IPv6

OK, so I'd like to setup IPv6 on my home network and have been experimenting with m0n0wall. There's just one problem: any time I enable IPv6 support then turn on Routing Annoucements, suddenly all NICs stop responding on my test VM. It's running on Hyper-V 2008 R2 so this may be the issue, but other than the RA issue it seems to work just fine for IPv4 and with an IPv6 static address assigned.

Here's the steps to reproduce:

1. Choose option 4 to reset to defaults, Reboot.
2. Assign interfaces, reboot.
3. Assign LAN IP address, can now ping via IPv4 address.
4. In web GUI, enable IPv6 support and save.
5. In web GUI, set IPv6 mode to static and assign address: FD00::FFFF. Save config, can still ping via IPv4 and now IPv6
6. In web GUI, check the 'Send IPv6 Routing Annoucements' and click save.

At this point nothing happens, browser times out and the VM is no longer pingable vip v4 or v6. Rebooting does nothing, though the console still works. I've also tried resetting the LAN address but this also does not cure the issue. Would like to install m0n0wall on a piece of hardware to test it further but alas I have no extra hardware lying around.

My question is: has anyone had success in getting IPv6 running on their device? Am I the only one having this particular issue? Am I doing something wrong?

Thanks in advance,
TR

This is probably a VM issue.  what NIC is it emulating ?

brushedmoss,

I've been trying to get Monowall to run under Hyper-V without any success so far. Did you do anything special to get it to work? I can install Monowall, can boot Monowall, but the NICs will not work. I've seen this problem with other Linux installations under Hyper-V such as with pfSense. The workaround there to get it to work was to go into the shell and disable/enable the NICs after which they would work flawlessly. Since Monowall doesn't provide access to a shell, I can't do this trick here. I'm interested in Monowall because of it's unique IPv6 support.

Regards,

Koen

brushedmoss,

I've been trying to get Monowall to run under Hyper-V without any success so far. Did you do anything special to get it to work? I can install Monowall, can boot Monowall, but the NICs will not work. I've seen this problem with other Linux installations under Hyper-V such as with pfSense. The workaround there to get it to work was to go into the shell and disable/enable the NICs after which they would work flawlessly. Since Monowall doesn't provide access to a shell, I can't do this trick here. I'm interested in Monowall because of it's unique IPv6 support.

Regards,

Koen

You can run commands against Monowall, although it isn't a normal shell.  You can go to http://yourmonowall/exec.php and specify commands to run.  It will then give you the output.  You should be able to run whatever command you're using to disable/reenable the interfaces that way.

Iridris, thanks for your comment. I've read about the page to execute commands. But that's exactly where the problem lies: you need to have a working NIC on the Monowall installation to be able to access http://yourmonowall. And in order to get a working NIC when running under Hyper-V, you FIRST need access to the shell in order to enable the NIC. So this option is not going to work out unfortunately.

I use Vmware at home....

I have hyper-v in work, will try it next week.

Are you using 'Legacy network adapter' ?  does monowall detect the nic's  when you try to assign them ?

Thanks, brushedmoss!

I do indeed use the legacy nics. Monowall does recognize them and I can assign them to WAN and LAN. They just don't let any bit through until you disable/enable them first. I've Googled on this and it seems to be a generic problem with almost all Linux installations running under Hyper-V.

I am very curious about your findings how to get it to work. I did get an IPv6 tunnel through tunnelbroker.net to work using pfSense (a port of Monowall), but since it doesn't support IPv6 yet, you have to pull many tricks in order to get it to work which actually redeem pretty much the whole pfSense product useless and only use the core Linux functionality.

First off, m0n0wall is based on FreeBSD, i.e. it's more "Unix" not Linux.  But I don't want to be a semantics hound.  Any way I have installed m0n0wall on vmware ESXi 4.0 in the past using the "e1000" nics in vmware.  It didn't have any problems with the nics that I can remember.  But to be really honest with you guys, I really think you should install m0n0wall on a real machine and test it out that way.  That's what I did first and it worked great for me.  Find an old PC or go to the local PC recycle shop and find a cheap box there to run it on.  My self I have it running on an ancient PC I found in a friends basement, a PIII that had a windows 98 badge on it.  I iInstalled two PCI gigabit Intel nics in it, no issues.  I have been using the IPv6 functionality for about 6 months now and it works great. I have not had RA kill an nics, that is for sure!!  I also have two machines with realtek gigabit adapters and m0n0 is fine with them too.

edit: minor change

You've got a point there. I have stacks of old computers I don't use anymore which would perfectly be suitable for a gateway, but that's not what I wish to accomplish. A 24/7 running machine, even (or perhaps especially) old and small will consume quite some electricity on a monthly base. That's why I have invested in a powerful server with Gold label PSU which runs Hyper-V to allow all I need to run on one machine and consume only electricity for one machine. And that's why I only want to use it when I can get it to work under Hyper-V. I managed to get pfSense to work for this goal now, so I'm happy. Too bad it requires quite some hacks to get IPv6 to work, but once it works, it works superb. I have one pfSense instance running as an IPv6 over IPv4 gateway and one as an IPv6 to IPv6 pass through gateway. Both work fine.

Hopefully a next release of monowall will work on Hyper-V as well so I can get it to work without hacks and with full web functionality.

[system]

I had the same problem that is described in this topic. The good news is that I found a workaround:

1) On the m0n0wall configuration site, go to diagnostics --> backup/restore
2) Save your config to an xml file
3) Use an editor to add the following to the config file, under the system node (see http://doc.m0n0.ch/handbook/faq-hiddenopts.html):

<shellcmd>ifconfig de0 down</shellcmd>
<shellcmd>ifconfig de0 up</shellcmd>


If your LAN network interface is something else then "de0", just replace it with the correct name.

4) Upload your changed config using the m0n0wall configuration site.

The firewall will reboot after uploading the configuration. After that, I was able to enable the IPv6 router advertisements on the LAN interface and m0n0wall keeps running great  .

Awesome discovery BlauweTulp! Thanks for sharing this nice piece of info. Since last week I'm using pfSense 2.0 beta 5 with the latest smos gitsynced to it to add IPv6 support. More info here. Works really well so consider it as a worthy alternative if m0n0wall does cause problems after all.