IPv6 testing
-
We might need to investigate in somehow producing a build or snapshot based on this branch, we'll investigate.
-
Hi guys,
I really want to participate in the IPv6 fun here, but all my routers are running nanoBSD firmware and gitsync doesn't work there. What can I do?
GBgitsync should work on nanobsd? Just need to make the image rw before you run it?
-
Last time I tried, it ran out of space on /var trying to actually install git.
-
Custom images built from Seth's REPO:
http://cvs.pfsense.org/~sullrich/ipv6/
-
Custom images built from Seth's REPO:
http://cvs.pfsense.org/~sullrich/ipv6/
Nice, is it auto build like the normal snapshots?
-m4rcu5
-
I had time to run a fresh install. I changed my LAN IP, LAN dhcp range and WAN is set for dhcp by default. I install the git repository from http://gitweb.pfsense.org/pfsense/pfSense-smos.git. It does install some packages right after typing "playback gitsync" but then I get the prompt for the custom url. Rebooted the box and I still couldn't route to the internet. I save/apply my WAN interface and I was able to route to the internet again.. Did another reboot, and same results, cant route to the internet until save/apply my WAN interface.
Any ideas what is causing this? I had a similar issue with 1.2.3 a while ago if my cable modem would reboot.. I remember there was a package that fixed the issue.. Can't remember the name but its a package that was for 1.2.3 I believe. I don't see it under 2.0.
Thanks for all the work you guys have been making with ipv6…
-
My box here has a dhcp and it still works after a update and gitsync. Odd.
-
My box here has a dhcp and it still works after a update and gitsync. Odd.
It worked after the gitsync, it stopped working after the first reboot. The WAN DHCP client does pick up an ip address from my ISP(Its same IP for about 12-24months), it also grabs the DNS servers.. When I try to ping from the box to lets say google.com, I get a no route error.. After saving/applying the WAN interface page… Its able to ping.
-
When I try get the gateway under routing. The box wont let me input the ipv6 address that i got from he.net. It says the subnet is not within the range. If I leave the gateway blank and click save, it puts the ipv6 address that i try to manually enter.
When creating the WANIP6 interface after creating the gateway, I don't get an option to select the gateway.. Only option is none.
Cino, did you manage to solve this before you did a fresh install?
I seem to be running into the same problem, but a fresh install isn't feasible at the moment.Also, Databeestje: Awesome.
-
When I try get the gateway under routing. The box wont let me input the ipv6 address that i got from he.net. It says the subnet is not within the range. If I leave the gateway blank and click save, it puts the ipv6 address that i try to manually enter.
When creating the WANIP6 interface after creating the gateway, I don't get an option to select the gateway.. Only option is none.
Cino, did you manage to solve this before you did a fresh install?
I seem to be running into the same problem, but a fresh install isn't feasible at the moment.Also, Databeestje: Awesome.
I wasn't able to resolve the issue…
-
I too have a similar situation to the last two posters. The Gateway will not let me put in the correct info and if I leave it blank then it will put in dynamic instead and I get no ipv6 anymore. I had to change it back to the way I had it which never says online or does any of the gateway checks.
-
I have not gotten round to that, I'm doing this as time permits
-
Custom images built from Seth's REPO:
http://cvs.pfsense.org/~sullrich/ipv6/
Awsome. Thanks.
I had the same experience as Jim P. Git install fails on nanoBSD due to partition size limitations.GB
-
The subnet check on the gif interface should now properly work again. Have not verified yet, gitsync your install to get it.
You also get (hopefully) working traffic counters for ipv6 traffic.
IPv6 packet counts are logged but not graphed yet.
Menu banner shows IPv6 addresses now too.
ICMP6 rules have been relaxed so that we might have a shot at getting dhcp v6 messages out.
I also added unblockable ICMP6 rules to make sure basic connectivity is never blocked.
Addition of Bogon support for IPv6 prefixes, although a tad large at 30k entries -
I have just freshly installed latest snapshost and had my system synced with pfSense-smos repository.
I did follow this instructions and it still says "The gateway address 2001:470:1f0a:XXXX::1 does not lie within the chosen interface's subnet."I also noticed interesting behaviour. After gitsyncing with IPv6 repo, automatic checks for new firmware/auto update don't work anymore. It says "Unable to check for updates."
-
did you reboot after gitsyncing?
-
Yes, I did reboot.
I will now test on other freshly reinstalled pfSense machine.Edit: Same issue on other machine :(
-
I've been making some progress here. In my last post, I mention I had to go into the WAN interface and save it to route to the internet… The issue with "Unable to check for updates." is related I think. Over the weekend I setup a 3G Wan for failover. Because now I have gateway rules define for the LAN firewall tab, my clients can route to the internet without having to save the Wan interface config. The pfsense default gateway is getting messed up some how which causes the "Unable to check for updates" error and i'm unable to ping www.yahoo.com from pfsense but i can from the clients. When I save the WAN interface page, the pfsense default gateway is corrected, the IPv6 tunnels comes up, able to ping to ip4 websites from the shell.
The "The gateway address 2001:470:1f0a:XXXX::1 does not lie within the chosen interface's subnet." error: I recieved the same error when I follow the how-to write up. I ended up with the same error. In the how-to, we are using a /128 subnet. The gateway doesn't like this unless you put the subnet as /64. Was I changed the gif/wan interface to /64, I was able to put the gateway address in. But then this error poped up in my syslog
php: /interfaces.php: The command '/sbin/ifconfig gif0 inet6 2001:470:1f06:e7f::2 2001:470:xxxx:xxxx::1 prefixlen 64 ' returned exit code '1', the output was 'ifconfig: ioctl (SIOCAIFADDR): Invalid argument'
After the gateway was selected in the WANIPv6 interface, i changed the subnet back to /128 and the above error went away. I need to do some more testing to see if either /64 or /128 works… I left it at as /128 becuz i dont see the above error. HE.net tunnel info pages says its a /64 address...
I have to do some futher testing but I can't ping ipv6.google.com but i'm able to browse to the site(test-ipv6.com gave me 9/10, dns dont have ipv6 from my isp) if i ping ipv6.google.com from pfsense, "ping6: UDP connect: No route to host" from Windows 7, "Destination net unreachable"
Also there is a php error on the firewall rules page.. The page works, see screen shot:
-
The subnet check on the gif interface should now properly work again. Have not verified yet, gitsync your install to get it.
You also get (hopefully) working traffic counters for ipv6 traffic.
IPv6 packet counts are logged but not graphed yet.
Menu banner shows IPv6 addresses now too.
ICMP6 rules have been relaxed so that we might have a shot at getting dhcp v6 messages out.
I also added unblockable ICMP6 rules to make sure basic connectivity is never blocked.
Addition of Bogon support for IPv6 prefixes, although a tad large at 30k entriesdatabeestje great work so far!! Where can I find the traffic counters you are talking about? Under 'Status: Interfaces' the counters dont increase but 'Status: Traffic Graph' is graphing traffic.. The Interface widget on the main page shows that the WANIPv6 is up but it doesn't show the IPv6 address. 'Status: Interfaces' does sure the IP address tho.
I went to http://ipv6-speedtest.net/ to test the speed of the tunnel, wow its slow! 1m/.5m on a 50m/5m cable modem… But hey we are only testing this out to be ready for ipv6 when we will need it....
-
I'm seeing similar issues with the default route. I've gotten around it by just throwing the route in the cli.
I'm also seeing issues with rtadvd not working right, but that could be an artifact of the box having some of my crufty old IPv6 stuff hacked into it, not sure yet. I'll look more at this tomorrow.nb