IPv6 Connectivity problem in vm
-
When you select Track Interface, there are IPv6 things to set up :
These :
I guess, because I never sued that facility before - that you should select your WAN type interface.
And a "prefix" that was given to you by the ISP ...
And, I guess. -
@Gertjan Sure.
-
Problem still persist, help for diagnosing would be much appreciated.
-dualstack WAN, no IPv6 tunnel
-Host Win10 with Hyper-V
-Client (VM): Windows 10 (two different versions tested) have problems
-Client (VM): ubuntu on that same interface has no problem!Just disabling and then enabling the adapter in Windows makes the ipv6-test-site work again (for some time).
-
Is it normal that the expirations shown under NDP Table are changing all the time? e.g. it shows almost 24 hours and some seconds later it is only 30 seconds. That happens all the time.
Next I will try "Change DHCPv6 display lease time from UTC to local time" in the DHCPv6 Server, maybe Windows wants that...
-
Why did you decide to use "Interface Tracking" ?
As per ISP information ?According to https://docs.netgate.com/pfsense/en/latest/book/interfaces/ipv6-wan-types.html#track-interface there should be lines in the logs related to this delegation exchange. Are there any logs lines ? Logs lines are the principal source of information when debugging - and you have none ??
You have a dual WAN (also a very error prone thing) : you're tracking the right WAN interface ?
And what about System > Routing > Gateways : is the right gateway selected ?edit : NDP uses ICMP6 for discovering "who lives on a network segment" and is somewhat comparable with the ARP protocol used by IPv4. It's build into the IPv6 kernel and driver stack part, and doesn't need any user configuration. ( although : block ICMP6 on your LAN type interface and you'll "break" IPv6 )
See https://en.wikipedia.org/wiki/Neighbor_Discovery_Protocol -
@Gertjan I don't have dual wan and track interface is the default in pfSense. What is wrong with that?
"Change DHCPv6 display lease time from UTC to local time" didn't help.
-
@Gertjan I appreciate your help but you have a total different setup with that he-tunnel and probably not having dualstack on your wan.
-
When I do a "route print" in the windows vm, there is a difference between full connectivity and problematic connectivity. The following (first) line is missing after some time.
IPv6 Route Table
Active Routes:
If Metric Network Destination Gateway
9 271 ::/0 fe80::215:5dff:fe01:7507This is the PrivatSwitch Interface.
-
I found this in the logs:
route 0::/0 lifetime (60) conflicts with AdvDefaultLifetime (0), default routes will flap!So I guess it is a problem with radvd. Ubuntu has no problem with that but windows does. I remember when I was adding the second LAN-Interface called Privat Switch, it was missing the defaults at least under Router Advertisements completely. I also switched the interfaces once, which one should get IPv6 and which one not. So something is broken there.
Is there a way in pfSense to bring the defaults to that setting?
-
@Bob-Dig said in IPv6 Connectivity problem in vm:
So I guess it is a problem with radvd. Ubuntu has no problem with that but windows does.
I have 2 computers with Windows 10 in VirtualBox on Linux. Neither have a problem with radvd. You can run Wireshark in Windows and watch for ICMP6 to see what's happening.
-
@JKnott Thanks. But I guess you don't have those problems under
Status - System Logs - SystemRouting like I have, log was flooded with:route 0::/0 lifetime (60) conflicts with AdvDefaultLifetime (0), default routes will flap!
So after I changed the Router lifetime to 1000s in ServicesDHCPv6 Server & RA PRIVATSWITCHRouter Advertisements
Later I get those log entries flooding:Mar 13 08:58:28 radvd 81932 version 2.18 started Mar 13 08:58:29 radvd 82558 attempting to reread config file Mar 13 08:58:29 radvd 82558 resuming normal operation Mar 13 08:58:31 radvd 82558 attempting to reread config file Mar 13 08:58:31 radvd 82558 resuming normal operation Mar 13 08:58:45 radvd 82558 attempting to reread config file Mar 13 08:58:45 radvd 82558 resuming normal operation
Also I am using the 2.5.0-DEVELOPMENT Branch
So is it possible to reset the DHCPv6 Server & RA, because there seems to be the problem.
-
Dono if this is related : https://redmine.pfsense.org/projects/pfsense/issues?per_page=100&query_id=104, look for the 'radv' occurrences on the list.
@JKnott : you're using 2.5.0 - and if so, what version ?
-
@Gertjan 2.5.0 get updates three times a day and I am remembering the problem with no defaults for the DHCPv6 Server & RA was only when I was adding the second LAN-Interface later on. So probably no one noticed it.
If I can't reset it, I will have to go back to 2.4.* and do everything manually.
-
There is no reset button.
But what you can do, is saving your config, and then reset to default the entire setup.
When done, take a look at the config xml file, look for 'radv', and compare and copy if needed that part into your config.xml.This a a part of the config, related to 'radv' :
You'll find two blocks of these, as you have two LAN type interfaces.
When you edited (if needed), you import back in your config file.
-
What I finally did was deleting the interface and then creating it new. This time there seems to be no problem.
Thanks everybody.
I have to read more log files to get a sense, when there is something not ok.
Also I crafted some new IPv6 addresses in the DHCPv6 Server, like this one:
::192:168:2:37