 graysonfPremium,MVM
join:1999-07-16
Fort Lauderdale, FL | reply to darkcrucible
Re: [IPv6] pfSense - Anybody else having issues? FWIW, m0n0wall, the basis for pfsense works fine with Comcast IPv6 with the exception of some log flooding. |
|
|
|
| reply to voiptalk
I took a closer look at the packet capture at the time the lease expired. Comcast appears to be replying properly, but pfSense is not binding.
I have filed bug: »redmine.pfsense.org/issues/2919 |
|
| reply to voiptalk
said by voiptalk:I'm currently on:
2.1-BETA1 (amd64)
built on Thu Mar 28 00:48:35 EDT 2013
I think I found my issue... the radvd process is not running. I can make the config file by hand (which says is auto-generated but is not) and start the daemon. I get my prefix handed to my network but the default route seems to be wrong/missing.
I've downloaded the 2g nanobsd image dated Mar 30
2.1-BETA1 (amd64)
built on Sat Mar 30 03:13:18 EDT 2013
FreeBSD 8.3-RELEASE-p6
Going to try a regular hdd install |
|
| Ya, that radvd bug was introduced about 2 weeks ago. I always have to start it manually.
I have never seen radvd.conf come up empty, but others have reported it.
pfSense 2.1 Beta is supposed to be close to RC status, but IPv6 is still very much a problem. |
|
 plencnerbPremium
join:2000-09-25
Elgin, IL
kudos:2 | I will agree that PFSense 2.1 beta builds back in December and January were stable (as far as a beta release go) in regards to IPv6.
Then, sometime in Feb / March, things took a bit of a dive so to speak, and now we have these issues.
So, now I'm trying to figure out what beta version I should go with...the one that voiptalk  is running, which is from 3/28, or the one that acosgrove just downloaded and will be installing, which is from 03/30.
Just trying to get on the same page as everyone else, again to see if this is a PFSense issue, or a Comcast issue. Of course, based on what voiptalk said, it appears to be a pfSense issue, and not a Comcast one.
--Brian
--
============================
--Brian Plencner
E-Mail: CoasterBrian72Cancer@gmail.com
Note: Kill Cancer to Reply via e-mail |
|
1 edit | reply to graysonf
I switched over to m0n0wall and everything except v6 routing was working properly.
I think I may have a Comcast issue at this point. I opened an HE tunnel account and am now happily connecting to v6 sites. Is there someone in particular I should ask to review on the Comcast end?
I'll keep an eye out for an RC since I like the additional features and packages pfSense supports. Until then I'm sticking with m0n0.  |
|
| reply to plencnerb
said by plencnerb:Then, sometime in Feb / March, things took a bit of a dive so to speak, and now we have these issues.
I've been trying to piece that aspect together. pfSense developers were using the WIDE DHCP client, then changed [back] to ISC. I wasn't using it while WIDE was in use.
said by acosgrove: I opened an HE tunnel account and am now happily connecting to v6 sites.
I am very very close to going back to HE. I've invested way too much time on issue. |
|
graysonfPremium,MVM
join:1999-07-16
Fort Lauderdale, FL | reply to acosgrove
Are you using m0n0 1.34 or 1.8.1?
I know 1.8.8 works with Comcast native IPv6. If it doesn't for you then it's misconfigured on your end, misconfigured on Comcast's end, or not deployed in your area yet.
There is someone from Comcast here can help you. I don't recall his name but he will probably see see this and add to the thread. He will want your cable modem MAC address first, so have that available. |
|
| I'm using 1.3.4 -- I'm pretty sure it's deployed in my area, the CMTS does hand me a /128 and a /64. Configuration-wise I'm willing to bet 90% my fault.  |
|
graysonfPremium,MVM
join:1999-07-16
Fort Lauderdale, FL | You could post screenshots of your configuration pages.
But upgrading to 1.8.1 if possible would be a good idea since there are more users of that version. |
|
 NetDogPremium,VIP
join:2002-03-04
Parker, CO
kudos:3
 ·Comcast
1 edit | reply to acosgrove
said by acosgrove:I think I may have a Comcast issue at this point. I opened an HE tunnel account and am now happily connecting to v6 sites. Is there someone in particular I should ask to review on the Comcast end?
I would be that person on the Comcast side, what would you like me to check out?
--
Comcaster.. Network Engineer with NETO |
|
| reply to graysonf
That worked! I upgraded m0n0 to:
1.8.1b538 built on Thu Mar 21 14:35:03 CET 2013
test-ipv6.com and test-ipv6.comcast.net both are in the green. Traceroutes from mebsd.com are good too.
Now just need to be patient and wait for pfSense to catch up. |
|
graysonfPremium,MVM
join:1999-07-16
Fort Lauderdale, FL | So, is your System Log being flooded? |
|
| Looks to be that way
Apr 2 20:23:42 last message repeated 180 times
Apr 2 20:33:42 last message repeated 178 times |
|
graysonfPremium,MVM
join:1999-07-16
Fort Lauderdale, FL | Winner, winner, chicken dinner.
I reported that more than four months ago, but still no answer. |
|
 camperPremium
join:2010-03-21
Bethel, CT
·Comcast
1 edit | said by graysonf:Winner, winner, chicken dinner.
I reported that more than four months ago, but still no answer.
imho, I don't think you will get a quick response to this issue.
This IPv6 stuff is so new out in the world of us unwashed masses of IPv6 ignoranti, that the powers that be are still trying to figure out how to handle it.
For those who know me here, it may seem odd that I praise Comcast [understatement], but on this narrow, specific topic of IPv6 and how Comcast have been trying to figure out what to do, I have to commend Comcast for trying and for being out in the forefront.
The people in the front are the ones who get the arrows in their backs.
And I have to give major props to Comcast for offering up Netdog as a sacrificial lamb for the benefit of getting this IPv6 stuff right and correct. |
|
graysonfPremium,MVM
join:1999-07-16
Fort Lauderdale, FL
1 edit | said by camper:imho, I don't think you will get a quick response to this issue.
For now, I would settle for one of the developers acknowledging the problem and saying it will be looked into.
Edit: Below is the response I received. I have replied to it and requested a patch.
-------------------------------------------
It sounds like Comcast are sending an RA to you, and as you are a router running rtadvd, its sending this message out to notify you that its getting a message on an interface it's not advertising on.
The whole use case of dhcp-pd is a bit strange anyway, rfc6204 section w-3 for example indicates that a router should take its route from an RA, but freebsd nd6.c specifically prevents this (we had to patch this behaviour to get it to work right)
So this message can be ignored, and we would have to patch rtadvd to silence this message if using dhcp-pd etc, by adding some flags etc. |
|
plencnerbPremium
join:2000-09-25
Elgin, IL
kudos:2 | reply to voiptalk
voiptalk ,
I read your thread over at the pfSense forum, and wanted to ask a question.
You mention a lot about "radvd" which appears to be a service that runs on pfSense.
Now, I will fully admit I don't know much about Linux, or pfSense for that matter. So, it makes me wonder if I'm missing something in regards to this.
The screen shot above shows what services I have running. As you can see, there is not one called "radvd" listed. The 2nd picture lists all of the services that show up under the "Services" menu item. Again, nothing jumps out that would imply that its the "radvd" service, but I could just be missing it.
I don't know if I ever had one or not with past beta builds, but I do know that I in the past IPv6 was working on a build from January and I also believe the 02-13-2013 build as well.
The version that I'm currently running is below
2.1-BETA1 (i386)
built on Fri Mar 22 22:56:56 EDT 2013
FreeBSD 8.3-RELEASE-p6
Again, just wondering if I'm missing something.
Thanks,
--Brian
--
============================
--Brian Plencner
E-Mail: CoasterBrian72Cancer@gmail.com
Note: Kill Cancer to Reply via e-mail |
|
graysonfPremium,MVM
join:1999-07-16
Fort Lauderdale, FL | radvd is probably part of the DHCPv6 Server/RA, the RA part.
As an aside pfsense is based on FreeBSD, not Linux. |
|
1 edit | reply to plencnerb
radvd needs to be running and should require no action on your part to enable or start it. On some of the March builds, radvd tends to die and disappear completely from the services menu. There is a mention about that on the pfsense forum thread; that problem was thought to have been fixed.
--
On a side note: I've reconfigured back to a HE tunnel until I see some activity on the bug I filed.
I don't see this as being a Comcast issue. However, I have sent the packet capture taken during the failed renewal to Netdog for his thoughts. |
|
