Opened 5 months ago

Last modified 5 months ago

#1226 accepted Bug / Defect

spurious failures with IPv6 over TAP on FreeBSD 11 and 12 (ND6_IFF_IFDISABLED)

Reported by: Gert Döring Owned by: Gert Döring
Priority: major Milestone: release 2.5
Component: Networking Version: OpenVPN git master branch (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords: freebsd tap IFDISABLED


Setting up a new testbed with the clients run on FreeBSD 12 (12.0-RELEASE-p11) I ran into spurious IPv6 failures in the TAP tests.

In all those cases, the tap interface config showed

tap0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 00:bd:2d:62:5f:00
        inet6 fe80::2bd:2dff:fe62:5f00%tap0 prefixlen 64 tentative scopeid 0x3
        inet6 fd00:abcd:204:4::1001 prefixlen 64 tentative
        inet netmask 0xffffff00 broadcast
        groups: tap
        media: Ethernet autoselect
        status: active
        Opened by PID 65794

all IPv6 addresses are flagged as "tentative" (and stay so), and the "IFDISABLED" flag is set. In all cases that work, this flag is not set.

This is not dependent on OpenVPN version (it happens with 2.4.8 and git master) nor config (if you run the same test 8 times in a row, most times it will succeed and sometimes it fails).

It is very likely timing dependent, as it seems to happen more often on a FreeBSD 11.3 VM which is run on a different (faster) host...

The main intention of this ticket is "record the fact so it can be found with search engines". I think it's a FreeBSD bug, but have no time right now to find people that can look into it.

One possible workaround is to use an up script

script-security 2
up /usr/local/etc/openvpn/

which contains


( sleep 2 ; ifconfig $IF inet6 -ifdisabled ) &

(the sleep 2 is needed) - with this script, the problem completely goes away for all cases.

Change History (1)

comment:1 Changed 5 months ago by Gert Döring

Owner: set to Gert Döring
Status: newaccepted
Note: See TracTickets for help on using tickets.