DHCRelay IPv6 doesn't start if DHCP server IP is reachable over an IPSEC WAN interface #9870
Description
Important notices
Before you add a new report, we ask you kindly to acknowledge the following:
- I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
- I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue
Describe the bug
We have a satellite office connected via IPSEC to our main location. Our DHCP server (supporting both v4 and v6) is running at the main location. IPv4 DHCRelay works fine and all requests are forwarded and IPs handed out.
However, when enabling the v6 configuration it doesn't start. The log shows the error message fatal in dhcrelay6: interface '%ipsec100' not found upon start.
I do assume, that the IPv6 address of the DHCP server is not correctly added to the interface line. It should be xx:xx:xx:xx::xx%ipsec100 from my understanding.
Tip: to validate your setup was working with the previous version, use opnsense-revert (https://docs.opnsense.org/manual/opnsense_tools.html#opnsense-revert)
To Reproduce
Steps to reproduce the behavior:
- Connect to OPNsense firewalls via IPSEC (tunnel mode)
- Configure the DHCRelay v6 service on firewall 1, specifying a remote DHCP server behind firewall 2
- Click on Apply
- See error in the DHCRelay log
Expected behavior
I would expect the DHCRelay to start for both v4 and v6 successfully and forward requests to the central DHCP server behind the IPSEC network.
Describe alternatives you considered
Configured DnsMasq with a custom config file to relay all DHCP v6 packets to the central DHCP server.
dhcp-relay=2001:yyy:yyy:yyy::1,2001:xxx:xxx::44
Screenshots
If applicable, add screenshots to help explain your problem.
Relevant log files
If applicable, information from log files supporting your claim.
Additional context
Add any other context about the problem here.
Environment
Software version used and hardware type if relevant, e.g.:
OPNsense 26.1.2-amd64.
Sophos SG 230 r2
Network Intel® I211