Disable radvd

IPv6
Log in to reply
  • P

    Hi,

    Is there away to truly disable radvd?

    I have it set as disabled under "Services: Router advertisements" however it still seems to get default config and runs at boot time.
    This is causing radvd to send out router advertisements using the link local addresses, which then causes the servers to use PFSense as the gateway instead of my router as IPv6 gateway. As you would expect PFSense sees the traffic from the server but doesn't see the replies going to the server as they go direct so it doesn't think the connection is setup.

    Everytime I reboot the PFSense I have to remember to login to a shell and kill radvd otherwise it will break IPv6 for everything else.

    
]/root: ps aux | grep radvd
root    36359   0.0  0.4  14532  2144  -  S     9:47AM 0:00.00 /usr/local/sbin/radvd -p /var/run/radvd.pid -C /var/etc/radvd.conf -m syslog

    PFsense seems to keep writing the following config file for /var/etc/radvd.conf even when it is disabled.

    
/root: cat /var/etc/radvd.conf
# Automatically Generated, do not edit
# Generated config for 2a01:xxx:xxx:xxx::xxx delegation from wan on lan
interface em1 {
	AdvSendAdvert on;
	MinRtrAdvInterval 3;
	MaxRtrAdvInterval 10;
	AdvLinkMTU 1500;
	AdvOtherConfigFlag on;
		prefix ::/64 {
		AdvOnLink on;
		AdvAutonomous on;
		AdvRouterAddr on;
	};
	DNSSL domain.com { };
};

    With it disabled in the web interface, I would expect that

    1. radvd wouldn't run at boot time
    2. It wouldn't set up config for interfaces at boot time.

    Any suggestions on how to stop it from running at boot would be great.
    This feels like a bug but thought I would post here before filling a bug report.

    Thanks

    0
  • T

    still there in 2.2.6

    http://lists.pfsense.org/pipermail/list/2016-January/009511.html


    antonio

    0
  • awebster

    Yeah…fallen into that trap more than once (shame on me).
    Setting up a pfSense VM on production IPv6 network and suddenly the hosts start using the new box as their default GW is definitely not cool!
    I would like to see that "feature" off by default unless there is an IPv6 address configured on the I/F AND radvd has been explicitly enabled.

    0
  • T

    filed a bug: https://redmine.pfsense.org/issues/5812

    fixed in 2.3

    antonio

    0
  • P

    Upgraded to 2.3 and I can confirm that radvd doesn't start when it is marked as disabled in the GUI.  :D

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy