Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to deal with duplicate link local when testing

    Scheduled Pinned Locked Moved IPv6
    2 Posts 1 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gadams999
      last edited by

      Hey all,

      I'm trying to troubleshoot my Comcast Business setup and finally have the time. To test, I've created a VM with a 2.1.2 release assigned to the IPV6 modem and the internal LAN. On my production firewall, I've turned off IPV6.

      I'm getting the following on the test pfSense VM:

      kernel: em0: DAD complete for fe80:1::1:1 - duplicate found
      

      Which makes sense, since both firewalls have rewritten the link-local address to this same value.

      From the production firewall, where the LAN PHY is VLANed out:

      fe80::1:1%em0_vlan10
      

      And then on the test VM (just using access mode, no trunking):

      fe80::1:1%em0
      

      My guess is that pfSense rewrites the address w/o EUI-64 to make it easier to troubleshoot/test. But I'd like to know why the value is changed, as here is an example on my prod setup where I haven't attempted to "track interface":

      fe80::200:24ff:fed0:38a4%em0_vlan600
      

      So, the questions are:

      • Understanding why the value is written that way in the first place?

      • Is there a way to change that value per-firewall? that way I can have both up w/o the duplicate error?

      • Why doesn't link local get reset back to the EUI-64 value once IPv6 is removed from an interface?

      Once I get past that point I'll attempt, again, to get Comcast BIS with my /56 operational. Thanks all!

      1 Reply Last reply Reply Quote 0
      • G
        gadams999
        last edited by

        Bumping to see where I can resolve this issue. As a lark I install m0n0wall and setup IPv6 there. PD allocation worked, yet still no LAN traffic passing the local netgear modem.

        But when I did enabled IPv6 on the LAN interface, the link-local always stayed in EUI64 format. So just trying to figure out what portion of pfSense code is changing the link-local addresses to fe80:1::1:1, and how to revert back to SLAAC-style addresses.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.