[pfSense] IPv6 Router Advertisement DNS
Hi,
I'm running IPv6 on my LAN interface and I'm experiencing some
weird IPv6 Router advertisement issues. When I look at at Router
Advertisement Daemon configuration, only the prefix and the DNS
domain should be sent:
# Automatically Generated, do not edit
# Generated config for dhcp6 delegation from wan on lan
interface em0 {
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 10;
AdvLinkMTU 1500;
AdvOtherConfigFlag on;
prefix 2a02:168:9800::/64 {
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};
DNSSL lan.dogan.ch { }
Unfortunately, a Windows 7 client configures the pfsense address
as the DNS server (sorry, it's in German):
Ethernet-Adapter LAN-Verbindung:
Verbindungsspezifisches DNS-Suffix: home
Beschreibung. . . . . . . . . . . : vmxnet3 Ethernet Adapter
Physikalische Adresse . . . . . . : 00-0C-29-F9-24-1F
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
IPv6-Adresse. . . . . . . . . . . :
:xxx::0:7dec:f195:8510:8892(Bevorzugt)
Temporäre IPv6-Adresse. . . . . . :
:xxx::0:3045:c28a:e709:8662(Bevorzugt)
Verbindungslokale IPv6-Adresse . : fe80::7dec:f195:8510:8892%11(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.42.180(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . : fe80::1:1%11
192.168.42.1
DHCPv6-IAID . . . . . . . . . . . : 234884137
DHCPv6-Client-DUID. . . . . . . . : xx-xx-xx-xx-xx-xx-CC-69-00-0C-29-F9-24-1F
DNS-Server . . . . . . . . . . . : :xxx::0:20c:29ff:fe87:1d76
192.168.42.178
192.168.42.158
NetBIOS über TCP/IP . . . . . . . : Aktiviert
Suchliste für verbindungsspezifische DNS-Suffixe:
home
And the router advirtesement package looks fine so far:
10:47:55.267792 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 88)
fe80::1:1 ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 88
hop limit 64, Flags [other stateful], pref medium, router lifetime 30s,
reachable time 0s, retrans time 0s
prefix info option (3), length 32 (4): :xxx:::/64, Flags
[onlink, auto, router], valid time 86400s, pref. time 14400s
0x: 40e0 0001 5180 3840
0x0010:
dnssl option (31), length 24 (3): lifetime 10s, domain(s):
lan.dogan.ch.
0x: 000a 036c 616e 0564 6f67 616e
0x0010: 0263 6800
mtu option (5), length 8 (1): 1500
0x: 05dc
source link-address option (1), length 8 (1): 00:0c:29:87:1d:76
0x: 000c 2987 1d76
I'm wondering now, why the pfsense router address is set as a DNS
server, while there is no DNS forwarder or DNS resolver running
there. I've also noticed, that if I specify IPv6 DNS server
addresses for pfsense, they are set in the radv.conf, but the
client (Windows 7 and Android 5.1.1) are trying to use the
default gateway as a DNS server.
Well, I think this behaviour isn't right and probably there is
something wrong here.
Ihsan
--
ih...@dogan.ch http://blog.dogan.ch/
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Documentation about Firewall Lookup Process, State Table, Firewall Rules Table
On 06/03/2015 09:47 AM, Espen Johansen wrote: Don't double post please. Looks like his other post was stuck in the moderation queue and approved, I'd have killed it but I didn't notice he'd already managed to get it through to the list. Hello everybody, Is there any documentation about: * the process how pfSense firewall handles packets (lookup in firewall rules, lookup in state table, add new state, ...) e.g. a flow chart * how the firewall rules are beeing (data structure) * how the connection states are beeing (data structure) Any hints are greatly appreciated! While not that low level (which as others have stated could be found in PF docs from FreeBSD and/or OpenBSD, plus the source), this should also be of interest: https://doc.pfsense.org/index.php/Firewall_Rule_Processing_Order Jim ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Documentation about Firewall Lookup Process, State Table, Firewall Rules Table
Hello everybody, Is there any documentation about: * the process how pfSense firewall handles packets (lookup in firewall rules, lookup in state table, add new state, ...) e.g. a flow chart * how the firewall rules are beeing (data structure) * how the connection states are beeing (data structure) Any hints are greatly appreciated! KR, Lukas ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Documentation about Firewall Lookup Process, State Table, Firewall Rules Table
Don't double post please. Brgds, Espen 3. juni 2015 15:00 skrev Lukas Hubschmid lukas.hubsch...@pop.agri.ch: Hello everybody, Is there any documentation about: * the process how pfSense firewall handles packets (lookup in firewall rules, lookup in state table, add new state, ...) e.g. a flow chart * how the firewall rules are beeing (data structure) * how the connection states are beeing (data structure) Any hints are greatly appreciated! KR, Lukas ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Documentation about Firewall Lookup Process, State Table, Firewall Rules Table
Pfsense is based on openbsds PF (PacketFilter) and runs freebsd as base OS. That should give you enough to google how it works. Also remeber that this is opensource and everything is freely available. The source code tells you everything there is to know ;-) Good luck :-) ons. 3. juni 2015, 14:33 skrev Lukas Hubschmid (s) lukas.hubsch...@students.fhnw.ch: Hello everybody, Is there any documentation about: * the process how pfSense firewall handles packets (lookup in firewall rules, lookup in state table, add new state, ...) e.g. a flow chart * how the firewall rules are beeing (data structure) * how the connection states are beeing (data structure) Any hints are greatly appreciated! KR, Lukas ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Documentation about Firewall Lookup Process, State Table, Firewall Rules Table
Thank you both very much for the given hints, I will look into them! Sorry for the double post (I first used the wrong mail address). KR, Lukas Am 03.06.2015 um 15:51 schrieb Jim Pingle: On 06/03/2015 09:47 AM, Espen Johansen wrote: Don't double post please. Looks like his other post was stuck in the moderation queue and approved, I'd have killed it but I didn't notice he'd already managed to get it through to the list. Hello everybody, Is there any documentation about: * the process how pfSense firewall handles packets (lookup in firewall rules, lookup in state table, add new state, ...) e.g. a flow chart * how the firewall rules are beeing (data structure) * how the connection states are beeing (data structure) Any hints are greatly appreciated! While not that low level (which as others have stated could be found in PF docs from FreeBSD and/or OpenBSD, plus the source), this should also be of interest: https://doc.pfsense.org/index.php/Firewall_Rule_Processing_Order Jim ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
