Why are the default RA intervals and lifetime values so low?
-
In pfSense, these are the default router values:
Minimum RA interval: 5
Maximum RA interval: 20
Router lifetime: 60However, when I look at documentation for other routers, they use much larger values.
Sophos:
Minimum RA interval: 198
Maximum RA interval: 600
Router lifetime: 1800HPE:
Minimum RA interval: 200
Maximum RA interval: 600
Router lifetime: 1800Microtik:
Minimum RA interval: 200
Maximum RA interval: 600
Router lifetime: 1800The issue I have in my environment, is that when I enable IPV6 on my VLAN that has my Peloton bike (that uses an Android tablet), the bike will constantly disconnect from wireless every 10 seconds to 16 minutes. I can't get through a ride, and if I look at the connectivity stats for the bike in my Unifi alerts, it's contstantly going up and down. See this screenshot:
If I disabled IPV6 on that interface, the problem goes away and the bike stays connected. However, that's not a "fix." So I decided to play around with my RA values, and it appears related to the router lifetime value. With the default value of 60, the bike won't stay connected to the network, but with a new value of 1800, all the disconnect/connect issues go away and the bike stays connected to my network.
So from what I can tell, I fixed my issue. However, I generally don't like changing default values, especially, like in this case, I don't fully understand what these values are and what downsides I'll run into by increasing these values.
The Netgate team must have chosen the current default values for a reason, so can anyone explain what that reason is? And why are the values pfSense defaults to so much lower then then the defaults other venders seem to be using (which they seem to agree on for the most part)?
-
Not sure why the defaults are so low... maybe someone from pfSense can give a bit of insight on that.
As a test, I increased the values for my primary LAN...
- Minimum RA interval: 120 seconds (2 minutes)
- Maximum RA interval: 360 seconds (6 minutes)
- Router lifetime: 1080 seconds (18 minutes)
I've not observed any negative issues yet as a result of the change.
I think the issue is that if you make changes to your network, or have a dynamic prefix that could potentially change at any time, having lower values will allow things to adjust quicker if a change needs to be made. If you have static IPv6, or your dynamic prefix doesn't change frequently, having a longer interval can certainly be done without a negative impact.
I think the numbers I've chosen are a nice compromise between the short pfSense default and the longer values used by other device manufacturers.
-
@offstageroller The following may be related? https://redmine.pfsense.org/issues/12173
-
@anthonys said in Why are the default RA intervals and lifetime values so low?:
@offstageroller The following may be related? https://redmine.pfsense.org/issues/12173
That issue, and an earlier one linked in that one, are both related to the lifetimes of the DNS settings that radvd can provide through RDNSS and DNSSL. Those bugs don't have anything to do with the actual RA lifetime settings themselves.
-
@offstageroller said in Why are the default RA intervals and lifetime values so low?:
In pfSense, these are the default router values:
Minimum RA interval: 5
Maximum RA interval: 20
Router lifetime: 60However, when I look at documentation for other routers, they use much larger values.
Please create a bugreport:
https://docs.netgate.com/pfsense/en/latest/development/bug-reports.html -
I created a redmine ticket for this here:
https://redmine.pfsense.org/issues/12280
