Hello! My pfsense box has seemingly decided to attain sentience and its first action was to spite its master. I had a pending update for 2.7.0-RELEASE but now the system is running 2.7.0 - seemingly having updated itself. The problem is that there seems to be a problem retrieving an IP from my ISPs DHCP6 server on this version.
My ISP has double-checked for me, and they are handing out an IP that should look like 2a05:f6c7:8321::/48 and this is consistent with what I expect it to look like.
Going through my pfsense settings, nothing seems to have changed from the settings my ISP require for IPv6 to work.
My pfsense box is attached directly to their fiber modem, communicating on vlan 101
This is set up as follows (these links may not work if you use IPv6) WAN interfacehttps://u.drkt.eu/9YLi99.png LAN interface u.drkt.eu/8KxPEJ.png Interface Assignments u.drkt.eu/XXJTci.png VLAN 101 u.drkt.eu/eM72PE.png
If I run tcpdump and then restart the gateway, I get these packets
tcpdump -ni alc0.101 -c 1000 -U -w - '((ip6)) and ((not vlan))' 05:46:20.586388 4c:6d:58:4a:97:d4 > d0:50:99:81:48:17, ethertype IPv6 (0x86dd), length 118: (flowlabel 0x6cae9, hlim 57, next-header ICMPv6 (58) payload length: 64) 2a05:f6c0:3:27::2 > 2a05:f6c1:6:8321::: [icmp6 sum ok] ICMP6, echo request, seq 45222 05:46:38.132964 d0:50:99:81:48:17 > 33:33:00:01:00:02, ethertype IPv6 (0x86dd), length 172: (hlim 1, next-header UDP (17) payload length: 118) fe80::d250:99ff:fe81:4817.546 > ff02::1:2.547: [udp sum ok] dhcp6 renew (xid=4fbfc9 (client-ID hwaddr/time type 1 time 710157862 18d6c7060a87) (server-ID vid 0000058334633a36) (IA_NA IAID:0 T1:150 T2:240 (IA_ADDR 2a05:f6c1:6:8321:: pltime:300 vltime:350)) (elapsed-time 0) (option-request DNS-server DNS-search-list)) 05:46:38.133260 d0:50:99:81:48:17 > 33:33:00:01:00:02, ethertype IPv6 (0x86dd), length 173: (hlim 1, next-header UDP (17) payload length: 119) fe80::d250:99ff:fe81:4817.546 > ff02::1:2.547: [udp sum ok] dhcp6 renew (xid=eae64f (client-ID hwaddr/time type 1 time 710157862 18d6c7060a87) (server-ID vid 0000058334633a36) (elapsed-time 0) (option-request DNS-server DNS-search-list) (IA_PD IAID:0 T1:150 T2:240 (IA_PD-prefix 2a05:f6c7:8321::/48 pltime:300 vltime:350))) 05:46:38.184382 4c:6d:58:4a:97:d4 > d0:50:99:81:48:17, ethertype IPv6 (0x86dd), length 194: (class 0xc0, hlim 64, next-header UDP (17) payload length: 140) fe80::4e6d:58ff:fe4a:97d4.547 > fe80::d250:99ff:fe81:4817.546: [udp sum ok] dhcp6 reply (xid=4fbfc9 (client-ID hwaddr/time type 1 time 710157862 18d6c7060a87) (server-ID vid 0000058334633a36) (IA_NA IAID:0 T1:150 T2:240 (IA_ADDR 2a05:f6c1:6:8321:: pltime:300 vltime:350)) (DNS-server 2001:4860:4860::8888 2001:4860:4860::8844)) 05:46:38.184489 4c:6d:58:4a:97:d4 > d0:50:99:81:48:17, ethertype IPv6 (0x86dd), length 195: (class 0xc0, hlim 64, next-header UDP (17) payload length: 141) fe80::4e6d:58ff:fe4a:97d4.547 > fe80::d250:99ff:fe81:4817.546: [udp sum ok] dhcp6 reply (xid=eae64f (client-ID hwaddr/time type 1 time 710157862 18d6c7060a87) (server-ID vid 0000058334633a36) (IA_PD IAID:0 T1:150 T2:240 (IA_PD-prefix 2a05:f6c7:8321::/48 pltime:300 vltime:350)) (DNS-server 2001:4860:4860::8888 2001:4860:4860::8844)) 05:47:19.404284 4c:6d:58:4a:97:d4 > d0:50:99:81:48:17, ethertype IPv6 (0x86dd), length 118: (flowlabel 0x6cae9, hlim 57, next-header ICMPv6 (58) payload length: 64) 2a05:f6c0:3:27::2 > 2a05:f6c1:6:8321::: [icmp6 sum ok] ICMP6, echo request, seq 23451
Any help or guidance is appreciated!
vegetaaaaaaa@lemmy.world 10 months ago
Have you asked on forum.netgate.com/category/66/pfsense-software ?
drkt@feddit.dk 10 months ago
I honestly thought only paid users could use the official forums…
I’ll post it there, too! Thank you
AtariDump@lemmy.world 10 months ago
Also, it’s not a great answer, but look at switching the OPNSense.
I did and had a LOT less issues with my firewall when I did.