IPv6 in broken state

i face similar problems. it  works then it doesnt and right now it isnt working. restarting the box, turning ipv6 off and on has not helped. gahhhh. why is it so hard to do ipv6 correctly. if my stupid 30 dollar bullshit electronic store router can do ipv6 how is it that the entire sophos workforce can not come up with a solution that works?

Similar problem here. No more router advertising being done on the configured interfaces, leaving all machines without proper IPv6 IPs. OSPF injection completely broken (no IPv6 routes added to OSPF database).

I am in the process of loosing confidence in Sophos to properly handle such an important product.

You can't really delay any updates, as that is a security appliance, but each update introduces so many issues. I really really hope they find a solution to all those pesky IPv6 issues. It is not very nice to find your entire IPv6 infrastructure falling apart after applying a minor update.

Ronny

My IPv6 is also broken. Non-working DHCP configuration on WAN interfaces and no RA to configure clients on internal interfaces.

Broke with 9.404-5 to the best of my reckoning. 

i made a fresh install on a seperate machine and it seems ipv6 works there behind another router. 

Not sure whats causing the fail on the main machine, maybe multi wan, maybe VPNs.

Honestly tired of Sophos to ignore ipv6 problems, as soon as that is needed in business they gonna loose alot of customers who need it working.

We recently identified the root cause for a similar issue related to IPv6. The issue was with low-speed (<=1 Gig) eth interfaces and the solution for it was to disable GRO (generic-receive-offload) for the eth interfaces on the UTM.

You may try the following configuration for the eth interfaces on your device and see if it helps solve the issue you are facing:

1. Disable GRO using "ethtool --offload eth<x> gro off"

2.  If step '1' doesn’t solve the issue, also try disabling other offloading features like GSO, TSO, LRO, etc

If this solution doesn't work, please provide more information about the NICs (like device-id, vendor-id, etc), interface speed and the kernel/ network driver version on your device.

Thanks,

Prakash

i just spent 3 hours reinstalling my complete sophos utm, now ipv6 works, will make a backup of this and see how long it "holds"

ipv6 is dead again, i cant get it to work on the same utm no matter what magic i try.

fresh utm install = works for a while

Hi Ben,

Did disabling GRO using " ethtool --offload eth<x> gro off "  not help?

Can you please provide more information about the network interfaces & UTM? -- ie,... NIC device-id/vendor-id, interface speed, kernel version, network driver type/version and firmware version on the UTM.

hi, it did not help (i did that on the wan interface)

in the end i set the IPv6 adress and gateway on the WAN Interface manually on what i got initially according to the logfile. I also than used the same prefix for my internal clients. It did not work so i finally went to sleep..

this morning ipv6 was suddenly working again on internal clients ...

Are you a Sophos Employee PrakashSwamy? 

newest Firmware Version, ESXi 6.0U2, vmxnet3 NICs

and ipv6 is again non functional. Will disable it until a sophos engineer will spend some proper time on it and iron out basic issues.