WAN_DHCP6 Stuck Pending / Unknown
-
I used wireshark to capture icmpv6 and dhcpv6 packets on the wan interface.
With the patch uninstalled, the sequence is the following:
send dhcpv6 solicit
receive dhcpv6 advertise
send dhcpv6 request
receive dhcpv6 reply
send icmpv6 router solicitation
receive icmpv6 router advertisementWith the patch installed, the sequence is the following:
send dhcpv6 solicit
receive dhcpv6 advertise
send dhcpv6 request
receive dhcpv6 replyThe router never sends the icmpv6 router solicitation, so it never receives the router advertisement.
I hope that helps.
-
I suggest to write about all the finds on the redmine
I hope somebody will fix this bug soon. -
@w0w said in WAN_DHCP6 Stuck Pending / Unknown:
I suggest to write about all the finds on the redmine
I hope somebody will fix this bug soon.I already did. Thanks for the help.
-
@bimmerdriver said in WAN_DHCP6 Stuck Pending / Unknown:
@w0w said in WAN_DHCP6 Stuck Pending / Unknown:
I suggest to write about all the finds on the redmine
I hope somebody will fix this bug soon.I already did. Thanks for the help.
@jimp Should I open a new issue in Redmine for this problem?
-
A fix for this issue is in the latest snapshot and I confirm it works.
Thanks @jimp .
-
I just upgraded to 2.4.5-release-p1 and I have exactly the same problem. The ipv6 gateway is stuck on status unknown. I made no other configuration changes, nor any other changes.
-
My WAN interface is still showing:
WAN_DHCP6
~ Pending Pending Pending UnknownOn:
2.5.0-DEVELOPMENT (amd64)
built on Thu Jul 16 01:02:54 EDT 2020
FreeBSD 12.1-STABLEPrevious posts indicate that the issue was fixed, but mine's still not working since whichever update broke dhcpv6. Any ideas how to solve this? System Logs / DHCP shows nothing for v6 just v4.
-
I'm seeing the same issue since updating to 2.4.5p1. My ISP is Comcast/Xfinity, and I'm using their native dual-stack IPv4/IPv6 service. The v4 status shows correctly, but v6 just shows Pending/Unknown.
If I go into System > Routing > Gateways, edit the IPv6 gateway, and disable/re-enable gateway monitoring for that interface, it seems to fix the problem temporarily, but at some point it recurs (I haven't determined exactly what causes it to recur yet.)
-
You can revert those patches one by one with help of "System patches" package.
- Install package "System patches"
- Create two patches, using the commit ID's provided in https://redmine.pfsense.org/issues/9634
the first one should be
19fe32b0fe32faf290ea2b74c005c165579277bf
and the second
8788b0613a66e48ff4da45f4228bda481c37f7a9
When creating fill commit ID and enter any description for the patch and press "SAVE" button.
When patches are created you will see fetch button in the patch list, press fetch and then after patch is downloaded,
you will see that Revert button is appeared on one of them,
press it and you will get Revert button on the second patch also, press it also and you should have original 2.4.5 non p1 version of file.
Check it and if you have some new information report it back
-
@w0w Thanks for the reply. In my case it seems like with changes done to pfSense I now need to check the "Do not wait for a RA" setting on DHCP6 Client Configuration. After enabling that option I get IPv6 on the interface again status is shown correctly without reverting the patches.
-
@w0w, I backed up the configuration, reverted both patches, and rebooted. The WAN_DHCP6 status was slow to update but eventually correctly showed "Online"; however, and radvd was correctly advertising the route. However, I had no ipv6 connectivity from clients. I reverted to the saved configuration, rebooted, and this time the WAN_DHCP6 status immediately said "Online" and I have ipv6 connectivity from clients. The "System patches" package got uninstalled by the restoration of the configuration, and as best I can tell, the patch reversions did too. Nevertheless, it has been working correctly for several hours now.
-
@tbclark3
I do not think it is reverting the patches, when you uninstall package or restore configuration that does not use this package, you can just test it by installing package again, see what happens and report back.
May be it just needed reboot to complete reload of those un-patched files.You can also test this "Do not wait for a RA" setting, that was found by @fragged as working solution.
-
@w0w said in WAN_DHCP6 Stuck Pending / Unknown:
@tbclark3
I do not think it is reverting the patches, when you uninstall package or restore configuration that does not use this package, you can just test it by installing package again, see what happens and report back.
May be it just needed reboot to complete reload of those un-patched files.You can also test this "Do not wait for a RA" setting, that was found by @fragged as working solution.
The "Do not wait for a RA" setting causes pfsense to send the DHCP solicit before the RS. If your ISP gateway requires this, it will not delegate a prefix you use the setting. If your ISP gateway doesn't require this, pfsense may or may get a prefix. Some gateways don't care about the order. The best way to determine if this setting is required is to use wireshark to watch sequence of messages.
-
@bimmerdriver I tried the "Do not wait for a RA" setting prior to reverting the patches. It caused a several minute delay after applying the setting, then IPv6 stopped working altogether.
As best I can tell, the two patches are still reverted--meaning that I am still running 2.4.5-RELEASE even though the system identifies the version as 2.4.5-RELEASE-p1 and even though "System patches" displays no history.
IPv6 has worked perfectly since those two patches were reverted.
-
@tbclark3 said in WAN_DHCP6 Stuck Pending / Unknown:
@bimmerdriver I tried the "Do not wait for a RA" setting prior to reverting the patches. It caused a several minute delay after applying the setting, then IPv6 stopped working altogether.
As best I can tell, the two patches are still reverted--meaning that I am still running 2.4.5-RELEASE even though the system identifies the version as 2.4.5-RELEASE-p1 and even though "System patches" displays no history.
IPv6 has worked perfectly since those two patches were reverted.
When 2.4.5-RELEASE-p1 was released, I tested it and found that it solved the problem. When I get a chance, I'll start it up again and confirm it still works. If so, it may be that your system is borked. Have you tried a clean reinstallation?
UPDATE: I started up my other system and it worked fine. I suggest trying a clean reinstallation if you haven't tried that already.
-
I am running 2.5.0-RELEASE and I am having the same problem with the gateway constantly showing as Pending. IPV6 is working. Checking "Do not wait for a RA" has no effect. Problem is exactly as described above. My ISP is Comcast, and this issue is new to 2.5.0. Previous was whatever the previous RELEASE to 2.5.0 was. Issue did not appear on previous RELEASE version. Found this forum page via Google.
-
like @daplumber I'm also running 2.5.0-RELEASE and seeing the same issue. IPv6 gateway shows Pending instead of online. From Status / Gateways :
WAN_DHCP (default) 73.93.xx.xxx 73.93.xx.xxx 10.723ms 2.574ms 0.0% Online Interface WAN_DHCP Gateway===group WAN_DHCP6 (default) dynamic Pending Pending Pending Pending Interface WAN_DHCP6 GatewayMy configuration is unchanged from 2.4.4 where I didn't see this issue. https://ipv6-test.com/ says IPv6 is Supported, shows my address with Type as 'Native IPv6' (score 17/20). My ISP is Comcast.
Status / System Logs / System / Gateways only shows for WAN_DHCP, nothing about WAN_DHCP6 (with DHCP6 client in debug mode).
Status / System Logs / DHCP:
Mar 1 00:01:37 dhcp6c 33342 add an address 2001:558:6045:30:xxxx:c7d0:59e5:ae44/128 on igb0 Mar 1 00:01:37 dhcp6c 33342 create an address 2001:558:6045:30:xxxx:c7d0:59e5:ae44 pltime=229408, vltime=12732626592774455328 Mar 1 00:01:37 dhcp6c 33342 make an IA: NA-0 Mar 1 00:01:37 dhcp6c 33342 add an address 2601:640:c100:xxxx:2e0:67ff:fe1b:67da/64 on igb2 Mar 1 00:01:37 dhcp6c 33342 add an address 2601:640:c100:xxxx:2e0:67ff:fe1b:67d9/64 on igb1 Mar 1 00:01:37 dhcp6c 33342 create a prefix 2601:640:c100:xxxx::/60 pltime=229418, vltime=229418 Mar 1 00:01:37 dhcp6c 33342 make an IA: PD-0 Mar 1 00:01:37 dhcp6c 33342 nameserver[1] 2001:558:feed::2 Mar 1 00:01:37 dhcp6c 33342 nameserver[0] 2001:558:feed::1 -
As above, after I reverted the patches and returned to 2.4.5, my status problem resolved. I just upgraded to 2.5.0, and the problem did not recur. However, on the same day that I upgraded, Comcast did a firmware upgrade of my Cisco modem and IPv6 was disastrous. IPv6 connectivity disappeared on a regular basis, and occasionally all connectivity disappeared, requiring a reboot of both devices (pfsense and Comcast). I noticed in the logs, and confirmed with wireshark, that the Comcast modem was responding with a 10-second lease (t1=5, t2=10) for every renewal of my /59 dhcp delegation, resulting in a renewal about every 10 seconds. Explaining that to customer service did not go well, but they sent a tech anyway, who replaced my modem with a Technicolor model CGA4131COM. With no changes to pfsense, the new modem correctly granted a lease of 1 week, and all has been normal since. Pfsense quickly shows an "online" status for Comcast IPv4 and IPv6, as well as the backup Verizon LTE modem. At this point, I'm placing blame on the Comcast firmware upgrade, but I also haven't seen the first dhcp renewal yet. I still have no idea why the status problem occurred in the first place.
-
Realize now this is the wrong forum for 2.5 release. Here is the post tracking this issue in IPv6:
https://forum.netgate.com/topic/160952/ipv6-no-gateway-after-2-5-upgrade/34
Redmine issue:
https://redmine.pfsense.org/issues/11454
-
@tbclark3 I am not using a Comcast modem. I've had this issue with a Netgear CM500 and an Arris SB8200.
