IPv6 Monitoring stuck on pending
-
@gregeeh said in IPv6 Monitoring stuck on pending:
I obviously did not always have a link-local address
Just to correct your wording here a bit, you would always have a link-local, always.. But you might not always have a gua address.
Its possible your gua went away for some reason? Did you check that setting I posted about not asking for one?
But seems like what @stephenw10 is saying, is if the wan doesn't get a gua, that it should use an IP out of the lan side prefix as the source when dpinger wants to talk to the monitor IP if that is a gua..
-
@johnpoz said in IPv6 Monitoring stuck on pending:
You don't happen to have this checked do you?
-
Try adding a :1 to the end of your monitor IP.. I have to do that for a couple of my customers including my setup here..
2001:4860:4860::8844:1
-
@chpalmer said in IPv6 Monitoring stuck on pending:
2001:4860:4860::8844:1
that is not the correct address for google dns, nor would it answer ping.. Nor would it matter if he has no gua to talk to it with.
-
@johnpoz said in IPv6 Monitoring stuck on pending:
But seems like what @stephenw10 is saying, is if the wan doesn't get a gua, that it should use an IP out of the lan side prefix as the source when dpinger wants to talk to the monitor IP if that is a gua..
Only being a mere learner when it comes to networking issues, is there a way of of testing this?
-
@johnpoz said in IPv6 Monitoring stuck on pending:
that is not the correct address for google dns, nor would it answer ping.. Nor would it matter if he has no gua to talk to it with.
Yeah.. quick draw here.. I assumed it was the gateway address.
-
@johnpoz said in IPv6 Monitoring stuck on pending:
But seems like what @stephenw10 is saying, is if the wan doesn't get a gua, that it should use an IP out of the lan side prefix as the source when dpinger wants to talk to the monitor IP if that is a gua..
Ah, no that's not what I'm saying.
pfSense will use a GUA address from some other interface for most traffic, pkg checks etc.
It specifically will not use it for dpinger though. dpinger always uses the interface address so that it get's forced via the correct gateway by route-to. So it fails to anything beyond the segment with link-local only on the WAN.
-
@stephenw10 thanks for the clarification.. But just curious why would it grab an IP from say lan to check for updates when it could just use the wans IPv4 address?
Maybe this needs a bit of a note in the docs? Or maybe a warning vs just "pending" about no gua to use to check the gua monitoring IP? Prob a note where you set the other monitoring IPs about needing a gua to check gua based monitor IP?
-
@gregeeh said in IPv6 Monitoring stuck on pending:
is there a way of of testing this?
Testing what? that you can't talk to gua from a link-local fe80 address? Or that you adding that :1 on the end isn't a live IP that doesn't answer ping or dns? ;)
link-local is for the local network only, they do not route.. So no there is no way to talk to a gua from a link-local out to the internet.. If the gui is on the same network then yeah ok might be able to do it.. But from a sane networking point of view it shouldn't
-
@johnpoz said in IPv6 Monitoring stuck on pending:
why would it grab an IP from say lan to check for updates when it could just use the wans IPv4 address?
It could. It will prefer IPv6 though if it has a IPv6 route it can use. If you set 'prefer IPv4' it will use that.
-
@Bob-Dig said in IPv6 Monitoring stuck on pending:
Do you have another IPv6 Gateway? Diagnostics is using this if WAN6 is not up.
Missed this one. Not having IPv6 on WAN is not that common around here but in other places it seems to be.
-
@Bob-Dig - No, only one IPv6 Gateway on WAN