IPv6 Issues since upgrading
-
[2.7.0-RELEASE][admin@pfSense.localdomain]/root: ifconfig re0 re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: WAN options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE> ether 00:e0:4c:68:1b:b2 inet6 fe80::2e0:4cff:fe68:1bb2%re0 prefixlen 64 scopeid 0x1 inet 103.85.37.84 netmask 0xfffffc00 broadcast 103.85.39.255 media: Ethernet autoselect (1000baseT <full-duplex>) status: active nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL> [2.7.0-RELEASE][admin@pfSense.localdomain]/root:
The gateway IPv6 address does not appear to be valid for the re0 interface.
Can someone please explain what is happening here?
TIA
-
Check the routing tables, make sure there is a valid default route for IPv6. If not make sure the default gateway in System > Routing > Gateways is set to WAN_DHCP6.
It's valid to have only a linklocal address on WAN. If your ISP is passing only a prefix they can route that to you across the linklocal address. You must have a globally routable IPv6 address somewhere though.
-
I tried setting the default gateway under Gateways to both automatic and the WAN_DHCP6 both failed to route, I had to manually add a static GW or use the add route option to get the two I was working on to route.
-
And before that the routing table was showing no default IPv6 route?
Do the logs show a new route being passed when it connects?
-
I'll change the gateway back to the default one this evening and get you some answers, I can't change it back right now, since ipv6 is being used.
-
@stephenw10
I was able to catch some time while no one was using the system and test. Switching to WAN_DHCP6 after setting the static GW results in connectivity, however if the pfSense is rebooted with WAN_DHCP6 set as the default GW then a default route isn’t installed on reboot.
-
Ah, then I would check the dhcp and routing logs for errors when it first connects at boot. There is likely something preventing it adding the default route at that time.
-
@stephenw10
Going through the logs on boot the only errors I see are the following:Aug 1 11:42:39 dhcp6c 39378 failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory
Aug 1 11:42:39 dhcp6c 39378 failed initialize control message authentication
Aug 1 11:42:39 dhcp6c 39378 skip opening control port
Aug 1 11:42:40 dhcp6c 39448 Sending Solicit
Aug 1 11:42:40 dhcp6c 39448 transmit failed: Can't assign requested address
Aug 1 11:42:41 dhcp6c 39448 Sending Solicit
Aug 1 11:42:41 dhcp6c 39448 Sending Request
Aug 1 11:42:41 dhcp6c 39448 dhcp6c Received REQUESTThen for routing:
Aug 1 11:43:02 radvd 9387 version 2.19 started
Aug 1 11:43:02 radvd 9387 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:43:02 radvd 9387 warning: (/var/etc/radvd.conf:24) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:43:02 radvd 9387 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 11:43:02 radvd 9387 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:43:02 radvd 9387 warning: (/var/etc/radvd.conf:52) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:43:02 radvd 9387 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 11:43:02 radvd 9387 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:43:02 radvd 9387 warning: (/var/etc/radvd.conf:80) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:43:02 radvd 9387 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 11:43:02 radvd 9387 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:43:02 radvd 9387 warning: (/var/etc/radvd.conf:108) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:43:02 radvd 9387 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 11:44:11 radvd 9534 attempting to reread config file
Aug 1 11:44:11 radvd 9534 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:44:11 radvd 9534 warning: (/var/etc/radvd.conf:24) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:44:11 radvd 9534 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 11:44:11 radvd 9534 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:44:11 radvd 9534 warning: (/var/etc/radvd.conf:52) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:44:11 radvd 9534 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 11:44:11 radvd 9534 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:44:11 radvd 9534 warning: (/var/etc/radvd.conf:80) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:44:11 radvd 9534 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 11:44:11 radvd 9534 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:44:11 radvd 9534 warning: (/var/etc/radvd.conf:108) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 11:44:11 radvd 9534 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 11:44:11 radvd 9534 resuming normal operation -
Hmm, nothing jumps out there as a specific gateway/route error. How does that compare with when it creates the route correctly?
-
@stephenw10
Here is the logs for DHCP6C since ~31st, it was restarted this morning @7 due to a hypervisor (ProxMox ) update. IP6 GA's changed to X.Aug 1 07:20:00 dhcp6c 41130 failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory
Aug 1 07:20:00 dhcp6c 41130 failed initialize control message authentication
Aug 1 07:20:00 dhcp6c 41130 skip opening control port
Aug 1 07:20:01 dhcp6c 41404 Sending Solicit
Aug 1 07:20:01 dhcp6c 41404 transmit failed: Can't assign requested address
Aug 1 07:20:02 dhcp6c 41404 Sending Solicit
Aug 1 07:20:02 dhcp6c 41404 Sending Request
Aug 1 07:20:02 dhcp6c 41404 dhcp6c Received REQUEST
Aug 1 07:20:02 dhcp6c 41404 add an address X on vtnet2
Aug 1 07:20:02 dhcp6c 41404 add an address X on vtnet0.6
Aug 1 07:20:02 dhcp6c 41404 add an address X on vtnet0.4
Aug 1 07:20:02 dhcp6c 41404 add an address X on vtnet0.5
Aug 1 11:42:39 dhcp6c 39378 failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory
Aug 1 11:42:39 dhcp6c 39378 failed initialize control message authentication
Aug 1 11:42:39 dhcp6c 39378 skip opening control port
Aug 1 11:42:40 dhcp6c 39448 Sending Solicit
Aug 1 11:42:40 dhcp6c 39448 transmit failed: Can't assign requested address
Aug 1 11:42:41 dhcp6c 39448 Sending Solicit
Aug 1 11:42:41 dhcp6c 39448 Sending Request
Aug 1 11:42:41 dhcp6c 39448 dhcp6c Received REQUEST
Aug 1 11:42:41 dhcp6c 39448 add an address X on vtnet2
Aug 1 11:42:41 dhcp6c 39448 add an address X on vtnet0.6
Aug 1 11:42:41 dhcp6c 39448 add an address X on vtnet0.4
Aug 1 11:42:41 dhcp6c 39448 add an address X on vtnet0.5The routing logs look pretty much identical:
Aug 1 07:20:25 radvd 66853 version 2.19 started
Aug 1 07:20:25 radvd 66853 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:20:25 radvd 66853 warning: (/var/etc/radvd.conf:24) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:20:25 radvd 66853 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 07:20:25 radvd 66853 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:20:25 radvd 66853 warning: (/var/etc/radvd.conf:52) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:20:25 radvd 66853 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 07:20:25 radvd 66853 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:20:25 radvd 66853 warning: (/var/etc/radvd.conf:80) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:20:25 radvd 66853 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 07:20:25 radvd 66853 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:20:25 radvd 66853 warning: (/var/etc/radvd.conf:108) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:20:25 radvd 66853 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 07:21:22 radvd 66861 attempting to reread config file
Aug 1 07:21:22 radvd 66861 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:21:22 radvd 66861 warning: (/var/etc/radvd.conf:24) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:21:22 radvd 66861 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 07:21:22 radvd 66861 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:21:22 radvd 66861 warning: (/var/etc/radvd.conf:52) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:21:22 radvd 66861 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 07:21:22 radvd 66861 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:21:22 radvd 66861 warning: (/var/etc/radvd.conf:80) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:21:22 radvd 66861 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 07:21:22 radvd 66861 warning: AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:21:22 radvd 66861 warning: (/var/etc/radvd.conf:108) AdvRDNSSLifetime <= 2MaxRtrAdvInterval would allow stale DNS servers to be deleted faster
Aug 1 07:21:22 radvd 66861 warning: AdvDNSSLLifetime <= 2MaxRtrAdvInterval would allow stale DNS suffixes to be deleted faster
Aug 1 07:21:22 radvd 66861 resuming normal operation -
Enable 'DHCP6 Debug' in System > Advanced > Networking. Check again.
-
@stephenw10
Aug 1 12:45:28 dhcp6c 41581 extracted an existing DUID from /var/db/dhcp6c_duid: 00:01:00:01:2b:b0:e9:8d:66:9f:b4:58:90:62
Aug 1 12:45:28 dhcp6c 41581 failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory
Aug 1 12:45:28 dhcp6c 41581 failed initialize control message authentication
Aug 1 12:45:28 dhcp6c 41581 skip opening control port
Aug 1 12:45:28 dhcp6c 41581 <3>[interface] (9)
Aug 1 12:45:28 dhcp6c 41581 <5>[vtnet1] (6)
Aug 1 12:45:28 dhcp6c 41581 <3>begin of closure [{] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[send] (4)
Aug 1 12:45:28 dhcp6c 41581 <3>[ia-na] (5)
Aug 1 12:45:28 dhcp6c 41581 <3>[0] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>comment [# request stateful address] (26)
Aug 1 12:45:28 dhcp6c 41581 <3>[send] (4)
Aug 1 12:45:28 dhcp6c 41581 <3>[ia-pd] (5)
Aug 1 12:45:28 dhcp6c 41581 <3>[0] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>comment [# request prefix delegation] (27)
Aug 1 12:45:28 dhcp6c 41581 <3>[request] (7)
Aug 1 12:45:28 dhcp6c 41581 <3>[domain-name-servers] (19)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[request] (7)
Aug 1 12:45:28 dhcp6c 41581 <3>[domain-name] (11)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[script] (6)
Aug 1 12:45:28 dhcp6c 41581 <3>["/var/etc/dhcp6c_wan_script.sh"] (31)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>comment [# we'd like some nameservers please] (35)
Aug 1 12:45:28 dhcp6c 41581 <3>end of closure [}] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[id-assoc] (8)
Aug 1 12:45:28 dhcp6c 41581 <13>[na] (2)
Aug 1 12:45:28 dhcp6c 41581 <13>[0] (1)
Aug 1 12:45:28 dhcp6c 41581 <13>begin of closure [{] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of closure [}] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[id-assoc] (8)
Aug 1 12:45:28 dhcp6c 41581 <13>[pd] (2)
Aug 1 12:45:28 dhcp6c 41581 <13>[0] (1)
Aug 1 12:45:28 dhcp6c 41581 <13>begin of closure [{] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[prefix] (6)
Aug 1 12:45:28 dhcp6c 41581 <3>[::] (2)
Aug 1 12:45:28 dhcp6c 41581 <3>[/] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[58] (2)
Aug 1 12:45:28 dhcp6c 41581 <3>[infinity] (8)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[prefix-interface] (16)
Aug 1 12:45:28 dhcp6c 41581 <5>[vtnet2] (6)
Aug 1 12:45:28 dhcp6c 41581 <3>begin of closure [{] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[sla-id] (6)
Aug 1 12:45:28 dhcp6c 41581 <3>[3] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[sla-len] (7)
Aug 1 12:45:28 dhcp6c 41581 <3>[6] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of closure [}] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[prefix-interface] (16)
Aug 1 12:45:28 dhcp6c 41581 <5>[vtnet0.6] (8)
Aug 1 12:45:28 dhcp6c 41581 <3>begin of closure [{] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[sla-id] (6)
Aug 1 12:45:28 dhcp6c 41581 <3>[0] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[sla-len] (7)
Aug 1 12:45:28 dhcp6c 41581 <3>[6] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of closure [}] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[prefix-interface] (16)
Aug 1 12:45:28 dhcp6c 41581 <5>[vtnet0.4] (8)
Aug 1 12:45:28 dhcp6c 41581 <3>begin of closure [{] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[sla-id] (6)
Aug 1 12:45:28 dhcp6c 41581 <3>[2] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[sla-len] (7)
Aug 1 12:45:28 dhcp6c 41581 <3>[6] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of closure [}] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[prefix-interface] (16)
Aug 1 12:45:28 dhcp6c 41581 <5>[vtnet0.5] (8)
Aug 1 12:45:28 dhcp6c 41581 <3>begin of closure [{] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[sla-id] (6)
Aug 1 12:45:28 dhcp6c 41581 <3>[1] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>[sla-len] (7)
Aug 1 12:45:28 dhcp6c 41581 <3>[6] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of closure [}] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of closure [}] (1)
Aug 1 12:45:28 dhcp6c 41581 <3>end of sentence [;] (1)
Aug 1 12:45:28 dhcp6c 41581 called
Aug 1 12:45:28 dhcp6c 41581 called
Aug 1 12:45:28 dhcp6c 41725 reset a timer on vtnet1, state=INIT, timeo=0, retrans=891
Aug 1 12:45:29 dhcp6c 41725 Sending Solicit
Aug 1 12:45:29 dhcp6c 41725 a new XID (9f67a2) is generated
Aug 1 12:45:29 dhcp6c 41725 set client ID (len 14)
Aug 1 12:45:29 dhcp6c 41725 set identity association
Aug 1 12:45:29 dhcp6c 41725 set elapsed time (len 2)
Aug 1 12:45:29 dhcp6c 41725 set option request (len 4)
Aug 1 12:45:29 dhcp6c 41725 set IA_PD prefix
Aug 1 12:45:29 dhcp6c 41725 set IA_PD
Aug 1 12:45:29 dhcp6c 41725 transmit failed: Can't assign requested address
Aug 1 12:45:29 dhcp6c 41725 reset a timer on vtnet1, state=SOLICIT, timeo=0, retrans=1091
Aug 1 12:45:30 dhcp6c 41725 Sending Solicit
Aug 1 12:45:30 dhcp6c 41725 set client ID (len 14)
Aug 1 12:45:30 dhcp6c 41725 set identity association
Aug 1 12:45:30 dhcp6c 41725 set elapsed time (len 2)
Aug 1 12:45:30 dhcp6c 41725 set option request (len 4)
Aug 1 12:45:30 dhcp6c 41725 set IA_PD prefix
Aug 1 12:45:30 dhcp6c 41725 set IA_PD
Aug 1 12:45:30 dhcp6c 41725 send solicit to ff02::1:2%vtnet1
Aug 1 12:45:30 dhcp6c 41725 reset a timer on vtnet1, state=SOLICIT, timeo=1, retrans=2083
Aug 1 12:45:30 dhcp6c 41725 receive advertise from fe80::2ec8:1bff:fe03:9b13%vtnet1 on vtnet1
Aug 1 12:45:30 dhcp6c 41725 get DHCP option client ID, len 14
Aug 1 12:45:30 dhcp6c 41725 DUID: 00:01:00:01:2b:b0:e9:8d:66:9f:b4:58:90:62
Aug 1 12:45:30 dhcp6c 41725 get DHCP option server ID, len 10
Aug 1 12:45:30 dhcp6c 41725 DUID: 00:03:00:01:2c:c8:1b:03:9b:13
Aug 1 12:45:30 dhcp6c 41725 get DHCP option preference, len 1
Aug 1 12:45:30 dhcp6c 41725 preference: 255
Aug 1 12:45:30 dhcp6c 41725 get DHCP option IA_PD, len 41
Aug 1 12:45:30 dhcp6c 41725 IA_PD: ID=0, T1=43200, T2=69120
Aug 1 12:45:30 dhcp6c 41725 get DHCP option IA_PD prefix, len 25
Aug 1 12:45:30 dhcp6c 41725 IA_PD prefix: X::/58 pltime=77760 vltime=86400
Aug 1 12:45:30 dhcp6c 41725 server ID: 00:03:00:01:2c:c8:1b:03:9b:13, pref=255
Aug 1 12:45:30 dhcp6c 41725 Sending Request
Aug 1 12:45:30 dhcp6c 41725 a new XID (40660d) is generated
Aug 1 12:45:30 dhcp6c 41725 set client ID (len 14)
Aug 1 12:45:30 dhcp6c 41725 set server ID (len 10)
Aug 1 12:45:30 dhcp6c 41725 set elapsed time (len 2)
Aug 1 12:45:30 dhcp6c 41725 set option request (len 4)
Aug 1 12:45:30 dhcp6c 41725 set IA_PD prefix
Aug 1 12:45:30 dhcp6c 41725 set IA_PD
Aug 1 12:45:30 dhcp6c 41725 send request to ff02::1:2%vtnet1
Aug 1 12:45:30 dhcp6c 41725 reset a timer on vtnet1, state=REQUEST, timeo=0, retrans=911
Aug 1 12:45:30 dhcp6c 41725 receive reply from fe80::2ec8:1bff:fe03:9b13%vtnet1 on vtnet1
Aug 1 12:45:30 dhcp6c 41725 get DHCP option client ID, len 14
Aug 1 12:45:30 dhcp6c 41725 DUID: 00:01:00:01:2b:b0:e9:8d:66:9f:b4:58:90:62
Aug 1 12:45:30 dhcp6c 41725 get DHCP option server ID, len 10
Aug 1 12:45:30 dhcp6c 41725 DUID: 00:03:00:01:2c:c8:1b:03:9b:13
Aug 1 12:45:30 dhcp6c 41725 get DHCP option IA_PD, len 41
Aug 1 12:45:30 dhcp6c 41725 IA_PD: ID=0, T1=43200, T2=69120
Aug 1 12:45:30 dhcp6c 41725 get DHCP option IA_PD prefix, len 25
Aug 1 12:45:30 dhcp6c 41725 IA_PD prefix: X::/58 pltime=77760 vltime=86400
Aug 1 12:45:30 dhcp6c 41725 dhcp6c Received REQUEST
Aug 1 12:45:30 dhcp6c 41725 make an IA: PD-0
Aug 1 12:45:30 dhcp6c 41725 create a prefix X::/58 pltime=77760, vltime=86400
Aug 1 12:45:30 dhcp6c 41725 add an address X on vtnet2
Aug 1 12:45:30 dhcp6c 41725 add an address X on vtnet0.6
Aug 1 12:45:30 dhcp6c 41725 add an address X on vtnet0.4
Aug 1 12:45:30 dhcp6c 41725 add an address X on vtnet0.5
Aug 1 12:45:30 dhcp6c 41725 executes /var/etc/dhcp6c_wan_script.sh
Aug 1 12:45:30 dhcp6c 68926 dhcp6c RELEASE, REQUEST or EXIT on vtnet1 running rc.newwanipv6
Aug 1 12:45:30 dhcp6c 41725 script "/var/etc/dhcp6c_wan_script.sh" terminated
Aug 1 12:45:30 dhcp6c 41725 removing an event on vtnet1, state=REQUEST
Aug 1 12:45:30 dhcp6c 41725 removing server (ID: 00:03:00:01:2c:c8:1b:03:9b:13)
Aug 1 12:45:30 dhcp6c 41725 got an expected reply, sleeping. -
That looks like the successful case. What does it show when it fails?
-
@stephenw10
It failed, I have no IPV6 default route. -
@jordanp123 said in IPv6 Issues since upgrading:
Aug 1 12:45:30 dhcp6c 41725 receive reply from fe80::2ec8:1bff:fe03:9b13%vtnet1 on vtnet1
Hmm, yet it is adding addresses and knows what the gateway is....
How does that compare with the successful case?
-
@stephenw10
With the manually added static GW.Aug 1 13:56:50 dhcp6c 39855 extracted an existing DUID from /var/db/dhcp6c_duid: 00:01:00:01:2b:b0:e9:8d:66:9f:b4:58:90:62
Aug 1 13:56:50 dhcp6c 39855 failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory
Aug 1 13:56:50 dhcp6c 39855 failed initialize control message authentication
Aug 1 13:56:50 dhcp6c 39855 skip opening control port
Aug 1 13:56:50 dhcp6c 39855 <3>[interface] (9)
Aug 1 13:56:50 dhcp6c 39855 <5>[vtnet1] (6)
Aug 1 13:56:50 dhcp6c 39855 <3>begin of closure [{] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[send] (4)
Aug 1 13:56:50 dhcp6c 39855 <3>[ia-na] (5)
Aug 1 13:56:50 dhcp6c 39855 <3>[0] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>comment [# request stateful address] (26)
Aug 1 13:56:50 dhcp6c 39855 <3>[send] (4)
Aug 1 13:56:50 dhcp6c 39855 <3>[ia-pd] (5)
Aug 1 13:56:50 dhcp6c 39855 <3>[0] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>comment [# request prefix delegation] (27)
Aug 1 13:56:50 dhcp6c 39855 <3>[request] (7)
Aug 1 13:56:50 dhcp6c 39855 <3>[domain-name-servers] (19)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[request] (7)
Aug 1 13:56:50 dhcp6c 39855 <3>[domain-name] (11)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[script] (6)
Aug 1 13:56:50 dhcp6c 39855 <3>["/var/etc/dhcp6c_wan_script.sh"] (31)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>comment [# we'd like some nameservers please] (35)
Aug 1 13:56:50 dhcp6c 39855 <3>end of closure [}] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[id-assoc] (8)
Aug 1 13:56:50 dhcp6c 39855 <13>[na] (2)
Aug 1 13:56:50 dhcp6c 39855 <13>[0] (1)
Aug 1 13:56:50 dhcp6c 39855 <13>begin of closure [{] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of closure [}] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[id-assoc] (8)
Aug 1 13:56:50 dhcp6c 39855 <13>[pd] (2)
Aug 1 13:56:50 dhcp6c 39855 <13>[0] (1)
Aug 1 13:56:50 dhcp6c 39855 <13>begin of closure [{] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[prefix] (6)
Aug 1 13:56:50 dhcp6c 39855 <3>[::] (2)
Aug 1 13:56:50 dhcp6c 39855 <3>[/] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[58] (2)
Aug 1 13:56:50 dhcp6c 39855 <3>[infinity] (8)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[prefix-interface] (16)
Aug 1 13:56:50 dhcp6c 39855 <5>[vtnet2] (6)
Aug 1 13:56:50 dhcp6c 39855 <3>begin of closure [{] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[sla-id] (6)
Aug 1 13:56:50 dhcp6c 39855 <3>[3] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[sla-len] (7)
Aug 1 13:56:50 dhcp6c 39855 <3>[6] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of closure [}] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[prefix-interface] (16)
Aug 1 13:56:50 dhcp6c 39855 <5>[vtnet0.6] (8)
Aug 1 13:56:50 dhcp6c 39855 <3>begin of closure [{] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[sla-id] (6)
Aug 1 13:56:50 dhcp6c 39855 <3>[0] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[sla-len] (7)
Aug 1 13:56:50 dhcp6c 39855 <3>[6] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of closure [}] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[prefix-interface] (16)
Aug 1 13:56:50 dhcp6c 39855 <5>[vtnet0.4] (8)
Aug 1 13:56:50 dhcp6c 39855 <3>begin of closure [{] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[sla-id] (6)
Aug 1 13:56:50 dhcp6c 39855 <3>[2] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[sla-len] (7)
Aug 1 13:56:50 dhcp6c 39855 <3>[6] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of closure [}] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[prefix-interface] (16)
Aug 1 13:56:50 dhcp6c 39855 <5>[vtnet0.5] (8)
Aug 1 13:56:50 dhcp6c 39855 <3>begin of closure [{] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[sla-id] (6)
Aug 1 13:56:50 dhcp6c 39855 <3>[1] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>[sla-len] (7)
Aug 1 13:56:50 dhcp6c 39855 <3>[6] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of closure [}] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of closure [}] (1)
Aug 1 13:56:50 dhcp6c 39855 <3>end of sentence [;] (1)
Aug 1 13:56:50 dhcp6c 39855 called
Aug 1 13:56:50 dhcp6c 39855 called
Aug 1 13:56:50 dhcp6c 39971 reset a timer on vtnet1, state=INIT, timeo=0, retrans=891
Aug 1 13:56:51 dhcp6c 39971 Sending Solicit
Aug 1 13:56:51 dhcp6c 39971 a new XID (c9bf81) is generated
Aug 1 13:56:51 dhcp6c 39971 set client ID (len 14)
Aug 1 13:56:51 dhcp6c 39971 set identity association
Aug 1 13:56:51 dhcp6c 39971 set elapsed time (len 2)
Aug 1 13:56:51 dhcp6c 39971 set option request (len 4)
Aug 1 13:56:51 dhcp6c 39971 set IA_PD prefix
Aug 1 13:56:51 dhcp6c 39971 set IA_PD
Aug 1 13:56:51 dhcp6c 39971 transmit failed: Can't assign requested address
Aug 1 13:56:51 dhcp6c 39971 reset a timer on vtnet1, state=SOLICIT, timeo=0, retrans=1091
Aug 1 13:56:52 dhcp6c 39971 Sending Solicit
Aug 1 13:56:52 dhcp6c 39971 set client ID (len 14)
Aug 1 13:56:52 dhcp6c 39971 set identity association
Aug 1 13:56:52 dhcp6c 39971 set elapsed time (len 2)
Aug 1 13:56:52 dhcp6c 39971 set option request (len 4)
Aug 1 13:56:52 dhcp6c 39971 set IA_PD prefix
Aug 1 13:56:52 dhcp6c 39971 set IA_PD
Aug 1 13:56:52 dhcp6c 39971 send solicit to ff02::1:2%vtnet1
Aug 1 13:56:52 dhcp6c 39971 reset a timer on vtnet1, state=SOLICIT, timeo=1, retrans=2083
Aug 1 13:56:52 dhcp6c 39971 receive advertise from fe80::2ec8:1bff:fe03:9b13%vtnet1 on vtnet1
Aug 1 13:56:52 dhcp6c 39971 get DHCP option client ID, len 14
Aug 1 13:56:52 dhcp6c 39971 DUID: 00:01:00:01:2b:b0:e9:8d:66:9f:b4:58:90:62
Aug 1 13:56:52 dhcp6c 39971 get DHCP option server ID, len 10
Aug 1 13:56:52 dhcp6c 39971 DUID: 00:03:00:01:2c:c8:1b:03:9b:13
Aug 1 13:56:52 dhcp6c 39971 get DHCP option preference, len 1
Aug 1 13:56:52 dhcp6c 39971 preference: 255
Aug 1 13:56:52 dhcp6c 39971 get DHCP option IA_PD, len 41
Aug 1 13:56:52 dhcp6c 39971 IA_PD: ID=0, T1=43200, T2=69120
Aug 1 13:56:52 dhcp6c 39971 get DHCP option IA_PD prefix, len 25
Aug 1 13:56:52 dhcp6c 39971 IA_PD prefix: X::/58 pltime=77760 vltime=86400
Aug 1 13:56:52 dhcp6c 39971 server ID: 00:03:00:01:2c:c8:1b:03:9b:13, pref=255
Aug 1 13:56:52 dhcp6c 39971 Sending Request
Aug 1 13:56:52 dhcp6c 39971 a new XID (5ae09e) is generated
Aug 1 13:56:52 dhcp6c 39971 set client ID (len 14)
Aug 1 13:56:52 dhcp6c 39971 set server ID (len 10)
Aug 1 13:56:52 dhcp6c 39971 set elapsed time (len 2)
Aug 1 13:56:52 dhcp6c 39971 set option request (len 4)
Aug 1 13:56:52 dhcp6c 39971 set IA_PD prefix
Aug 1 13:56:52 dhcp6c 39971 set IA_PD
Aug 1 13:56:52 dhcp6c 39971 send request to ff02::1:2%vtnet1
Aug 1 13:56:52 dhcp6c 39971 reset a timer on vtnet1, state=REQUEST, timeo=0, retrans=911
Aug 1 13:56:52 dhcp6c 39971 receive reply from fe80::2ec8:1bff:fe03:9b13%vtnet1 on vtnet1
Aug 1 13:56:52 dhcp6c 39971 get DHCP option client ID, len 14
Aug 1 13:56:52 dhcp6c 39971 DUID: 00:01:00:01:2b:b0:e9:8d:66:9f:b4:58:90:62
Aug 1 13:56:52 dhcp6c 39971 get DHCP option server ID, len 10
Aug 1 13:56:52 dhcp6c 39971 DUID: 00:03:00:01:2c:c8:1b:03:9b:13
Aug 1 13:56:52 dhcp6c 39971 get DHCP option IA_PD, len 41
Aug 1 13:56:52 dhcp6c 39971 IA_PD: ID=0, T1=43200, T2=69120
Aug 1 13:56:52 dhcp6c 39971 get DHCP option IA_PD prefix, len 25
Aug 1 13:56:52 dhcp6c 39971 IA_PD prefix: X::/58 pltime=77760 vltime=86400
Aug 1 13:56:52 dhcp6c 39971 dhcp6c Received REQUEST
Aug 1 13:56:52 dhcp6c 39971 make an IA: PD-0
Aug 1 13:56:52 dhcp6c 39971 create a prefix X::/58 pltime=77760, vltime=86400
Aug 1 13:56:52 dhcp6c 39971 add an address X/64 on vtnet2
Aug 1 13:56:52 dhcp6c 39971 add an address X/64 on vtnet0.6
Aug 1 13:56:52 dhcp6c 39971 add an address X/64 on vtnet0.4
Aug 1 13:56:52 dhcp6c 39971 add an address X/64 on vtnet0.5
Aug 1 13:56:52 dhcp6c 39971 executes /var/etc/dhcp6c_wan_script.sh
Aug 1 13:56:52 dhcp6c 48503 dhcp6c RELEASE, REQUEST or EXIT on vtnet1 running rc.newwanipv6
Aug 1 13:56:52 dhcp6c 39971 script "/var/etc/dhcp6c_wan_script.sh" terminated
Aug 1 13:56:52 dhcp6c 39971 removing an event on vtnet1, state=REQUEST
Aug 1 13:56:52 dhcp6c 39971 removing server (ID: 00:03:00:01:2c:c8:1b:03:9b:13)
Aug 1 13:56:52 dhcp6c 39971 got an expected reply, sleeping. -
@stephenw10 said in IPv6 Issues since upgrading:
You must have a globally routable IPv6 address somewhere though.
Yes, I can understand that and I can ping IPv6 addresses from pfSense but not from any of the LAN clients. The LAN clients to have IPv6 addresses. I enabled "Do not wait for RA" in the WAN DHCP6 Options and this is how my system looks now.
[2.7.0-RELEASE][admin@pfSense.localdomain]/root: ifconfig re0 re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: WAN options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE> ether 00:e0:4c:68:1b:b2 inet6 fe80::2e0:4cff:fe68:1bb2%re0 prefixlen 64 scopeid 0x1 inet6 2402:7940:f000:200::111 prefixlen 128 inet 103.85.37.84 netmask 0xfffffc00 broadcast 103.85.39.255 media: Ethernet autoselect (1000baseT <full-duplex>) status: active nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL> [2.7.0-RELEASE][admin@pfSense.localdomain]/root:
The IPv6 gateway address shown for the WAN gateway in the GUI does not appear in the ifconfig results. Surely something is wrong here.
-
The gateway would be in the routing table not the ifconfig output. The only time you'd see it there is if it's a point to point connection like ovpn or ppp.
Can you ping out from pfSense's LAN side IPv6 address? If you can but not from clients it's probably a missing firewall rule. If not it's probably a missing route.
-
@stephenw10 said in IPv6 Issues since upgrading:
The gateway would be in the routing table not the ifconfig output.
OK, that makes sense. Here's the netstat output:
[2.7.0-RELEASE][admin@pfSense.localdomain]/root: netstat -rn Routing tables Internet: Destination Gateway Flags Netif Expire default 103.85.36.1 UGS re0 1.1.1.1 103.85.36.1 UGHS re0 10.0.8.0/24 link#7 U ovpns2 10.0.8.1 link#4 UHS lo0 10.10.10.1 link#4 UH lo0 103.85.36.0/22 link#1 U re0 103.85.36.1 link#1 UHS re0 103.85.37.84 link#4 UHS lo0 127.0.0.1 link#4 UH lo0 192.168.10.0/24 link#2 U re1 192.168.10.1 link#4 UHS lo0 Internet6: Destination Gateway Flags Netif Expire default fe80::9a49:25ff:fe0c:6d8b%re0 UGS re0 ::1 link#4 UHS lo0 2001:4860:4860::8888 fe80::9a49:25ff:fe0c:6d8b%re0 UGHS re0 2402:7940:f000:200::111 link#4 UHS lo0 2402:7940:f021:2900::/56 link#2 U re1 2402:7940:f021:2900:2e0:4cff:fe68:1bb3 link#4 UHS lo0 fe80::%re0/64 link#1 U re0 fe80::2e0:4cff:fe68:1bb2%lo0 link#4 UHS lo0 fe80::%re1/64 link#2 U re1 fe80::1:1%lo0 link#4 UHS lo0 fe80::2e0:4cff:fe68:1bb3%lo0 link#4 UHS lo0 fe80::%lo0/64 link#4 U lo0 fe80::1%lo0 link#4 UHS lo0 fe80::%ovpns2/64 link#7 U ovpns2 fe80::2e0:4cff:fe68:1bb2%lo0 link#4 UHS lo0 [2.7.0-RELEASE][admin@pfSense.localdomain]/root:
@stephenw10 said in IPv6 Issues since upgrading:
Can you ping out from pfSense's LAN side IPv6 address?
Not sure what you mean here. If I log into pfSense via SSH I get replies with "ping -6 google.com"However I cannot ping from any LAN Clients that do have IPv6 addresses. Any ideas appreciated.
-
But can you ping out from pfSense using the LAN address as source?
It could be whatever is upstream from pfSense does not have route for that /56 it's passing.