Intermittent IPv6 Issues

  • I've been having intermittent connectivity issues stemming from a DHCPv6 server issue lately. I am running 2.1-DEVELOPMENT (i386) built on Fri Apr 13 21:32:08 EDT 2012. I currently have the settings set to assisted. DHCPv6 seems to work sometimes but most of the time it does not. I receive two IPv6 addresses from stateless autoconfig as is normal but sometimes I lose the gateway address on the client. When this happens it happens across all my client computers. The only way I've found to fix it is to restart pfsense. Changing assignment modes on pfsense does not seem to help. This has become quite annoying as it seems to happen randomly and I only notice it when I've restarted or woken a client computer.

  • DHCPv6 does not provide the gateway, this is done by the router advertisement daemon. Radvd.

    Check if radvd is actually running. ps auxww|grep radvd

  • It appears to be running

    root  47732  0.0  0.3  3328  1264  ??  Ss    6:43PM  0:01.62 /usr/local/sbin/radvd -C /var/etc/radvd.conf -m syslog

  • ok, that's good. If it happens again, check if the process on pfSense still exists.

    If it doesn't, press save on dhcpv6 server settings, that should launch it again.

    Is this primarily wireless computers? Some accesspoints handle multicast badly, as in, they drop it.

  • No it happens across all computers. I don't seem to be receiving an address from the DHCPv6 server again. Only the two from stateless autoconfig. I tried clicking save on the DHCPv6 server and doing a release/renew but it doesn't seem to pick one up.

  • This is still an on going issue for me. I am still not receiving an address through DCHPv6 nor am I getting the default gateway. I am, however, receiving two temporary addresses and the correct DNS server

  • Do you happen to have personal firewalls installed or corporate virus scanners on those computers?

    Symantec Endpoint Protection with the default rules blocks IPv6 traffic entirely. There is another one that does this too.

    Otherwise I need access to your box to see why.

  • Nothing besides Windows Firewall and and Microsoft Security Essentials. I just did a little testing and when I turn the firewall off for the Home and Work networks I get a DHCPv6 address but no gateway, dns or stateless autoconfig. If I turn off both the work/home and public network firewall I get two stateless autoconfig address, dns and the link local address of the gateway interface.

    Edit: Changing the mode to Managed I get a DHCPv6 assigned address, dns, and gateway with firewall on.

    On a side note, is there a way to select multiple firewall rules and disable them in pfsense? took me a while to disable everything but a permit all rule.

  • We only have a delete button for firewall rules, but that doesn't sound like too bad of a idea.

  • I'll definitely be looking forward to it.

  • You just have to click on the pass/block/reject icon to quickly disable a single rule. No way to do that in bulk but it doesn't take much to click through even numerous rules to disable them.

  • Which I do but it does become a bit of a pain to click through roughly 50 rules when you have those nice check boxes right beside each one that could be tied to a disable/enable button.

Log in to reply