Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPv6 Default Gateway Selects Wrong Physical Interface

    Scheduled Pinned Locked Moved IPv6
    1 Posts 1 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      iamGavinJ
      last edited by

      Hi All,

      I finally got around to getting my Hurricane tunnel working last night and came across an issue which I wasn't sure was already a known bug.  I searched Redmine and the forums and couldn't find this existing already though I wanted to raise it here first to avoid logging a dupe in redmine.

      Environment is:

      FreeBSD <fqdn>8.3-RELEASE-p6 FreeBSD 8.3-RELEASE-p6 #0: Sat Feb 23 05:30:28 EST 2013     root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8  i386</fqdn>

      I have not git-synced beyond that snap either.

      After following the guide here (http://doc.pfsense.org/index.php/Using_IPv6_on_2.1_with_a_Tunnel_Broker) I was able to ping6 the remote side of the tunnel from the OPT interface, however when I tried to ping from the LAN interface (with the appropriate routed /64 set up) I was getting a host not reachable (from memory).  I also could not route any traffic from my LAN outbound nor get a response inbound using the HE IP6 port scanner.  I set up a firewall rule to log allow and log incoming from HE and could see the traffic hitting the OPT interface but nothing would route.

      After looking at the routing tables I noticed that the default gateway to the correct HE IPv6 address had an incorrect physical interface (my LAN interface ue0 instead of the tunnel gif0) effectively black-holing the packets:

      netstat -rw
Internet6:
Destination                                    Gateway                                     Flags    Refs      Use    Mtu    Netif Expire
default                                         <fqdn of="" he="">UGS         0      420   1280      ue0
::1                                            ::1                                         UH          0        0  16384      lo0</fqdn>

      I then executed:

      route delete -inet6 default
route -n add -inet6  default 2001:xxxx:yyyy:zzzz::1

      and now the route looks like this and the packets route correctly:

      Internet6:
Destination                                    Gateway                                     Flags    Refs      Use    Mtu    Netif Expire
default                                         <fqdn of="" he="">UGS         0        1   1280     gif0
::1                                            ::1                                         UH          0        0  16384      lo0</fqdn>

      If this isn't a known issue already please let me know and I'll raise it on Redmine, but I at least wanted to publish the issue as I spent a few hours scratching my head and couldn't find anything online to help.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.