IPv6 RS with unspecified source address
built on Tue Sep 18 12:28:26 EDT 2012
From what I can see, pfSense does not respond to Router Solicitation messages where the source address is unspecified.
The client I have tested with, then waits for 4 seconds before sending out a new RS message with the link-local address as source, to which pfSense responds to.
The pfSense RA is set to "Unmanaged", normal "Router Priority" and no "RA Subnets".
Is this a known issue, limitation, or is it due to a wrong configuration on my side?
I have checked the RFC (4861), and it clearly states that router solicitation messages can have undefined source address:
An IP address assigned to the sending interface, or
the unspecified address if no address is assigned
to the sending interface.
I have tested several times, and pfSense does not reply with RA if the source address in the RS message is undefined.
I consider this to be a fault in the pfSense.
We currently use the radvd daemon for RA, so if there is a fault, it lies there.
Does anything show up under Status > System Logs on the Routing tab from radvd when it receives one of these packets?
No, there are no log entries due to these RS messages.
I noticed an IPv6 rule that did not allow undefined address access to the fw.
After I explicitly created a rule for this case, pfSense responds with RA after the RS mentioned above.
Sorry for the confusion.