Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPv6 strange DHCP behaviour (multiple VLAN)

    Scheduled Pinned Locked Moved IPv6
    5 Posts 2 Posters 659 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      franzli
      last edited by

      Hi,
      I am having a curious issue and I have been fighting with this for almost a full day until I decided to give up and ask for help.
      I have a pfSense physical machine with IPv6 tunneling to HE.
      The configuration is the same for each VLAN (I have a /48 range which is split on each VLAN to a /64).
      When I connect to two VLANs I am getting the correct address from DHCP. When I am connecting from another VLAN (and really, I swear I have the same configurations) I am not getting an address.

      This is the result on the client on the good VLAN:

      Options[4] = {
        IA_NA (3) Length 40:  IA_NA IAID=0 T1=0 T2=0 Options[1] = {
          IAADDR (5) Length 24:  IAADDR 2001:xxx:xxxx:20::d:88c0 Preferred 4073 Valid=6773
        }  CLIENTID (1) Length 14: DUID LLT HW 1 Time 551030748 Addr a0:99:9b:00:0a:27
        SERVERID (2) Length 14: DUID LLT HW 1 Time 647803393 Addr 00:0d:b9:56:8d:e1
        DNS_SERVERS (23) Length 16: 2001:xxx:xxxx:20::1
      }
      

      This instead is the result on the client on the bad VLAN:

      DHCPv6 ADVERTISE (2) Transaction ID 0x4b6ca6 Length 108
      Options[5] = {
        SERVERID (2) Length 10: DUID LL HW 1 Addr dc:a6:32:40:9b:9d
        CLIENTID (1) Length 14: DUID LLT HW 1 Time 551030748 Addr a0:99:9b:00:0a:27
        <unknown> (82) Length 4:  Data 00 00 00 3c
        DNS_SERVERS (23) Length 16: fdcb:f24:701a::1
        IA_NA (3) Length 40:  IA_NA IAID=0 T1=21600 T2=34560 Options[1] = {
          IAADDR (5) Length 24:  IAADDR fdcb:f24:701a::3fb Preferred 43200 Valid=43200
        }}
      

      Checking in the DHCP log in pfSense I have the following for the good VLAN:
      Please note that everything is upside down :-) The timeline goes from the bottom to the top.

      Jul 11 19:31:21	dhcpd		Sending Reply to fe80::1030:4604:3e13:4c17 port 546
      Jul 11 19:31:21	dhcpd		Reusing lease for: 2001:xxx:xxxx:20::d:88c0, age 427 secs < 25%, sending shortened lifetimes - preferred: 4073, valid 6773
      Jul 11 19:31:21	dhcpd		Reply NA: address 2001:xxx:xxxx:20::d:88c0 to client with duid 00:01:00:01:20:d8:0f:dc:a0:99:9b:00:0a:27 iaid = 0 valid for 7200 seconds
      Jul 11 19:31:21	dhcpd		Request message from fe80::1030:4604:3e13:4c17 port 546, transaction ID 0x7EA85900
      Jul 11 19:31:20	dhcpd		Sending Advertise to fe80::1030:4604:3e13:4c17 port 546
      Jul 11 19:31:20	dhcpd		Advertise NA: address 2001:xxx:xxxx:20::d:88c0 to client with duid 00:01:00:01:20:d8:0f:dc:a0:99:9b:00:0a:27 iaid = 0 valid for 7200 seconds
      Jul 11 19:31:20	dhcpd		Solicit message from fe80::1030:4604:3e13:4c17 port 546, transaction ID 0x16DBB800
      

      and this for the bad VLAN:

      Jul 11 19:31:40	dhcpd		Discarding Request from fe80::1030:4604:3e13:4c17; not our server identifier (CLIENTID 00:01:00:01:20:d8:0f:dc:a0:99:9b:00:0a:27, SERVERID 00:03:00:01:dc:a6:32:40:9b:9d, server DUID 00:01:00:01:26:9c:b2:01:00:0d:b9:56:8d:e1)
      Jul 11 19:31:40	dhcpd		Request message from fe80::1030:4604:3e13:4c17 port 546, transaction ID 0x8F696900
      Jul 11 19:31:39	dhcpd		Sending Advertise to fe80::1030:4604:3e13:4c17 port 546
      Jul 11 19:31:39	dhcpd		Advertise NA: address 2001:xxx:xxxx:40::d:88c0 to client with duid 00:01:00:01:20:d8:0f:dc:a0:99:9b:00:0a:27 iaid = 0 valid for 7200 seconds
      Jul 11 19:31:39	dhcpd		Picking pool address 2001:xxx:xxxxx:40::d:88c0
      Jul 11 19:31:39	dhcpd		Solicit message from fe80::1030:4604:3e13:4c17 port 546, transaction ID 0xA66C4B00
      

      Any idea?
      Thanks a lot,
      Franc

      JKnottJ 1 Reply Last reply Reply Quote 0
      • JKnottJ
        JKnott @franzli
        last edited by

        @franzli

        Any chance you have a TP-Link managed switch?

        PfSense running on Qotom mini PC
        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
        UniFi AC-Lite access point

        I haven't lost my mind. It's around here...somewhere...

        F 1 Reply Last reply Reply Quote 0
        • F
          franzli @JKnott
          last edited by

          @JKnott

          It’s a Cisco SG250. But the same behaviour happens via WiFi on the same VLANs

          JKnottJ 1 Reply Last reply Reply Quote 0
          • JKnottJ
            JKnott @franzli
            last edited by

            @franzli

            I have an SG200-08. Try packet capture on the VLANs to see what's happening with DHCP. It may offer some clues.

            PfSense running on Qotom mini PC
            i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
            UniFi AC-Lite access point

            I haven't lost my mind. It's around here...somewhere...

            1 Reply Last reply Reply Quote 0
            • F
              franzli
              last edited by

              It seems that I have found the issue...
              By analyzing the tcpdump, I have noticed that there was another ip that was answering to the request of the dhcp.
              The problem is that I didn't know what it was. It was in the ndp table of my computer, it was in the neighbour list of the switch.
              At the end it was a stupid raspberry that was advertising itself as router. Disconnected, everything works like a charm.
              Thanks for the help anyway. Case closed!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.