IPv6 Default Gateway not sicking



  • I got IPv6 working last night with Comcast as my ISP (Dual Stack) and pfSense 2.1-RELEASE.

    My computers (Windows 8 ) keep dropping the IPv6 Default Gateway addresses (fe80::1:1).  If I set the gateway manually it works great but I don't want to have to do this on every computer.  The computers automatically pick up a delegated IPv6 Address and DNS Server but not always the gateway.

    Any ideas why my computers are not seeing the IPv6 Router Advertisement and keeping the IPv6 Default Gateway set?


  • Banned

    If you IPs are anything like fe80, then no, you did NOT get it working.



  • Explain this then.  Nothing wrong with using the Local Link address to get to the gateway.



  • Banned

    Well, those IPs are just fine. As for W8, I'd rather not comment.  ::) So, dropping how? Randomly? Regularly? Some interval? Works on reboot and stops after some time, or? Works on sane OS computers?



  • Windows 8… lets not go there  :P

    If the defaults are left alone the IPv6 Default Gateway is blank.  I have noticed it might show up after rebooting or randomly, then it randomly disappears.  If I manually set it to fe80::1:1 or the same as the IPv6 DNS server everything in IPv6 land works.

    Trying to figure out why it is setting everything but the default gateway automatically.


  • Banned

    So, which is it? It's not sticking, or it's just never set? RADVD set how? Domain or not? Some GPO in place? There's really not much to work with here. And once again, it'd seriously help if you could actually test this with some other OS.



  • It sets, then disappears.  No Domain, this is a desktop at my house I use for Media Center.

    I just ran "netsh int ipv6 reset reset.log" to reset IPv6 TCP/IP stack to installation defaults then rebooted.  Right now the IPv6 Default Gateway reads "fe80::1:1%15" and everything in IPv6 land is working.  I'll keep an eye on it, I know I was messing with IPv6 in the past so I might of had something set weird.  This computer is also on wireless so who knows if my Cisco AP is doing something weird.


  • Banned

    @k6usy:

    This computer is also on wireless so who knows if my Cisco AP is doing something weird.

    Oooh… I definitely recall at least two wireless APs totally killing IPv6 router advertisements. Certainly worth doing a research. What does

    
    netsh int ipv6 show int <iface_name></iface_name> 
    

    look like?



  • I also need to play with my Windows 8 computer that is hard wired.  Thanks for your time!



  • C:\WINDOWS\system32>netsh int ipv6 show int wi-fi
    
    Interface Wi-Fi Parameters
    ----------------------------------------------
    IfLuid                             : wireless_0
    IfIndex                            : 15
    State                              : connected
    Metric                             : 25
    Link MTU                           : 1500 bytes
    Reachable Time                     : 39500 ms
    Base Reachable Time                : 30000 ms
    Retransmission Interval            : 1000 ms
    DAD Transmits                      : 1
    Site Prefix Length                 : 64
    Site Id                            : 1
    Forwarding                         : disabled
    Advertising                        : disabled
    Neighbor Discovery                 : enabled
    Neighbor Unreachability Detection  : enabled
    Router Discovery                   : enabled
    Managed Address Configuration      : disabled
    Other Stateful Configuration       : enabled
    Weak Host Sends                    : disabled
    Weak Host Receives                 : disabled
    Use Automatic Metric               : enabled
    Ignore Default Routes              : disabled
    Advertised Router Lifetime         : 1800 seconds
    Advertise Default Route            : disabled
    Current Hop Limit                  : 64
    Force ARPND Wake up patterns       : disabled
    Directed MAC Wake up patterns      : disabled
    ECN capability                     : application
    

  • Banned

    Pretty much exactly same like here, except that I have Managed Address Configuration enabled (using DHCPv6). Try with wired. :)



  • Just remote desktoped back into the computer in question and the gateway was gone again.  I'll do some more testing later.  For now I will leave the gateway manually set.

    Does RA use ICMP?


  • Banned

    Well… IPv6 pretty much requires ICMPv6 enabled.

    http://en.wikipedia.org/wiki/ICMPv6



  • I'm not blocking it, trying to figure out what to look for.  Might have to fire up wire shark.



  • Do you think changing the radvd advertisement interval to a lower number would help?

    # Automatically Generated, do not edit
    # Generated config for dhcp6 delegation from wan on lan
    interface vr0 {
            AdvSendAdvert on;
            MinRtrAdvInterval 3;
            MaxRtrAdvInterval 10;
            AdvLinkMTU 1500;
            AdvOtherConfigFlag on;
                    AdvAutonomous on;
                    AdvRouterAddr on;
            };
            RDNSS 2601:c:8200:243:20d:b9ff:fe20:8d30 { };
            DNSSL k6usy.com { };
    };
    
    

  • Banned

    So you have this set to assisted? Tried unmanaged instead? The interval, nah, not really.



  • How would I change it? The "DHCPv6 Server/RA" page is blocked out because I do not have a static v6 address assigned to my LAN.  My LAN is tracking my WAN.

    Currently my WAN gets a /128 address from Comcast and the LAN is using one of the address from the delegated /64.

    Use IPv4 connectivity as parent interface: Unchecked
    Request only a IPv6 prefix: Unchecked
    DHCPv6 Prefix Delegation size: 64
    Send IPv6 prefix hint: Unchecked

    On another note I am noticing that Comcast delegates a new /64 to me if I reboot my router; that makes things fun.  IPv6 stops working on my windows computers until I reload the IPv6 stack so it clears the old addresses.



  • except that I have Managed Address Configuration enabled (using DHCPv6).

    I would love to use managed address config as well but I haven't come across any step-by-step description of how to go about this. Probably a testament to my searching skills or lack thereof but, can you point me in the right direction?



  • @k6usy:

    Currently my WAN gets a /128 address from Comcast and the LAN is using one of the address from the delegated /64.

    Use IPv4 connectivity as parent interface: Unchecked
    Request only a IPv6 prefix: Unchecked
    DHCPv6 Prefix Delegation size: 64
    Send IPv6 prefix hint: Unchecked

    I am on Comcast as well, and I would recommend that you check the somewhat mysteriously named "IPv4 connectivity via parent" box; without that, IPv6 connectivity will not recover from temporary loss of upstream connectivity (e.g., unplug modem without rebooting it).

    @k6usy:

    On another note I am noticing that Comcast delegates a new /64 to me if I reboot my router; that makes things fun.  IPv6 stops working on my windows computers until I reload the IPv6 stack so it clears the old addresses.

    Seems to work just fine for me. Are you sure you're not accidentally blocking things? That would seem to be consistent with your symptoms.

    Do you have "block bogon networks" enabled in your WAN and/or LAN interface settings by any chance? That apparently has the unfortunate side effect of blocking some ICMP6 traffic that is required for IPv6 to work properly.



  • @razzfazz:

    I am on Comcast as well, and I would recommend that you check the somewhat mysteriously named "IPv4 connectivity via parent" box; without that, IPv6 connectivity will not recover from temporary loss of upstream connectivity (e.g., unplug modem without rebooting it).

    Enabling this breaks my IPv6 connection.

    @razzfazz:

    Seems to work just fine for me. Are you sure you're not accidentally blocking things? That would seem to be consistent with your symptoms.

    Do you have "block bogon networks" enabled in your WAN and/or LAN interface settings by any chance? That apparently has the unfortunate side effect of blocking some ICMP6 traffic that is required for IPv6 to work properly.

    Nope, I have that off on all interfaces.



  • @k6usy:

    @razzfazz:

    I am on Comcast as well, and I would recommend that you check the somewhat mysteriously named "IPv4 connectivity via parent" box; without that, IPv6 connectivity will not recover from temporary loss of upstream connectivity (e.g., unplug modem without rebooting it).

    Enabling this breaks my IPv6 connection.

    Even after a subsequent reboot? Bizarre, works just fine for me…

    @k6usy:

    @razzfazz:

    Seems to work just fine for me. Are you sure you're not accidentally blocking things? That would seem to be consistent with your symptoms.

    Do you have "block bogon networks" enabled in your WAN and/or LAN interface settings by any chance? That apparently has the unfortunate side effect of blocking some ICMP6 traffic that is required for IPv6 to work properly.

    Nope, I have that off on all interfaces.

    Any other rule that might lead to router advertisement packets being blocked? Have you looked over /tmp/rules.debug?



  • @k6usy:

    @razzfazz:

    I am on Comcast as well, and I would recommend that you check the somewhat mysteriously named "IPv4 connectivity via parent" box; without that, IPv6 connectivity will not recover from temporary loss of upstream connectivity (e.g., unplug modem without rebooting it).

    Enabling this breaks my IPv6 connection.

    Enabling that broke it for me, too.  Also, on Comcast.

    • I had received IPv6 addressing initially (built a fresh 2.1-RELEASE system).
    • In the middle of the night, Comcast was out for 30 minutes.
    • pfs still had IPv6 addressing, but I was not able to go anywhere via IPv6 (IPv4 still worked).
    • I rebooted pfs, but it would not reacquire IPv6 addressing.
    • I did multiple reboots of the cable modem and pfs, but still no IPv6.
    • I then unchecked "Request a IPv6 prefix/information through the IPv4 connectivity link", rebooted and then I got IPv6 back.

    I'd really like a better understanding about what that option does.  It may not be working as expected.



  • I know this is an old thread – but I had a similar problem.  I am using DHCPv6;  Windows 7 would obtain an address from DHCPv6 and the default route from the router.  The default route would be there (as seen via "route print") for 30 minutes.  Then it would disappear.

    I found that the default Windows Firewall allows ICMPv6 ONLY from fe80::/64.  Normally, this is fine, however, in our infinite wisdom, we set the router's link-local address to be fe80:42::1  (which isnt part of the fe80::/64 subnet).  If we let it pick its own link-local, (the default) it would have been OK.

    Thus, the initial default gateway appeared because Windows requested it via Router Solicitation.  But it was unable to hear the periodic Router Advertisement messages after that in order to keep that default route alive.  It timed out after 30 minutes and disappeared.

    We've since changed our router's link-local address to be fe80::42:1 (which IS part of fe80::/64).