IPv6 Issues with COX Fiber on 23.7.X #6884
Comments
|
Let me know I can provide more testing/screenshots. The issue seems that it can't route from the LAN to the WAN side. I haven't touched the routes (default route) at all. I can confirm VLAN to VLAN interface IPs can ping each other fine. It's purely just Interface Net to WAN having the issue. |
|
Picture of IPv6 routes |
|
When you start a ping / traceroute test from OPNsense itself, there is no LAN-to-WAN routing involved, even when setting the source address to a LAN interface address. |
|
That’s the thing, wan side is totally fine. |
|
What does that mean? You see ping replies in a WAN packet capture when setting the source address to a LAN interface address? |
|
On a ping outbound without a source it’s getting replies and working. On the source address trace route it’s going to the first hop itself and then just dies. Like it won’t cross from that source address/vlan/interface to go out the wan interface. In the screenshots above you can see wan gets a valid address and everything. So do the vlan interfaces. This same configuration was used and was previously working on the same isp as well months ago. |
If this means you are seeing outbound packets in the packet capture, but no replies, it's an ISP issue. |
|
I attached the PCAP as well for all ICMPv6 traffic and pinged from a source address of - 2600:8801:1580:3950:a236:9fff:fe0e:ebcc to google.com (2607:f8b0:4007:809::200e) It's essentially the same as what I'm seeing before. No response is received when the source is a inside host. But as soon as I do the ping via the CLI without a source host it's fine (OPNsense box itself). |
|
ISP issue. Proper ICMPv6 echo requests are sent, but there are no replies. There is nothing OPNsense can do about this. Talk to your ISP. They might not be routing your delegated prefix properly.
|
|
This issue has been automatically timed-out (after 180 days of inactivity). For more information about the policies for this repository, If someone wants to step up and work on this issue, |
Important notices
Before you add a new report, we ask you kindly to acknowledge the following:
Describe the bug
Previously on COX cable I was able to have ipv6 working without any issues. I requested a /56 prefix. Assigned each VLAN a portion of that /56. Setup DHCP/RA and everything was working correctly. Sometime after 23.7 and using the same config on COX fiber (same ISP) this stopped working.
Currently I can still ping6 on opnsense and get replies perfectly but if I specify a source address from one of the other vlans/interfaces it will timeout. I haven't changed anything from prior having this working.
Expected behavior
Ping from a LAN/VLAN client and have the traffic go outbound accordingly.
Describe alternatives you considered
I tried directly connecting a device via ethernet to a LAN interface on OPNsense (ruling out wifi/switching/vlans) and just outbound to the internet with no luck. I tried a /60 prefix as well with no luck. Multiple reboots. Even a any any ipv6 rule temporarily on that test LAN subnet without any luck. I tried the internal OPNsense ping specifying the source address as a interface address on the LAN side with no luck either.
Screenshots
If applicable, add screenshots to help explain your problem.
Attached some debug shots and config shots
If applicable, information from log files supporting your claim.
Additional context
Add any other context about the problem here.
Environment
NUC9i7QNX (32gb/512gb SSD)
OPNsense 23.7.4 (tried on 23.7.3 as well)
INTEL i225 x2 (WAN) + INTEL x540-t2 (VLAN/LACP) + igb0 (LAN)
The text was updated successfully, but these errors were encountered: