Instead of generic, local ifconfig information, it might be more beneficial to concentrate on a specific site that isn’t working and work back from there.
If you fix one, you might just fix them all. In dual-stack, I have found that the problem is usually receiving a good AAAA record when querying DNS but not having a good v6 route. Your browser does the right thing, trying v6 first, gets a good DNS response, but can’t get there. This is what I experience when my IP address changes. It doesn’t happen often, maybe every eight months or so, but it trashes my HE tunnel until I get it reconfigured. This is because IPv4 nameservers can give good AAAA answers. But then there’s no IPv6 route. The IPv4 nameserver has no idea whether you have a good IPv6 route. It receives an AAAA resolution request and dutifully obliges. My client computers have no idea the HE tunnel is dead. They ask if there’s an IPv6 router on the segment, get a response, and think everything is hunky-dory so they ask for AAAA records first. They get a good response, and try to connect. But the Internetv6 is down. :( On May 14, 2014, at 12:47 AM, R.Sv. <r...@balsec.com> wrote: > Dear all > > Started to play around with IPv6 with my Swiss provider (VTX, not yet > officially supporting IPv6) and HE.net IPv6 Tunnel. > > IPv6 works, but not correctly, some web pages do not load at all or never end > to finish loading. I guess because some routing problem. Looking at > "ifconfig" I have 2 questions: > > 1) Why do vr0, vr1_vlan, pppoe2 and gif0 interfaces have the same link-local > address? > 2) Why does ppoe2 have a an official IPv6 address (in GUI/Status/Interfaces > it displays as Gateway IPv6) > > On the box, IPv6 is on > On WAN interface: IPv4 Config Type: PPPoE; IPv6 Config Type: None > > With Config-Type=None I would expect no IPv6 configuration at all, except an > link-local address. > I already tried other IPv6 config types for WAN, but result is always the > same. I have not yet contacted the provider. > > The multiple and for me weird distribution of link-local addresses is > probably my missing knowledge .... > But the IPv6 gateway on pppoe without having a routable IPv6 behind the link > is the problem! How can I prevent/delete that interface and routing setting? > > Setup: > provider <-> pppoe2 <-> vr1_vlan11 <-> WAN > pfsense <-> WAN <-> vr1_vlan11 <-> pppoe2 <-> provider (VTX) > pfsense <-> IPV6HE <-> gif0<-> WAN<-> tunnel-to-ipv6 (HE) > > A very similar setup where WAN is a static address (private address/DMZ) > works without a problem. The problem is not the IPv6 tunnel setup. > > ifconfig | grep inet6: > -------------------------------------------------- > [2.1.3-RELEASE][r...@pfs0097.xxx.ch]/root(2): ifconfig | grep inet6 > inet6 fe80::20d:b9ff:fe1c:b04%vr0 prefixlen 64 scopeid 0x1 > inet6 fe80::20d:b9ff:fe1c:b05%vr1 prefixlen 64 scopeid 0x2 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 > inet6 fe80::20d:b9ff:fe1c:b04%vr1_vlan11 prefixlen 64 scopeid 0x7 > inet6 fe80::20d:b9ff:fe1c:b04%pppoe2 prefixlen 64 scopeid 0x8 > inet6 2001:4c78:bee0:413:20d:b9ff:fe1c:b04 prefixlen 64 autoconf > inet6 2001:470:25:8c::2 --> 2001:470:25:8c::1 prefixlen 128 > inet6 fe80::20d:b9ff:fe1c:b04%gif0 prefixlen 64 scopeid 0x9 > > > ifconfig: > -------------------------------------------------- > [2.1.3-RELEASE][r...@pfs0097.xxx.ch]/root(1): ifconfig > vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=8280b<RXCSUM,TXCSUM,VLAN_MTU,WOL_UCAST,WOL_MAGIC,LINKSTATE> > ether 00:0d:b9:1c:0b:04 > inet6 fe80::20d:b9ff:fe1c:b04%vr0 prefixlen 64 scopeid 0x1 > inet 172.28.58.1 netmask 0xffffff00 broadcast 172.28.58.255 > nd6 options=1<PERFORMNUD> > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > vr1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=8280b<RXCSUM,TXCSUM,VLAN_MTU,WOL_UCAST,WOL_MAGIC,LINKSTATE> > ether 00:0d:b9:1c:0b:05 > inet6 fe80::20d:b9ff:fe1c:b05%vr1 prefixlen 64 scopeid 0x2 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > enc0: flags=0<> metric 0 mtu 1536 > pflog0: flags=100<PROMISC> metric 0 mtu 33192 > pfsync0: flags=0<> metric 0 mtu 1460 > syncpeer: 224.0.0.240 maxupd: 128 syncok: 1 > lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > options=3<RXCSUM,TXCSUM> > inet 127.0.0.1 netmask 0xff000000 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > vr1_vlan11: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu > 1500 > ether 00:0d:b9:1c:0b:05 > inet6 fe80::20d:b9ff:fe1c:b04%vr1_vlan11 prefixlen 64 scopeid 0x7 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > vlan: 11 vlanpcp: 0 parent interface: vr1 > pppoe2: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0 > mtu 1492 > inet6 fe80::20d:b9ff:fe1c:b04%pppoe2 prefixlen 64 scopeid 0x8 > inet 83.228.149.226 --> 212.147.11.51 netmask 0xffffffff > inet6 2001:4c78:bee0:413:20d:b9ff:fe1c:b04 prefixlen 64 autoconf > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280 > tunnel inet 83.228.149.226 --> 216.66.80.98 > inet6 2001:470:YYY:8c::2 --> 2001:470:YYY:8c::1 prefixlen 128 > inet6 fe80::20d:b9ff:fe1c:b04%gif0 prefixlen 64 scopeid 0x9 > nd6 options=3<PERFORMNUD,ACCEPT_RTADV> > options=1<ACCEPT_REV_ETHIP_VER> > _______________________________________________ > List mailing list > List@lists.pfsense.org > https://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
