After upgrading to vyos 1.3-rolling-202004180117, IPv6 cannot be allocated from ISP using PPPoE protocol. Although the previous 1.2 also has it, it seems that it has been fixed by you. I once obtained the IPv6 address. However, after upgrading to vyos 1.3-rolling-202004180117, the IPv6 address disappears.
Description
Details
- Difficulty level
- Unknown (require assessment)
- Version
- VyOS 1.3-rolling-202004180117
- Why the issue appeared?
- Will be filled on close
- Is it a breaking change?
- Unspecified (possibly destroys the router)
- Issue type
- Bug (incorrect behavior)
Related Objects
Event Timeline
The configuration is as follows:
firewall { all-ping enable broadcast-ping enable config-trap disable ipv6-receive-redirects enable ipv6-src-route enable ip-src-route enable log-martians enable name wan { default-action drop rule 1 { action accept state { established enable related enable } } } name wan-local { default-action drop rule 1 { action accept state { established enable related enable } } rule 2 { action accept icmp { type-name echo-request } protocol icmp state { new enable } } rule 3 { action drop destination { port 22 } protocol tcp recent { count 4 time 60 } state { new enable } } rule 4 { action accept protocol tcp state { new enable } } } options { interface pppoe0 { adjust-mss 1452 adjust-mss6 1280 } } receive-redirects disable send-redirects enable source-validation disable state-policy { established { action accept log { enable } } invalid { action accept log { enable } } related { action accept log { enable } } } syn-cookies enable twa-hazards-protection disable } interfaces { bridge br1 { address 192.168.0.1/24 address fc00:470:f1cd::1/64 description "lan 0" dhcpv6-options { temporary } ipv6 { address { autoconf eui64 fc00:470:f1cd::/64 } dup-addr-detect-transmits 1 } member { interface eth1.1 { } interface eth2 { } } stp } bridge br2 { address 192.168.101.1/24 address fc00:470:f1cd:101::1/64 description "lan 101" dhcpv6-options { temporary } ipv6 { address { autoconf eui64 fc00:470:f1cd:101::/64 } dup-addr-detect-transmits 1 } member { interface eth0 { } interface eth1.2 { } interface eth3 { } interface eth4 { } } stp } ethernet eth0 { description LAN ipv6 { address { } dup-addr-detect-transmits 1 } } ethernet eth1 { description Trunk vif 1 { description "vlan 1 of eth1" } vif 2 { description "vlan 2 of eth1" } } ethernet eth2 { description LAN } ethernet eth3 { description LAN } ethernet eth4 { description LAN } ethernet eth5 { description WAN disable-flow-control firewall { in { name wan } local { name wan-local } } } pppoe pppoe0 { authentication { password **************** user user } default-route auto description ISP ipv6 { enable } mtu 1492 source-interface eth5 } } nat { nptv6 { rule 2 { description "IPv6 NPT" outbound-interface pppoe0 source { prefix fc00:470:f1cd::/48 } translation { prefix 240e:fc:7d:dc27::/64 } } } source { rule 1 { description PUBLIC log enable outbound-interface pppoe0 protocol all source { address 0.0.0.0/0 } translation { address masquerade } } } } protocols { static { interface-route 0.0.0.0/0 { next-hop-interface pppoe0 { } } interface-route6 ::/0 { next-hop-interface pppoe0 { } } table 150 { interface-route 0.0.0.0/0 { next-hop-interface pppoe0 { } } interface-route6 ::/0 { next-hop-interface pppoe0 { } } } } } service { dhcp-server { shared-network-name pri101 { description "DHCP 101" subnet 192.168.101.0/24 { default-router 192.168.101.1 dns-server 192.168.0.254 dns-server 192.168.101.1 dns-server 192.168.0.1 lease 86400 ntp-server 192.168.101.1 range 0 { start 192.168.101.8 stop 192.168.101.254 } } } } dhcpv6-server { preference 0 shared-network-name pri101 { subnet fc00:470:f1cd:101::/64 { address-range { start fc00:470:f1cd:101::8 { stop fc00:470:f1cd:101:ffff:ffff:ffff:ffff } } name-server fc00:470:f1cd::ff00 name-server fc00:470:f1cd::1 name-server fc00:470:f1cd:101::1 } } } dns { forwarding { allow-from 192.168.0.0/16 allow-from 2001:470:f1cd::/48 cache-size 1024 domain pve. { server 192.168.0.47 server 2001:470:f1cd::47 } listen-address 0.0.0.0 listen-address :: name-server 114.114.114.114 name-server 1.1.1.1 name-server 1.0.0.1 name-server 2001:470:f1cd::ff00 name-server 192.168.0.254 system } } https { virtual-host vhost0 { listen-address "*" server-name 192.168.0.1 } } mdns { repeater { interface br1 interface br2 } } router-advert { interface br1 { } interface br2 { } } ssh { listen-address 0.0.0.0 } } system { acceleration { } config-management { commit-revisions 100 } console { device ttyS0 { speed 115200 } } domain-name router host-name vyos ip { arp { table-size 2048 } multipath { layer4-hashing } } ipv6 { multipath { layer4-hashing } neighbor { table-size 2048 } strict-dad } login { user vyos { authentication { encrypted-password **************** plaintext-password **************** } } } name-server 192.168.0.1 ntp { allow-clients { address 192.168.0.0/16 address fc00:470:f1cd::/48 } listen-address :: listen-address 0.0.0.0 server 0.centos.pool.ntp.org { } server 1.centos.pool.ntp.org { } server 2.centos.pool.ntp.org { } server 3.centos.pool.ntp.org { } server ntp.qhjack.cn { } } sysctl { custom net.ipv4.conf.all.rp_filter { value 0 } custom net.ipv4.conf.default.rp_filter { value 0 } custom net.ipv4.conf.eth0.rp_filter { value 0 } custom net.ipv6.conf.all.accept_ra { value 2 } custom net.ipv6.conf.all.forwarding { value 1 } } syslog { global { facility all { level info } facility protocols { level debug } } } time-zone Asia/Shanghai }
I hope to get IPv6 address in PPPoE dial-up, which seems to have been fixed in the previous vyos version, and I got the IPv6 address assigned by ISP. However, in the new version, IPv6 cannot be obtained, so I can only get the IPv4 address!
Can you please post the configuration as show configuration commands from op-mode level? Then it will become easier to reproduce it. Thanks
set firewall all-ping 'enable' set firewall broadcast-ping 'enable' set firewall config-trap 'disable' set firewall ipv6-receive-redirects 'enable' set firewall ipv6-src-route 'enable' set firewall ip-src-route 'enable' set firewall log-martians 'enable' set firewall name wan default-action 'drop' set firewall name wan rule 1 action 'accept' set firewall name wan rule 1 state established 'enable' set firewall name wan rule 1 state related 'enable' set firewall name wan-local default-action 'drop' set firewall name wan-local rule 1 action 'accept' set firewall name wan-local rule 1 state established 'enable' set firewall name wan-local rule 1 state related 'enable' set firewall name wan-local rule 2 action 'accept' set firewall name wan-local rule 2 icmp type-name 'echo-request' set firewall name wan-local rule 2 protocol 'icmp' set firewall name wan-local rule 2 state new 'enable' set firewall name wan-local rule 3 action 'drop' set firewall name wan-local rule 3 destination port '22' set firewall name wan-local rule 3 protocol 'tcp' set firewall name wan-local rule 3 recent count '4' set firewall name wan-local rule 3 recent time '60' set firewall name wan-local rule 3 state new 'enable' set firewall name wan-local rule 4 action 'accept' set firewall name wan-local rule 4 protocol 'tcp' set firewall name wan-local rule 4 state new 'enable' set firewall options interface pppoe0 adjust-mss '1452' set firewall options interface pppoe0 adjust-mss6 '1280' set firewall receive-redirects 'disable' set firewall send-redirects 'enable' set firewall source-validation 'disable' set firewall state-policy established action 'accept' set firewall state-policy established log enable set firewall state-policy invalid action 'accept' set firewall state-policy invalid log enable set firewall state-policy related action 'accept' set firewall state-policy related log enable set firewall syn-cookies 'enable' set firewall twa-hazards-protection 'disable' set interfaces bridge br1 address '192.168.0.1/24' set interfaces bridge br1 address 'fc00:470:f1cd::1/64' set interfaces bridge br1 description 'lan 0' set interfaces bridge br1 dhcpv6-options temporary set interfaces bridge br1 ipv6 address autoconf set interfaces bridge br1 ipv6 address eui64 'fc00:470:f1cd::/64' set interfaces bridge br1 ipv6 dup-addr-detect-transmits '1' set interfaces bridge br1 member interface eth1.1 set interfaces bridge br1 member interface eth2 set interfaces bridge br1 stp set interfaces bridge br2 address '192.168.101.1/24' set interfaces bridge br2 address 'fc00:470:f1cd:101::1/64' set interfaces bridge br2 description 'lan 101' set interfaces bridge br2 dhcpv6-options temporary set interfaces bridge br2 ipv6 address autoconf set interfaces bridge br2 ipv6 address eui64 'fc00:470:f1cd:101::/64' set interfaces bridge br2 ipv6 dup-addr-detect-transmits '1' set interfaces bridge br2 member interface eth0 set interfaces bridge br2 member interface eth1.2 set interfaces bridge br2 member interface eth3 set interfaces bridge br2 member interface eth4 set interfaces bridge br2 stp set interfaces ethernet eth0 description 'LAN' set interfaces ethernet eth0 ipv6 address set interfaces ethernet eth0 ipv6 dup-addr-detect-transmits '1' set interfaces ethernet eth1 description 'Trunk' set interfaces ethernet eth1 vif 1 description 'vlan 1 of eth1' set interfaces ethernet eth1 vif 2 description 'vlan 2 of eth1' set interfaces ethernet eth2 description 'LAN' set interfaces ethernet eth3 description 'LAN' set interfaces ethernet eth4 description 'LAN' set interfaces ethernet eth5 description 'WAN' set interfaces ethernet eth5 disable-flow-control set interfaces ethernet eth5 firewall in name 'wan' set interfaces ethernet eth5 firewall local name 'wan-local' set interfaces pppoe pppoe0 authentication password 'password' set interfaces pppoe pppoe0 authentication user 'username' set interfaces pppoe pppoe0 default-route 'auto' set interfaces pppoe pppoe0 description 'ISP' set interfaces pppoe pppoe0 ipv6 enable set interfaces pppoe pppoe0 mtu '1492' set interfaces pppoe pppoe0 source-interface 'eth5' set nat nptv6 rule 2 description 'IPv6 NPT' set nat nptv6 rule 2 outbound-interface 'pppoe0' set nat nptv6 rule 2 source prefix 'fc00:470:f1cd::/48' set nat nptv6 rule 2 translation prefix '240e:fc:7d:dc27::/64' set nat source rule 1 description 'PUBLIC' set nat source rule 1 log 'enable' set nat source rule 1 outbound-interface 'pppoe0' set nat source rule 1 protocol 'all' set nat source rule 1 source address '0.0.0.0/0' set nat source rule 1 translation address 'masquerade' set protocols static interface-route 0.0.0.0/0 next-hop-interface pppoe0 set protocols static interface-route6 ::/0 next-hop-interface pppoe0 set protocols static table 150 interface-route 0.0.0.0/0 next-hop-interface pppoe0 set protocols static table 150 interface-route6 ::/0 next-hop-interface pppoe0 set service dhcp-server shared-network-name pri101 description 'DHCP 101' set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 default-router '192.168.101.1' set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 dns-server '192.168.0.254' set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 dns-server '192.168.101.1' set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 dns-server '192.168.0.1' set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 lease '86400' set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 ntp-server '192.168.101.1' set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 range 0 start '192.168.101.8' set service dhcp-server shared-network-name pri101 subnet 192.168.101.0/24 range 0 stop '192.168.101.254' set service dhcpv6-server preference '0' set service dhcpv6-server shared-network-name pri101 subnet fc00:470:f1cd:101::/64 address-range start fc00:470:f1cd:101::8 stop 'fc00:470:f1cd:101:ffff:ffff:ffff:ffff' set service dhcpv6-server shared-network-name pri101 subnet fc00:470:f1cd:101::/64 name-server 'fc00:470:f1cd::ff00' set service dhcpv6-server shared-network-name pri101 subnet fc00:470:f1cd:101::/64 name-server 'fc00:470:f1cd::1' set service dhcpv6-server shared-network-name pri101 subnet fc00:470:f1cd:101::/64 name-server 'fc00:470:f1cd:101::1' set service dns forwarding allow-from '192.168.0.0/16' set service dns forwarding allow-from '2001:470:f1cd::/48' set service dns forwarding cache-size '1024' set service dns forwarding domain pve. server '192.168.0.47' set service dns forwarding domain pve. server '2001:470:f1cd::47' set service dns forwarding listen-address '0.0.0.0' set service dns forwarding listen-address '::' set service dns forwarding name-server '114.114.114.114' set service dns forwarding name-server '1.1.1.1' set service dns forwarding name-server '1.0.0.1' set service dns forwarding name-server '2001:470:f1cd::ff00' set service dns forwarding name-server '192.168.0.254' set service dns forwarding system set service https virtual-host vhost0 listen-address '*' set service https virtual-host vhost0 server-name '192.168.0.1' set service mdns repeater interface 'br1' set service mdns repeater interface 'br2' set service router-advert interface br1 set service router-advert interface br2 set service ssh listen-address '0.0.0.0' set system acceleration set system config-management commit-revisions '100' set system console device ttyS0 speed '115200' ...skipping... set service dhcpv6-server shared-network-name pri101 subnet fc00:470:f1cd:101::/64 name-server 'fc00:470:f1cd::ff00' set service dhcpv6-server shared-network-name pri101 subnet fc00:470:f1cd:101::/64 name-server 'fc00:470:f1cd::1' set service dhcpv6-server shared-network-name pri101 subnet fc00:470:f1cd:101::/64 name-server 'fc00:470:f1cd:101::1' set service dns forwarding allow-from '192.168.0.0/16' set service dns forwarding allow-from '2001:470:f1cd::/48' set service dns forwarding cache-size '1024' set service dns forwarding domain pve. server '192.168.0.47' set service dns forwarding domain pve. server '2001:470:f1cd::47' set service dns forwarding listen-address '0.0.0.0' set service dns forwarding listen-address '::' set service dns forwarding name-server '114.114.114.114' set service dns forwarding name-server '1.1.1.1' set service dns forwarding name-server '1.0.0.1' set service dns forwarding name-server '2001:470:f1cd::ff00' set service dns forwarding name-server '192.168.0.254' set service dns forwarding system set service https virtual-host vhost0 listen-address '*' set service https virtual-host vhost0 server-name '192.168.0.1' set service mdns repeater interface 'br1' set service mdns repeater interface 'br2' set service router-advert interface br1 set service router-advert interface br2 set service ssh listen-address '0.0.0.0' set system acceleration set system config-management commit-revisions '100' set system console device ttyS0 speed '115200' set system domain-name 'router' set system host-name 'vyos' set system ip arp table-size '2048' set system ip multipath layer4-hashing set system ipv6 multipath layer4-hashing set system ipv6 neighbor table-size '2048' set system ipv6 strict-dad set system login user vyos authentication encrypted-password '$6$UaXQViDvJ.Hr$85U/9Q5d/tc9hdtrnntMVgrztOCext..OJCHaJYZUo82GAdD95lchvSjI3vCZJTNte7cIAs87YctYlXODGXAz1' set system login user vyos authentication plaintext-password '' set system name-server '192.168.0.1' set system ntp allow-clients address '192.168.0.0/16' set system ntp allow-clients address 'fc00:470:f1cd::/48' set system ntp listen-address '::' set system ntp listen-address '0.0.0.0' set system ntp server 0.centos.pool.ntp.org set system ntp server 1.centos.pool.ntp.org set system ntp server 2.centos.pool.ntp.org set system ntp server 3.centos.pool.ntp.org set system ntp server ntp.qhjack.cn set system sysctl custom net.ipv4.conf.all.rp_filter value '0' set system sysctl custom net.ipv4.conf.default.rp_filter value '0' set system sysctl custom net.ipv4.conf.eth0.rp_filter value '0' set system sysctl custom net.ipv6.conf.all.accept_ra value '2' set system sysctl custom net.ipv6.conf.all.forwarding value '1' set system syslog global facility all level 'info' set system syslog global facility protocols level 'debug' set system time-zone 'Asia/Shanghai'
My best bet is due to the missing set interfaces pppoe pppoe0 ipv6 address autoconf option.
Thank you, but I think I found a new bug. After executing the following command, I found that PPPoE frequently relinked, and it seems to return to normal after restarting!
set interfaces pppoe pppoe0 ipv6 address autoconf commit save run disconnect interface pppoe0 run connect interface pppoe0
What do you mean by:
found that PPPoE frequently relinked,
When you issue the configuration command and commit the PPPoE is torn down and re-estabished via systemd - I do not consider this a bug. Can you provide more logs?
If I execute the above command, it seems that IPv6 settings can't really take effect, and the PPPoE link will be broken every ten seconds. Of course, if I restart vyos, it will return to normal and obtain IPv6 normally! Of course, this is just a problem when I execute these commands in my situation. It doesn't mean that it's the only condition to reproduce this bug!
Weird - does not happen on my PPPoE test server. Please update us if you find the root cause on this odd behavior with your ISP. Closing this.