Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SLAAC radvd problem in 2.2-RELEASE

    Scheduled Pinned Locked Moved IPv6
    12 Posts 5 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      michaesc
      last edited by

      I just reported https://redmine.pfsense.org/issues/4429/ describing a IPv6/DHCP6 radvd( 8 ) SLAAC autoconfiguration problem in 2.2-RELEASE (amd64).

      If you're routing IPv6 (native or tunneled) and had SLAAC (that means IPv6 router/neighbor advertisements) working in 2.1.5 but lost the IPv6 addresses on all your hosts since upgrading to 2.2 please comment here, and we'll try to find a work around or something.

      Hint: if you look in the radvd( 8 ) logs by clicking Status: System logs: Routing, you'll see in Routing daemon log entries:

      radvd[<some-number>: sendmsg: Permission denied
      radvd[<some-number>: sendmsg: Permission denied
      radvd[<some-number>: sendmsg: Permission denied
      radvd[<some-number>: sendmsg: Permission denied
      [/code]
      
      ...regardless of how liberal your IPv6 firewall rules are.
      
      See the bug report #4429 (above) for comprehensive information.</some-number></some-number></some-number></some-number>
      
      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        Absolutely no such issue here. 10 or so boxes with IPv6. You must be special. Sounds like a broken configuration to me.  :P

        1 Reply Last reply Reply Quote 0
        • K
          KarlZ
          last edited by

          I see the same issue on 2.2
          tcmpdump shows RS arriving from the client but no reply and no RA. Logs shows the same permission denied.
          radvd is runnign and the .conf looks sane.
          All ICMP6 is allowed in the rules.

          1 Reply Last reply Reply Quote 0
          • M
            maverick_slo
            last edited by

            HA!

            I have 3 internal VLANs working with IPv6 and now I upgraded to 2.2 and added 4th VLAN.
            I configured IPv6 on it (and yes, it is NOT configuration issue, and yes, it is NOT firewall ICPM or whatever issue) and it`s not working.
            radvd.conf is exactly the same as for other VLANs, just different subnets.

            Will try to reboot the box.

            1 Reply Last reply Reply Quote 0
            • M
              maverick_slo
              last edited by

              OK you used /50 subnet.
              I used /64 subnet and have exactly the same issue ( for others, see redmine ticked, OP updated it).

              EDIT:

              Unrelated, sorry my mistake.
              I had captive portal enabled and apparently ipv6 doest`t like captive portal…
              I disabled it and here we go all is fine.

              1 Reply Last reply Reply Quote 0
              • K
                KarlZ
                last edited by

                Yes I see thi snow. Disabling captive portal lets IPv6 work. You can either have captive portal or IPv6 not both. :-\

                1 Reply Last reply Reply Quote 0
                • D
                  doktornotor Banned
                  last edited by

                  Uhm…

                  1/ CP does not support IPv6 at all.
                  2/ You should NEVER use captive portal on your LAN. Set up dedicated interfaces for any CPs.

                  1 Reply Last reply Reply Quote 0
                  • M
                    maverick_slo
                    last edited by

                    Now you smarta** ing around :)

                    1. You could post sooner you know
                    2. Yes I have 4 vlans one of them is dedicated to CP

                    After war it`s easy to be gneral :)

                    1 Reply Last reply Reply Quote 0
                    • D
                      doktornotor Banned
                      last edited by

                      Perhaps IPv6 should be made no-op somehow visibly in the GUI once you enable CP on an interface.

                      1 Reply Last reply Reply Quote 0
                      • K
                        kejianshi
                        last edited by

                        My IPV6 also isn't broken.

                        I somehow keep managing to brute force and ignorance my way through things without issue on pfsense.

                        1 Reply Last reply Reply Quote 0
                        • M
                          maverick_slo
                          last edited by

                          @kejianshi:

                          My IPV6 also isn't broken.

                          I somehow keep managing to brute force and ignorance my way through things without issue on pfsense.

                          Yeah that would be great.
                          Or maybe captive portal code rewrite to support ipv6 ? :) hehe
                          I know its a lot of work. Its in the redmine and targeted version is future :S

                          1 Reply Last reply Reply Quote 0
                          • K
                            kejianshi
                            last edited by

                            I think IPV6 is ready for the world and am baffled as to why it hasn't replace IPV4 already.

                            So, yeah - I agree.

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.