IPv6 testing
-
@Koen: There are quite a number of reported crashes and panics currently, it has little to do with the IPv6 part. It has to do with the patched FreeBSD kernel we are using.
I am running succesfully with the pfSense 2.0-RC1 release, I then gitsynced my branch over it. I've tried the newer snapshots but they all hang, crash or panic sooner or later. That makes developing really hard so my advice is to stick with the binary 2.0-RC1 release from Feb 26th and then gitsync over that.
-
Thanks for the info databeestje. So I'm not the only one experiencing these problems and they do seem related with the newer releases. Interesting. Since you're explicitly mentioning the 2.0 RC1 release, does this mean you disrecommend using your RC1-IPv6 images?
I was already thinking of copying the pfSense images I'm using at my colocated server to my home server and restore my config over those since they are still stable.
Its a pity that even though its still in beta, this product has changed from being a very stable firewall to being less stable than my Windows Mobile 6.5 phone.
-
i think it really depends on your hardware and if you use i386 or amd64. I'm currently running a SM X7SPA-HF mb with another dual intel nic, for a total of 4 nics. They do use the em driver but i haven't had an kernel issue in over 3 months now. I did have some issues when the yankex drivers were being used. But since they went back to freebsd/intel drivers, no issues. I do use the i386 build as I free amd64 isn't there just yet… I gitsync anytime there is an update and i update build to the latest snapshot maybe 2 times a week now...
In your case, i would use either the RC1 images that were created a month ago then gitsync or use the ones databeestje created and gitsync.
-
Cino, thanks for your advice. The motherboard you mention is exactly the one I ordered yesterday for my new pfSense server :) Good to hear it works stable on that! Is your board the Atom D510 or Atom D525 processor type? Do you happen to know its power usage? I'm very curious about that.
I'm currently using a three legged firewall setup, one leg for the WAN connection, one for the LAN and the last one for the WLAN. I looked at equipping this board with a 3rd NIC using the PCI-Express 4x slot, but that would require a raiser card first and then an expensive 110 euro costing dual Intel NIC board. So I'm going to give it a try using VLANs on my LAN side NIC first and let my managed switch split the traffic towards my WLAN or LAN based on the VLAN tag. Do you recon that will work? Or do you have a cheaper solution for a 3rd NIC on this board?
My old pc had NGE network interfaces and my Hyper-V installation identifies the NICs as DE.
By the way, didn't know there was a 64 bit edition of pfSense too. What do you mean by "isn't there just yet"? It isn't as stable as i386 is supposed to be?
-
I have experienced such kernel problems in the past.
To encourage all the users, they are mostly fixed within weeks.
The only downside is that you are without updates for a few weeks.-m4rcu5
-
i'm using the D510.. My total system is 30 watts. This is powering: M300-LCD case(with LCD and 40mm case fan), 4gigs memory(i should use amd64), 2.5 laptop sata HD, daul intel nic, and a verizon 3g usb modem.
because of the case, I had to buy a 30+ special ribbon riser for the nic.. Wasn't happy but i wanted this case because of the LCD display. I dont see you having any issues using vlan tagging… the built-in nics support them.. The first NIC on my board is used for the impi also(HF board only), within the impi settings, you can put that on a different vlan or the same vlan your going to use the lan on. I haven't tried vlans on the built nic, only on the added dual nic.
the 64bit is probably as stable as the i386 but ive seen more post with kernal issues with the 64 then the i386...
-
30 watts is really nice! I chose the D525 model with dual cores. It should even consume a few watts less. I like your case by the way. Does it actually work to output something from pfSense on the LCD? What does it display? And do the buttons work?
I went for the SuperMicro recommended 19 inch case with this board: SC502L-200. Small, decent looking and reasonably priced. I put in a small 8GB Kingston 2,5 inch SSD drive which uses only 2 watts and also 2x 2 GB of DDR3 RAM which is said to be more energy efficient compared to the DDR2 RAM the D510 uses. So I'm really curious what it will consume all together, but with a 30 watts I'll already be happy.I've read some amazing stuff about this IPMI interface by the way. Things like KVM over IP and that the device can automatically reboot itself when it hangs. Together with the two onboard Intel gigabit NICs this must make for a hell of a pfSense router. That is.. if its stable ;)
-
Hi all,
I'm still getting stuck setting up the IPv6 part.
I can create the GIF0 interface without any problems, but as soon as i assign an interface to it (in my case opt5) the system will not boot anymore.
It does bring up the WAN and GiF0 interface, but it skips the lagg/opt/lan interfaces and starts the rc scripts for the packages.My setup:
3 interfaces, WAN and 2x intel as Lagg0
on Lagg0 i have 3 vlans; ORANGE, BLUE and GREEN
And a OpenVPN client as OVPNC2Packages:
OpenVPN
Snort
NutI cannot imagine how this could interfere with the IPv6, so i an really hoping for your help.
-m4rcu5
-
hello,
I just got ipv6 working on my home router (ALIX). Nice work databeestje.I currently have my LAN configured as 'bridge0' so I ran into the problem of the bridge0 interface not having a link local address.
I added it manually with this command: ifconfig bridge0 inet6 add fe80::73:d1:c3:e0/64
As others have reported previously, the following doesn't work (which is attempted in the services.inc functions to set up dhcp6):
[2.0-RC1-IPv6][root@pfsense]/root(10):ifconfig bridge0 inet6 add fe80::/64 eui64
ifconfig: could not determine link local addressAlso, I noticed that on the services_dhcpv6 page you can not 'Save' when selecting 'Unmanaged' in the "Operating Mode" field
because the error checking code is still requiring a DHCP begin and end value in the "Range" field.And the DNS Server value is saved to config.xml but not repopulated when you reload the page.
Again, nice work so far. It's coming along really well.
GB
-
New images posted on http://iserv.nl/files/pfsense/ipv6/rc1/
These are snapshots built today.
I've added a function that should manually generate a link-local address for the bridge. Although I'm not sure if that works yet.The javascript on the services_dhcpv6.php page is a work in progress. We'll need to fix that.
-
Thanks databeestje!! Quick question, do you know when there will be another merge with the mainline code? Last one happen on March 27 and there seems to a lot of changes to it. Thanks in advance!!
-
I just gitsynced with the latest smos gitsync. The webinterface no longer works now. The error shown when browsing to the webinterface:
Parse error: syntax error, unexpected ']' in /etc/inc/services.inc on line 623
-
Remove the "]" from 623 and all is fine again
eg$dnscfgv6 .= " option dhcp6.name-servers " . join(",", $dns_arrv6]) . ";";
becomes
$dnscfgv6 .= " option dhcp6.name-servers " . join(",", $dns_arrv6) . ";";
-
Works morbus, thanks!
-
@Databeestje, I've found a bug in the diagnostics DNS lookup page located at /diag_dns.php. The first time I try to resolve a hostname by an IPv6 address, it works. When I click the DNS Lookup button again, it shows no result. When I click it again, it does show the result. When I click it again it shows no results, etc. When entering an IPv4 address, it does work okay every time.
Should I enter bugs like this through the redmine form?
-
Hi,
I found a small error on this page: services_dhcpv6.php?if=lan
If I fill the DNS servers entry on this page, the setting is saved correctly.
But when I want the edit again, the setting does nog show up and is blank again. The input-field is not correctly filled with the setting.Hi Databeestje,
I found the bug described above. The DNSserver field on the DHCPv6 settingspage was not showing correctly.
With the extra code below it does load ok.please insert this patch:
153d152 < list($pconfig['dns1'],$pconfig['dns2']) = $config['dhcpdv6'][$if]['dnsserver'];
-
@Databeestje, I've found a bug in the diagnostics DNS lookup page located at /diag_dns.php. The first time I try to resolve a hostname by an IPv6 address, it works. When I click the DNS Lookup button again, it shows no result. When I click it again, it does show the result. When I click it again it shows no results, etc. When entering an IPv4 address, it does work okay every time.
Should I enter bugs like this through the redmine form?
Feel free to keep posting them here for a while. Until the code is merged into the normal git tree we'll keep it here. It is sufficiently quiet here that it's easy to keep up on.
Some of the other boards are so crowded that it becomes hard to follow. If you do create redmine tickets please assign them to smos.
-
I've noticed line 167 of system_firmware_settings.php disables gitsync in web gui on platforms such as nanobsd. Since there are nanobsd IPv6 images and as far as I can tell it works fine on nanobsd…is there some other reason this feature is disabled on the web gui?
-
You'll have to ask that in a embbeded board. No idea.
-
I've noticed line 167 of system_firmware_settings.php disables gitsync in web gui on platforms such as nanobsd. Since there are nanobsd IPv6 images and as far as I can tell it works fine on nanobsd…is there some other reason this feature is disabled on the web gui?
Probably because when that was first implemented, it didn't work on NanoBSD, and I'd still be inclined to not do a gitsync on NanoBSD in general, since the large number of CF writes involved would be detrimental to the lifetime of the CF.