IPv6 DHCP-PD – radvd dies after interface reset - dhcpv6 does not reaquire addr
-
radvd seems now to be stable for me too. But my Ubuntu clients don't get a address until I start dhclient -6 once?! The only address it sets is the fe80-address (SLAAC?)
I have 'iface eth0 inet6 auto' in the /etc/network/interfaces. Shouldn't they get a address automatically without starting a DHCP client??Probably best to put that in another thread, but my Ubuntu laptop pulls a V6 IP from DHCP without any intervention.
fe80 is link-local, you'll always have one of those when IPv6 is enabled, even if you don't have a connection to an IPv6 network. I use the network manager though, and IPv6 there is just set to "automatic"
$ sudo cat /etc/NetworkManager/system-connections/MYSSID [connection] id=MYSSID uuid=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx type=802-11-wireless timestamp=1370526571 [802-11-wireless] ssid=MYSSID mode=infrastructure mac-address=00:xx:xx:xx:xx:xx seen-bssids=xx:xx:xx:xx:xx:xx;zz:zz:zz:zz:zz:zz; security=802-11-wireless-security [802-11-wireless-security] key-mgmt=wpa-psk psk=blah [ipv4] method=auto [ipv6] method=auto -
I've done a clean install of 2.1 and IPv6 now works, but dhcp6c reports an error and a filter reload is constantly triggered. Killing dhcp6c fixes the issue but takes down radvd with it.
Jul 9 14:40:57 dhcp6c[25113]: update_ia: status code for NA-0: no addresses Jul 9 14:40:58 php: rc.newwanipv6: ROUTING: setting default route to [ISP v4 gateway IP] Jul 9 14:40:51 check_reload_status: Reloading filter -
Yesterday I did a clean install of the following version
Version 2.1-RC0 (i386)
built on Mon Jul 8 21:26:14 EDT 2013
FreeBSD 8.3-RELEASE-p8So far (uptime is 17 hours) things appear to be working. Here are a few items that I have noticed so far
• pfSense shows that my WAN IPv6 IP is 2001:558:6033:ad:….
As far as I know, this is a valid DHCPv6 IP from Comcast.• IPv6 Test sites (example www.test-ipv6.com) return a 10/10 result
• IPv6 only sites (example ipv6.speedtest.comcast.net) load without issue
• Comcast's IPv6 Information Center site (www.comcast6.net) loads and shows the following information
Your IP address is 2601:d:4c00:ca:1118:.......
Congrats! You are using IPv6 on the Comcast Cable network.• The Service "radvd" is running on pfSense
The big question in my mind is what will happen once the lease is up on the IPv6 IP, and it goes to renew it? That was the problem before, and from what it sounds like, that issue has been corrected. I'll report back in a few days with how things go.
I've done a clean install of 2.1 and IPv6 now works, but dhcp6c reports an error and a filter reload is constantly triggered. Killing dhcp6c fixes the issue but takes down radvd with it.
Could you provide a bit more information on how I can check my system to see if I am getting a similar error?
Thanks,
–Brian
-
I am also not seeing any immediate issues with the July 8th build. Good job to everyone that helped to fix this!
-
I upgraded to the built of Fri Jul 5 18:13:39 EDT 2013 and it's now been running for over 4 days and renewed without problems. This is the first time it renewed and maintained IPv6 connectivity. All the tests and comcast6.net are working. Previous as others report it would not work after the 4 days.
What ever changes has been made there going in the right direction.
I'll give it another day or two then update to the latest snapshot and see what happens and post my results.
Thanks for your dedicated work it's appreciated.
-
Could you provide a bit more information on how I can check my system to see if I am getting a similar error?
The main symptom is 100% CPU usage on one core while the filter reloads indefinitely.
-
Could you provide a bit more information on how I can check my system to see if I am getting a similar error?
The main symptom is 100% CPU usage on one core while the filter reloads indefinitely.
I don't think I have that issue. I only have a single core CPU (Intel Pentium III) and the usage is mostly at 1%. Sometimes, it will spike to 34%, but that is not that often.
–Brian
-
Well, I have bad news to report.
Back on July 10, I reported that I had did a clean install of the following version
Version 2.1-RC0 (i386)
built on Mon Jul 8 21:26:14 EDT 2013
FreeBSD 8.3-RELEASE-p8Everything with IPv6 appeared to be working as it should have.
Well, my uptime is now just over 5 days, and as you can tell by the attached picture, I have again lost my IPv6 IP.
A few quick notes:
-
No IPv6 IP on the WAN side
-
IPv6 Test sites return 0/10
-
IPv6 only sites fail to load
-
The Service "radvd" is no longer listed in pfSense.
If anyone here would like more information, let me know and I'll be happy to get it and post it.
Thanks,
–Brian
-
-
Please provide a system log and configuration of the system to see if its related to this.
Also there have been some changes to firewall rules in latest snapshots which might impact functionality. -
Well, my uptime is now just over 5 days, and as you can tell by the attached picture, I have again lost my IPv6 IP.
–Brian
Clear /etc/bogonsv6 and see if it comes back. You may have to reboot.
-
@ermal:
Please provide a system log and configuration of the system to see if its related to this.
Also there have been some changes to firewall rules in latest snapshots which might impact functionality.Thanks for the reply.
So that we are on the same page, here is the information on the build that I am running
Version 2.1-RC0 (i386)
built on Mon Jul 8 21:26:14 EDT 2013
FreeBSD 8.3-RELEASE-p8Hardware information:
Using a Dell Tower, running with a Pentinum III CPU, 512 MB of Ram, and a 20 GB hard drive.Here are the last 50 entries from my system log.
Jul 9 13:57:04 php: rc.newwanip: Creating rrd update script
Jul 9 13:57:07 php: rc.newwanip: pfSense package system has detected an ip change 24.13.17.39 -> 24.13.17.39 … Restarting packages.
Jul 9 13:57:07 check_reload_status: Reloading filter
Jul 9 13:59:00 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 9 13:59:00 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 9 15:36:25 php: /index.php: webConfigurator authentication error for 'admin' from 192.168.1.100
Jul 9 15:36:25 php: /index.php: webConfigurator authentication error for 'admin' from 192.168.1.100
Jul 9 15:36:32 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 9 15:36:32 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 9 22:42:46 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 9 22:42:46 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 10 04:49:16 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 10 04:49:16 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 10 06:53:51 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 10 06:53:51 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 11 06:43:19 check_reload_status: updating dyndns WAN_DHCP
Jul 11 06:43:19 check_reload_status: Restarting ipsec tunnels
Jul 11 06:43:19 check_reload_status: Restarting OpenVPN tunnels/interfaces
Jul 11 06:43:19 check_reload_status: Reloading filter
Jul 11 06:43:36 check_reload_status: updating dyndns WAN_DHCP
Jul 11 06:43:36 check_reload_status: Restarting ipsec tunnels
Jul 11 06:43:36 check_reload_status: Restarting OpenVPN tunnels/interfaces
Jul 11 06:43:36 check_reload_status: Reloading filter
Jul 11 11:29:54 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 11 11:29:54 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 11 12:26:37 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 11 12:26:37 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 12 08:57:27 check_reload_status: updating dyndns WAN_DHCP,WAN_DHCP6
Jul 12 08:57:27 check_reload_status: Restarting ipsec tunnels
Jul 12 08:57:27 check_reload_status: Restarting OpenVPN tunnels/interfaces
Jul 12 08:57:27 check_reload_status: Reloading filter
Jul 12 14:26:36 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 12 14:26:36 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 12 18:46:36 dhcp6c[20735]: client6_timo: all information to be updated was canceled
Jul 12 18:50:18 dhcp6c[20735]: client6_timo: all information to be updated was canceled
Jul 13 14:01:13 dhcp6c[20735]: client6_timo: all information to be updated was canceled
Jul 13 14:03:45 dhcp6c[20735]: client6_timo: all information to be updated was canceled
Jul 14 23:25:40 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 14 23:25:40 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 15 02:51:03 check_reload_status: updating dyndns WAN_DHCP
Jul 15 02:51:03 check_reload_status: Restarting ipsec tunnels
Jul 15 02:51:03 check_reload_status: Restarting OpenVPN tunnels/interfaces
Jul 15 02:51:03 check_reload_status: Reloading filter
Jul 15 02:51:12 php: rc.newwanipv6: rc.newwanipv6: Informational is starting rl0.
Jul 15 02:51:12 php: rc.newwanipv6: rc.newwanipv6: on (IP address: 2001:558:6033:ad:3d6d:7e5d:7bea:f1ae) (interface: wan) (real interface: rl0).
Jul 15 02:51:13 php: rc.newwanipv6: ROUTING: setting default route to 24.13.16.1
Jul 15 02:51:13 php: rc.newwanipv6: ROUTING: setting IPv6 default route to fe80::201:5cff:fe3d:4e41%rl0
Jul 15 02:51:15 check_reload_status: Reloading filter
Jul 15 05:19:52 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Jul 15 05:19:52 php: /index.php: Successful login for user 'admin' from: 192.168.1.100If you want the full log, I can do that if you can provide the command to run to get it.
As far as firewall rules, see the two attached pics for the rules on the WAN and LAN side. I know that whatever is there was added by default on the build that I am running, as I did not make any changes to the firewall rules.
Thanks,
–Brian
-
Clear /etc/bogonsv6 and see if it comes back. You may have to reboot.
How would I go about doing this step?
Thanks,
–Brian
-
Clear /etc/bogonsv6 and see if it comes back. You may have to reboot.
How would I go about doing this step?
-
Make sure shell is enabled - http://doc.pfsense.org/index.php/HOWTO_enable_SSH_access
-
Then SSH in and you will get the menu; Select option 8 - http://doc.pfsense.org/index.php/Using_the_PHP_pfSense_Shell
-
type 'rm /etc/bogonsv6'
Note: If you need an SSH client, you can use this: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
-
-
-
Make sure shell is enabled - http://doc.pfsense.org/index.php/HOWTO_enable_SSH_access
-
Then SSH in and you will get the menu; Select option 8 - http://doc.pfsense.org/index.php/Using_the_PHP_pfSense_Shell
-
type 'rm /etc/bogonsv6'
Note: If you need an SSH client, you can use this: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
I was going through the steps to enable SSH in pfSense this morning. However, after I logged into the web console, I noticed that my information screen had changed, per the attached picture.
Notice that I now see IPv6 Information under both the WAN and LAN Interface section. The service "Radvd" shows up again in the services status.
I then went and did a quick test at a test IPv6 site (www.test-ipv6.com) and it came back with 10/10.
Has my computer been rebooted? No
Has pfSense been rebooted? No
Has my modem been rebooted? NoDid I do anything to pfSense? Nope!
While its still a mystery that it stopped working, it is even more a mystery now that it started up again without any action on my part.
Thoughts?
–Brian
-
-
Well, whatever caused it to "break" last time has happened again.
This morning, I noticed that I lost any items related to IPv6. My uptime is just over 9 days, so I would guess that it was the dhcpv6 renewal that failed again.
I've again not made any changes to the configuration of pfSense, nor have I rebooted pfSense or my modem in the last 9 days.
So, I'm going to just let things sit, and see if it comes back again on its own in a few days.
If it does, is there any information that people would like to see, to help troubleshoot the issue?
Thanks,
–Brian
-
If it does, is there any information that people would like to see, to help troubleshoot the issue?
An extract from the system log (see Status -> System Logs) from a few minutes before the "break" to a few minutes after might be informative.
-
If it does, is there any information that people would like to see, to help troubleshoot the issue?
An extract from the system log (see Status -> System Logs) from a few minutes before the "break" to a few minutes after might be informative.
Well, here are the last 50 entries from the system log. I think its good (hopefully) that the last 50 entries cover the last 8 days.
Jul 12 14:26:36 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 12 18:46:36 dhcp6c[20735]: client6_timo: all information to be updated was canceled Jul 12 18:50:18 dhcp6c[20735]: client6_timo: all information to be updated was canceled Jul 13 14:01:13 dhcp6c[20735]: client6_timo: all information to be updated was canceled Jul 13 14:03:45 dhcp6c[20735]: client6_timo: all information to be updated was canceled Jul 14 23:25:40 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 14 23:25:40 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 15 02:51:03 check_reload_status: updating dyndns WAN_DHCP Jul 15 02:51:03 check_reload_status: Restarting ipsec tunnels Jul 15 02:51:03 check_reload_status: Restarting OpenVPN tunnels/interfaces Jul 15 02:51:03 check_reload_status: Reloading filter Jul 15 02:51:12 php: rc.newwanipv6: rc.newwanipv6: Informational is starting rl0. Jul 15 02:51:12 php: rc.newwanipv6: rc.newwanipv6: on (IP address: 2001:558:6033:ad:3d6d:7e5d:7bea:f1ae) (interface: wan) (real interface: rl0). Jul 15 02:51:13 php: rc.newwanipv6: ROUTING: setting default route to 24.13.16.1 Jul 15 02:51:13 php: rc.newwanipv6: ROUTING: setting IPv6 default route to fe80::201:5cff:fe3d:4e41%rl0 Jul 15 02:51:15 check_reload_status: Reloading filter Jul 15 05:19:52 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 15 05:19:52 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 15 06:12:47 check_reload_status: updating dyndns WAN_DHCP Jul 15 06:12:47 check_reload_status: Restarting ipsec tunnels Jul 15 06:12:47 check_reload_status: Restarting OpenVPN tunnels/interfaces Jul 15 06:12:47 check_reload_status: Reloading filter Jul 15 07:02:49 check_reload_status: updating dyndns WAN_DHCP Jul 15 07:02:49 check_reload_status: Restarting ipsec tunnels Jul 15 07:02:49 check_reload_status: Restarting OpenVPN tunnels/interfaces Jul 15 07:02:49 check_reload_status: Reloading filter Jul 16 03:28:17 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 16 03:28:17 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 16 14:55:32 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 16 14:55:32 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 17 14:08:01 php: /index.php: webConfigurator authentication error for 'admin' from 192.168.1.100 Jul 17 14:08:01 php: /index.php: webConfigurator authentication error for 'admin' from 192.168.1.100 Jul 17 14:08:05 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 17 14:08:05 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 18 07:41:11 dhcp6c[20735]: client6_timo: all information to be updated was canceled Jul 18 07:45:59 dhcp6c[20735]: client6_timo: all information to be updated was canceled Jul 19 02:58:53 dhcp6c[20735]: client6_timo: all information to be updated was canceled Jul 19 02:59:52 dhcp6c[20735]: client6_timo: all information to be updated was canceled Jul 19 03:20:01 check_reload_status: updating dyndns WAN_DHCP,WAN_DHCP6 Jul 19 03:20:01 check_reload_status: Restarting ipsec tunnels Jul 19 03:20:01 check_reload_status: Restarting OpenVPN tunnels/interfaces Jul 19 03:20:01 check_reload_status: Reloading filter Jul 19 03:20:35 check_reload_status: updating dyndns WAN_DHCP,WAN_DHCP6 Jul 19 03:20:35 check_reload_status: Restarting ipsec tunnels Jul 19 03:20:35 check_reload_status: Restarting OpenVPN tunnels/interfaces Jul 19 03:20:35 check_reload_status: Reloading filter Jul 19 05:41:51 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 19 05:41:51 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 20 08:26:22 php: /index.php: Successful login for user 'admin' from: 192.168.1.100 Jul 20 08:26:22 php: /index.php: Successful login for user 'admin' from: 192.168.1.100–Brian
-
And the DHCP log?
-
And the DHCP log?
Well, I went to go get that, but the last 50 entries shown on the screen are all from today. So, I know that won't be of any help.
Does the DHCP log contain more then the last 50 entries, and if so, what command can I run to extract that information.
I also want to add that 2 days and 12 hours ago, pfsense "locked up" on me. The reason I say that is my internet connection did not work. No pages would load, and I was not able to ping my pfSense box or my cable modem. Before I rebooted, I plugged in my USB Keyboard and Monitor to see if there was any kind of message on the screen. How I came to the "locked up" result is that when I did plug my keyboard in, it did not light up. I have two lights that are always on (a power light, and a numlock). Pressing the num lock, caps lock, or scroll lock buttons did not cause those lights to come on either when plugged into my pfSense box. So, I did a hard reset. Once it came up, I then rebooted it again normally, and has been up ever since. So far, things are working, but it has been less then 3 days at this point.
–Brian
-
Does the DHCP log contain more then the last 50 entries, and if so, what command can I run to extract that information.
Yes. The whole log can be displayed by shell command```
clog /var/log/dhcpd.logYou can change the number of log entries displayed in the GUI by going to _Status_ -> _System Logs_, click on _Settings_ tab, change the value of _GUI Log Entries to Display_ and click _Save_.
