release (The FreeBSD Release Engineer is a Netgate employee :-)
12.1 is the current plan but there may be some parts picked back from stable. We'll see how things shake out.
-
@jimp Hmm, missed that reddit post, thanks a lot for the information!
-
@w0w said in ipv6 broken: radvd: can't join ipv6-allrouters on <interface>:
@jimp Hmm, missed that reddit post, thanks a lot for the information!
Any clue why #9577 is not showing up on the issue list anymore?
It might be better to split the redmine issue into two since there is spamming log issue and a FreeBSD 12.0 issue?
-
In net/radvd of Ports, remove logging of "IPv6 forwarding" in interface.c since "check_ip6_iface_forwarding" routine is stubbed out in "radvd/device-bsd44.c". This is unrelated to the FreeBSD 12 version
-
Upgrade network interfaces including netinet6/in6_mcast.c to code in RELENG/12.1. The mcast changes in 12.1 are extensive enough to both ipv4 and ipv6 to prohibit back-porting (I tried). This second issue resolves the "can't join ipv6-routers" logging and permits RADVD to function beyond 24 hours.
-
-
so to fix this we need to update to 12.1 and that has 25% perf hit. ooof
-
@strangegopher
Not so bad, I think. May be it affects only maximum throughput, who knows, no further information at the moment. Also as @jimp mentioned, they can apply some fixes by picking up some parts from stable.@rschell
I've never checked was it listed before or not, but i don't see any changes made about that. May be it's because target version is missing? -
Any news about the problem/patch? I have this bug too, but too lazy/dont have time to go back to 2.4.4...
-
@havastamas
Waiting for the new builds based on 12.1 version of FreeBSD. I don't know if there any target date available.
Currently you can use workaround published by @kiokoman. I use it with cron package. Just running command every hour.
killall radvd && sleep 5 && /usr/local/sbin/radvd -p /var/run/radvd.pid -C /var/etc/radvd.conf -m syslog -
@w0w This workaround is much better than reboot the firewall every 6 hours, to get ipv6 working. Thank you!
-
@w0w btw what is the experience with this patch? My ISP disconnets every user after 7 days of uptime, then gives new ipv4/v6 adress (dual stack).
Do you think this workaround will work after 7 days of uptime?
-
@havastamas With my build, applying fixes to to get 6RD working, removing spam messaging in RADVD and upgrading to 12.1 code base, my firewall has been up and passing ipv6 tests for over 12 days now.
So I think a solution has been found, its now a matter of priorities. Switching to 12.1 is non-trivial and who knows what other issues that creates. I'm not a networking expert and my application is relatively simple, so all it has done is highlighted that no fatal flaws are out there with starting to move that direction.
-
@havastamas
If you are talking about workaround... I see no reason why the workaround would not work, but it’s easier to check yourself whether it works or not. -
any updates on this?
