IPv6 intermittent connection on FreeBSD

mumu

Member

Reaction score: 4
Messages: 25

Hi, I have a cloud server with Netcup running FreeBSD 13. I am having odd issues where IPv6 connectivity is intermittent. For example if I do a simple ping6, there is a delay/hang for 10s or more and then the replies come in. If I ping6 the second time I get replies instantly.

If I idle for 5 minutes and do a ping6 again, it hangs/delays again. I've spoken to the cloud team and they don't have IPv6 connectivity problems from their side to my server.

So I'm wondering if it has anything to do with the OS. Here's my /etc/rc.conf:

Code:
ipv6_activate_all_interfaces="YES"
ipv6_defaultrouter="fe80::1%vtnet0"
ipv6_ifconfig_vtnet0="2a03:xxxx:xx:axx::1/64"
ifconfig_vtnet0_alias0="inet6 2a03:xxxx:xx:axx::2/128"
ifconfig_vtnet0_alias1="inet6 2a03:xxxx:xx:axx::3/128"
ip6addrctl_policy="prefer_ipv4" # <- Temporary so that downloading ports/packages continue to work without delay.

Is there anything else I can troubleshoot ? Thanks.
 

covacat

Well-Known Member

Reaction score: 216
Messages: 461

do you ping ips or names ?
it could be a dns timeout problem
 
OP
M

mumu

Member

Reaction score: 4
Messages: 25

do you ping ips or names ?
it could be a dns timeout problem
ping names:


# ping6 www.google.com
PING6(56=40+8+8 bytes) 2axx:xxxx:xa:abb::1 --> 2a00:1450:4001:828::2004
16 bytes from 2a00:1450:4001:828::2004, icmp_seq=3 hlim=120 time=475.835 ms
16 bytes from 2a00:1450:4001:828::2004, icmp_seq=4 hlim=120 time=3.804 ms
16 bytes from 2a00:1450:4001:828::2004, icmp_seq=5 hlim=120 time=3.818 ms
16 bytes from 2a00:1450:4001:828::2004, icmp_seq=6 hlim=120 time=3.769 ms
^C
--- www.google.com ping6 statistics ---
7 packets transmitted, 4 packets received, 42.9% packet loss
round-trip min/avg/max/std-dev = 3.769/121.806/475.835/204.399 ms

The bold line is where the delay/hang happens. I'm currently lost ..
 

cybersans

New Member

Reaction score: 1
Messages: 13

dear mumu
i want to share my experience back in the day that similar to this problem when installing freebsd in the vps

i assume that you are using kvm.

i made some troubleshooting at some of my vps which is fixed, and other which is not solved.

the freebsd's vps that worked is when i reconfigure the pf firewall to allow inbound icmpv6, rtadv and some service related through the firewall. it were always worked when in just allowed all inbound packets to the ipv6 while the pf only protect the ipv4.

the others that didn't work, since i already discussed with the vps provider, caused by the gateway which are not compatible with how freebsds route the traffic to the gateways. they didn't want to reconfigure the gateways, so my solutions to that vps in installing other os; linux; centos.

the others is straigt forward, since they only asked me to put the ipv6 ip inside the rc.conf and never specify the ipv6_default_gateway because the router will do the rest. i can connect without any problem without any intermittent.

so, please liaise with your vps' provider whether their router caused your intermittent, whether they have some configuration you need to make to make sure that your freebsd's vps online without any problem.

regards
sans
 
OP
M

mumu

Member

Reaction score: 4
Messages: 25

dear mumu
i want to share my experience back in the day that similar to this problem when installing freebsd in the vps

i assume that you are using kvm.

i made some troubleshooting at some of my vps which is fixed, and other which is not solved.

the freebsd's vps that worked is when i reconfigure the pf firewall to allow inbound icmpv6, rtadv and some service related through the firewall. it were always worked when in just allowed all inbound packets to the ipv6 while the pf only protect the ipv4.

the others that didn't work, since i already discussed with the vps provider, caused by the gateway which are not compatible with how freebsds route the traffic to the gateways. they didn't want to reconfigure the gateways, so my solutions to that vps in installing other os; linux; centos.

the others is straigt forward, since they only asked me to put the ipv6 ip inside the rc.conf and never specify the ipv6_default_gateway because the router will do the rest. i can connect without any problem without any intermittent.

so, please liaise with your vps' provider whether their router caused your intermittent, whether they have some configuration you need to make to make sure that your freebsd's vps online without any problem.

regards
sans
Thanks. I suspect it has something to do with the vps provider. I'll try to speak to them and take it from there.
 
OP
M

mumu

Member

Reaction score: 4
Messages: 25

I'm still awaiting feedback from the provider. In the meantime, there were discussions on the provider's forum about this issue. It seems that after further investigating by various forum members, the issue seems to be that IPv6 packets that go out the default route comes back in a different route before finally reaching the destination. This whole thing causes a 'delay' when using either ping6/traceroute6/mtr from the host server or remotely.

2 members got the issue 'fixed' by paying for an extra /64 that is routed directly to their server. The 'fix' was offered by the provider which doesn't make sense since the paid plan already includes IPv6.

Why would a provider do this ? Is it because of security ? Hopefully someone can shed some light on the matter thanks.
 
OP
M

mumu

Member

Reaction score: 4
Messages: 25

Btw, does setfib(1) work with IPv6 ? The online docs I could find refer to IPv4 only..
 
OP
M

mumu

Member

Reaction score: 4
Messages: 25

Here's some more discovery to my issue above. The command used is ndp(8).

Code:
% ndp -np | grep 2001                 
2001:aaaa:bb:ccc::/64 if=vtnet0

That's the /64 assigned by the provider. This next bit is abit odd:-

Code:
% ndp -na | grep fe80 | grep -v permanent
fe80::1%vtnet0                       00:xx:00:00:xx:00 vtnet0 23h50m58s S R
fe80::aaaa:bbb:1111:ddde%vtnet0      01:xx:11:11:xx:11 vtnet0 23h50m33s S R
fe80::aaaa:bbb:2222:fffe%vtnet0      02:xx:22:22:xx:22 vtnet0 23h50m1s  S R

'fe80::1%vtnet0' is the primary default gateway given by the provider. The other two seem to be gateways as well for some reason. The delay happens when I ping6/traceroute6 and one of the gateway replies. By right, only the primary gateway should reply. But for some reason, the replies coming in are being round-robin'd.

It is the same remotely. On my laptop if I were to ping6/traceroute6 my server, the request hits the server, but the replies, since it goes out from either of the routes causes a delay. The delay is usually <30s but it's pretty bad. My browser would also hang trying to connect and then give up and fall back to IPv4.

I had asked about setfib(1) above because I want to know if I can route my /64 through those gateways.
 

blakehartshorn

New Member


Messages: 3

mumu Did this start after an upgrade to 13.0-RELEASE-p3? I upgraded from p2 today, had an ipv6 connection for 6 minutes and have not been able to get it back up since.
 
Top