site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

US Cable Support > Comcast HSI > [IPv6] pfSense - Anybody else having issues?

Search Topic:
 Uniqs:
982		 Share Topic
Posting?
Post a:
Post a:
Links: ·Forum Rules ·Forum FAQ ·Bandwidth Limits/Congestion Management ·Copyright Infringement?
page: 1 · 2 · 3
AuthorAll Replies


plencnerb
Premium
join:2000-09-25
Elgin, IL
kudos:2

reply to voiptalk

Re: [IPv6] pfSense - Anybody else having issues?

said by voiptalk:

radvd needs to be running and should require no action on your part to enable or start it. On some of the March builds, radvd tends to die and disappear completely from the services menu. There is a mention about that on the pfsense forum thread; that problem was thought to have been fixed.

I did see you mention that in the thread over at the pfSense forums. I also agree with you that this does not appear to be a Comcast issue, but an issue with pfSense.

What I will probably do is give it a week or so, and then download a Beta at that point, and see if that service is running, or if that problem has been fixed. IPv6 for me is not that critical, so not having it working is not that big of a deal. However, I do enjoy pfSense, and if there is a way for me to help test/debug/validate things along the way, I'm more then welcome to help do so.

Thanks,

--Brian
--
============================
--Brian Plencner

E-Mail: CoasterBrian72Cancer@gmail.com
Note: Kill Cancer to Reply via e-mail
to forum · permalink · 2013-04-03 11:45:49 ·


camper
Premium
join:2010-03-21
Bethel, CT
Reviews:
·Comcast

reply to graysonf

said by graysonf:

... we would have to patch rtadvd to silence this message if using dhcp-pd etc, by adding some flags etc.

From that it sounds like using DHCP-PD negates the need to listen for and process RA on the WAN interface.

If that is correct, then just patching out the line in the source code that logs the RA packet should suffice.

If that is not correct, then there's a problem in OpenBSD (and, from the reply you received, it sounds like FreeBSD as well). The sysctl.conf file of OpenBSD allows for packet forwarding (i.e., acting as a router) or accepting RA packets, but not both.


net.inet6.ip6.forwarding=1       # 1=Permit forwarding (routing) of IPv6 packets
net.inet6.ip6.accept_rtadv=0     # 1=Permit IPv6 autoconf (forwarding must be 0)
to forum · permalink · 2013-04-03 12:07:16 ·


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL

I'm not sure which case is applicable. But if there is a sysctl.conf file on m0n0wall I am unable to find it.

to forum · permalink · 2013-04-03 12:51:22 ·


camper
Premium
join:2010-03-21
Bethel, CT

It would be in /etc if it existed. My FreeBSD servers do not have a /etc/sysctl.conf since most of the boot-time configuration is done via /etc/rc.conf

to forum · permalink · 2013-04-03 13:11:09 ·


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL

Not in /etc and there is no /etc/rc.conf

m0n0wall is unusual as it is configured with php scripts as opposed to shell code.

to forum · permalink · 2013-04-03 13:15:42 ·


camper
Premium
join:2010-03-21
Bethel, CT
Reviews:
·Comcast

reply to graysonf
Try running this command at the command line:

  sysctl net.inet6.ip6

That prints out all the IPv6 sysctl variables. Among them you'll see:

  net.inet6.ip6.forwarding: 0
  net.inet6.ip6.accept_rtadv: 0

Those values from my server indicate that the box does not do any routing and that it does not accept RA messages (it's IPv6 address and route are statically configured in rc.conf).

to forum · permalink · 2013-04-03 13:18:20 ·


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL

$ sysctl net.inet6.ip6
net.inet6.ip6.forwarding: 1
net.inet6.ip6.redirect: 1
net.inet6.ip6.hlim: 64
net.inet6.ip6.maxfragpackets: 1872
net.inet6.ip6.accept_rtadv: 1
net.inet6.ip6.keepfaith: 0
net.inet6.ip6.log_interval: 5
net.inet6.ip6.hdrnestlimit: 15
net.inet6.ip6.dad_count: 1
net.inet6.ip6.auto_flowlabel: 1
net.inet6.ip6.defmcasthlim: 1
net.inet6.ip6.gifhlim: 30
net.inet6.ip6.kame_version: FreeBSD
net.inet6.ip6.use_deprecated: 1
net.inet6.ip6.rr_prune: 5
net.inet6.ip6.v6only: 1
net.inet6.ip6.rtexpire: 3600
net.inet6.ip6.rtminexpire: 10
net.inet6.ip6.rtmaxcache: 128
net.inet6.ip6.use_tempaddr: 0
net.inet6.ip6.temppltime: 86400
net.inet6.ip6.tempvltime: 604800
net.inet6.ip6.auto_linklocal: 1
net.inet6.ip6.prefer_tempaddr: 0
net.inet6.ip6.use_defaultzone: 0
net.inet6.ip6.maxfrags: 1872
net.inet6.ip6.mcast_pmtu: 0
net.inet6.ip6.stealth: 0
net.inet6.ip6.no_radr: 0
net.inet6.ip6.norbit_raif: 0
net.inet6.ip6.rfc6204w3: 1
net.inet6.ip6.mcast.loop: 1
net.inet6.ip6.mcast.maxsocksrc: 128
net.inet6.ip6.mcast.maxgrpsrc: 512

to forum · permalink · 2013-04-03 14:16:03 ·


camper
Premium
join:2010-03-21
Bethel, CT
Reviews:
·Comcast

said by graysonf:

$ sysctl net.inet6.ip6
net.inet6.ip6.forwarding: 1
net.inet6.ip6.accept_rtadv: 1

So it looks like the FreeBSD in your firewall can be a router (forwarding) and also accept RA packets.
to forum · permalink · 2013-04-03 14:22:14 ·


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL

Yes it's pretty flexible.

to forum · permalink · 2013-04-03 14:27:08 ·


camper
Premium
join:2010-03-21
Bethel, CT

If OpenBSD continues to have issues with concurrent rtadvd and routing , I'll switch over to FreeBSD for the firewall / router here.

to forum · permalink · 2013-04-03 15:44:17 ·
Forums > US Cable Support > Comcast HSI
page: 1 · 2 · 3

Monday, 08-Apr 06:02:00 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 13.5 years online © 1999-2013 dslreports.com.
Most commented news this week
Hot Topics