IPv6 testing
-
do note though that I'm using the IPv6 RC1 image from Databeestje which is IPv6 aware "out of the box".
Sorry I didn't pick that up. Maybe something in the "config import" is not fully IPv6 aware. Where does this backup config file come from? Maybe pfSense thinks it need to do a version conversion on import and that is not fully IPv6 aware.
Have you tried copying your backup config file directly to /cf/conf/config.xml (not a restore through web GUI) and rebooting?
-
Can I assume the problems are caused by my NIC?
Its possible but not certain. The NIC driver (nge) might just be the place where a far earlier "corruption" manifested.
If you have this happen again please type bt at the db> prompt. This will cause the kernel debugger to display a stack trace which will provide at least a little more information about what was going on in the system leading up to the trap.
-
When I restore my config I get an error during boot time that my config is from a newer version and I should urgently upgrade.
Please post the first three lines from the configuration file you are restoring. This should show the version number. For example, on my system:
more /cf/conf/config.xml
<pfsense><version>7.9</version></pfsense>
Are you certain the configuration file you are restoring contains IPv6 information? Have you searched it for ipaddrv6 tags (for example)?
-
Thanks for your help wallabybob. The first lines of my saved config file also show version 7.9 here. I'm restoring my backup from an earlier made config file when all was still working fine on the same system. The XML does show several ipaddrv6 XML nodes. I'll type the bt command next time I catch it being stuck. Currently it just spontaneously seems to reboot every approxemately 20 minutes instead of getting stuck at that screen.
-
It seems like I'm having a clear moment today after some time. I must apologize to you guys. I believe I have found the cause of the IPv6 settings being gone after a gitsync and I must admit you guys were right all along. Amazing how often I have been reading and checking the gitsync URL and each and every time did not notice the mainline at the end of the URL :-[ I just gitsynced using the right pfSense-smos.git master branch and the IPv6 settings are still there ;D
The clear moment today also brought up in my mind that about two weeks ago I have added the BandwidthD package to my pfSense box which is causing the problems. I kind of get the impression that it crashes when large amounts of data are transfered so 1 + 1 might be two in this case and I removed BandwidthD. Let's see if this solves the mistery.
Sorry again for being so ignorant :-\
As for the last IPv6 smos gitsync, I notice there's an option Operating Mode on the DHCPv6 page. @Databeestje, care to explain its functionality in short?
-
On system_services_dhcpv6.php there is a javascript message that should disable all dhcp fields when disabling DHCP or when it's set to "unmanaged". I failed to get this javascript check working. Perhaps you can have a look @Koen.
@Databeestje, I also had a look at the JavaScript rightaway now I got the latest version working again. Easy one. Update the JavaScript method to:
function enable_change(disableFields) {
document.iform.range_from.disabled = disableFields;
document.iform.range_to.disabled = disableFields;
document.iform.dns1.disabled = disableFields;
document.iform.dns2.disabled =disableFields;
document.iform.deftime.disabled = disableFields;
document.iform.maxtime.disabled = disableFields;
document.iform.gateway.disabled = disableFields;
document.iform.failover_peerip.disabled = disableFields;
document.iform.domain.disabled = disableFields;
document.iform.domainsearchlist.disabled = disableFields;
document.iform.staticarp.disabled = disableFields;
document.iform.ddnsdomain.disabled = disableFields;
document.iform.ddnsupdate.disabled = disableFields;
document.iform.ntp1.disabled = disableFields;
document.iform.ntp2.disabled = disableFields;
document.iform.tftp.disabled = disableFields;
document.iform.ldap.disabled = disableFields;
document.iform.netboot.disabled = disableFields;
document.iform.nextserver.disabled = disableFields;
document.iform.filename.disabled = disableFields;
document.iform.rootpath.disabled = disableFields;
document.iform.denyunknown.disabled = disableFields;
}And update the HTML of the dropdownlist to:
<select id="mode" name="mode" onchange="enable_change(this.value=='unmanaged');"> <option value="unmanaged">Unmanaged</option> <option value="managed">Managed</option> <option value="assist">Assisted</option></select>
You did have a text included within the <select>tag which was incorrectly put there and therefore not being displayed. Move it out of the</select> tag:
Select the Operating Mode. Use Unmanaged for Router Advertising only, Managed for DHCPv6 only, Assisted for Combined
I guess this text also answers my previous question to elaborate on this function ;)
Furthermore, change the HTML of the checkbox to:
That should fix it.
-
Code committed, the toggle does not appear to work entirely right.
-
It's wrong indeed. Difficult to write JavaSript without being able to test it directly :)
Change the JavaScript function to:
function enable_change() {
var disableFields = (document.iform.mode.value=='unmanaged' || !document.iform.enable.checked);
document.iform.range_from.disabled = disableFields;
document.iform.range_to.disabled = disableFields;
document.iform.dns1.disabled = disableFields;
document.iform.dns2.disabled =disableFields;
document.iform.deftime.disabled = disableFields;
document.iform.maxtime.disabled = disableFields;
document.iform.gateway.disabled = disableFields;
document.iform.failover_peerip.disabled = disableFields;
document.iform.domain.disabled = disableFields;
document.iform.domainsearchlist.disabled = disableFields;
document.iform.staticarp.disabled = disableFields;
document.iform.ddnsdomain.disabled = disableFields;
document.iform.ddnsupdate.disabled = disableFields;
document.iform.ntp1.disabled = disableFields;
document.iform.ntp2.disabled = disableFields;
document.iform.tftp.disabled = disableFields;
document.iform.ldap.disabled = disableFields;
document.iform.netboot.disabled = disableFields;
document.iform.nextserver.disabled = disableFields;
document.iform.filename.disabled = disableFields;
document.iform.rootpath.disabled = disableFields;
document.iform.denyunknown.disabled = disableFields;
}Change the dropdownlist HTML to:
<select id="mode" name="mode" onchange="enable_change();"> <option value="unmanaged">Unmanaged</option> <option value="managed">Managed</option> <option value="assist">Assisted</option></select>
And change the HTML of the checkbox to:
-
I see its working now :) Nice. Probably needless to say, but when using disabled on fields like this remember that the values from those fields are not sent in the HTTP Post header if the fields are disabled. Also remember that setting disabled on fields provides no guarantees that the fields will remain disabled and thus the values will not be submitted. One could easily override the JavaScript since its client side script and enable the field again. Therefore server side validation for the checkbox is also required.
My pfsense box without BandwidthD is still crashing and automatically rebooting every hour or so. Also no luck yet with getting DHCPv6 to hand out leases to my clients. Guess its time to build up another system and give pfSense a try on that one.
-
Looks like the latest update is causing a problem with reloading the pf rules:
Mar 26 02:28:31 php: : Start Configuration upgrade at 02:28:31, set execution timeout to 15 minutes
Mar 26 02:28:33 php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was '/tmp/rules.debug:190: syntax error /tmp/rules.debug:191: syntax error pfctl: Syntax error in config file: pf rules not loaded'
Mar 26 02:28:33 php: : New alert found: There were error(s) loading the rules: /tmp/rules.debug:190: syntax error /tmp/rules.debug:191: syntax error pfctl: Syntax error in config file: pf rules not loaded The line in question reads [190]: pass in quick on $AIR_GUEST inet6 proto { tcp udp } from any to any divert 56262 keep state ( ) label "USER_RULE"
Mar 26 02:28:33 php: : There were error(s) loading the rules: /tmp/rules.debug:190: syntax error /tmp/rules.debug:191: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [190]: pass in quick on $AIR_GUEST inet6 proto { tcp udp } from any to any divert 56262 keep state ( ) label "USER_RULE""AIR_GUEST" is the name of my guest WLAN interface.
-
Looks like it has a problem with the traffic shaper, specifically Layer 7. Whenever I enable a layer 7 container it complains about the syntax error.
I wonder if it's specific to the IPv6 branch?
-
i had the same issue but i dont think its related to the ipv6 code… re-save rules and layer7 container... see if that helps.. it did for me
-
I do have this small question before is start using the IPv6 build.
Does Snort and Squid (2/3) work correctly over IPv6?-m4rcu5
-
I do have this small question before is start using the IPv6 build.
Does Snort and Squid (2/3) work correctly over IPv6?-m4rcu5
You tell me :P
-
hehe, I will.
I am trying to set up the IPv6, but i seem to be out of luck.
It works all well until i set up the LAN interface. When i do that i get:
[2.0-RC1-IPv6][root@pfsense.home.error418.com]/root(16): ping6 ipv6.google.com
ping6: UDP connect: No route to host-m4rcu5
I do have this small question before is start using the IPv6 build.
Does Snort and Squid (2/3) work correctly over IPv6?-m4rcu5
You tell me :P
-
is there a ipv6 default route listed on diag_routes.php?
-
I could not see one for IPv6.
Shortly after it started to misbehave and at reboot it would not configure any interface at all.
I'm now doing a reinstall.I will start with adding the normal tunnel. Maybe we can find a error there already.
UPDATE: It already fails when i set up the tunnel + allow icmp on the WAN_IPv6 and reboot.
It will not start the lagg interface and vlans that should be on them. Only the GIF tunnel and the wan are working. (wan is on dedicated interface)-m4rcu5
is there a ipv6 default route listed on diag_routes.php?
-
I have no lagg setup to replicate this sort of behaviour. Sorry
-
Well it actually looks like it does not go trough all the steps of the rc process.
It does not bring the interfaces up (weirdly when entering "ifconfig" at the terminal or waiting 20 minutes something does come up. but not all).
Is there anything i can do to help figuring it out? I know i have a somewhat complexer setup but i don't expect it to be a reason for the boot process to fail :-)I have tryd manually running some of the rc.* files. This brought up the interfaces, but i don't know in which oder they should run so i missed some stuff.
-m4rcu5
-
Small update on my struggle with pfSense 2.0 RC1 IPv6. Removing BandwidthD didn't solve the trouble. It still rebooted frequently (approximately once every 30 minutes) and eventually just hang. I installed a pfSense image on my Hyper-V cluster to see if it would work with different NICs despite it being able to only allow about 20 mbit/sec through the legacy NIC emulator. This also introduced crashes, reboots and hangs, although less often. I've been running pfSense on it without any problems a half year ago or so. I also have a colocated Hyper-V server with two pfSense 2.0 RC1 images and they both work fine for months already (haven't firmware/gitsync updated them since a month though), so that's weird. In the meantime I have put out an order for a completely new SuperMicro low energy system to use as a dedicated pfSense server hoping that it would make the problems go away, but I start having my doubts. I find it strange that I'm the only one with these problems. I guess the only cause left is my config file which I keep dragging along to all these other pfSense installations. Guess I'll have to sit down and reconfigure a new installation from scratch to see if it finally will become stable.