IPv6

• T

  PfSense 6to4?
  • Transeau

  10
  0
  Votes
  10
  Posts
  5826
  Views

  D

  I have no access to those either. So that's a bit hard. 6rd is a rather specific type of rollout which I don't think will be widely supported in the feature. Free.fr does have a huge deployment but needs to renumber before they actually give clients native Ipv6. I sent a message to the support list detailing that you can now configure DHCP6 on your WAN interface of choice, either dynamic, static or pppoe. It should basically work. I tested on a lab setup with a Cisco 1811 PPPoE server with DHCP6 Server, similar to what Comcast uses for their native deployments.
• D

  IPv6 testing
  • databeestje

  357
  0
  Votes
  357
  Posts
  132062
  Views

  D

  Lion has a dhcp6 client, that wasn't there before, thus more addresses assigned.
• 

  Need guide updated in welcome section of ipv6 forum area
  • johnpoz

  5
  0
  Votes
  5
  Posts
  2522
  Views

  

  Sweet this is Fantastic!!  Thanks!!  Looks really nice housed on official pfsense doc location as well..
• 

  Problem with ipv6 default gateway?
  • johnpoz

  8
  0
  Votes
  8
  Posts
  4630
  Views

  C

  @johnpoz: How would you go about tracking down what specific change did this?  I would much rather be able to help and say, hey did commit xyz here is link break this?  I see it changed X to Y, etc. 'git blame' does just that, you have to checkout the repo from github. I wasn't sure exactly where that was, so from my git root for mainline I did: grep -r route * |grep inet6 which found system.inc, then git blame etc/inc/system.inc shows all the lines and which commit last changed them (first column is the commit ID). 'git show xxxx' where xxxx is the commit ID will show the entire commit. Lots more info on git usage on github's help pages if you want to get in further depth. http://help.github.com/
• L

  Peculiar routing: gateway outside the LAN segment
  • Locutus

  5
  0
  Votes
  5
  Posts
  2513
  Views

  L

  Yep, indeed Hetzner. :) I had tried that solution with a static route for the LAN segment via the Hetzner gateway before, but it failed because I added a route for the full LAN segment which was ignored / overridden by the LAN interface route. Stupid me. :) After getting a hint in the Hetzner forum, I now added TWO static routes, one for the first and one for the second half of my LAN segment, and that worked nicely. Those routes were added correctly to the routing table, and since they are more specific (longer network mask) than the actual LAN route, they take precedence.
• 

  Ok confusing me for a while now - tunnel mask not same?
  • johnpoz

  9
  0
  Votes
  9
  Posts
  2940
  Views

  

  Ok this went BAD!!  I removed that line, no ipv6 I then put it back and rebooted, still no go.  Figured out my default gateway was missing? Tried undo default he_net gateway and then reapply, still not working getting this error. php: /system_gateways.php: The command '/sbin/route -inet6 default '2001:470:1f10:b85::1'' returned exit code '64', the output was 'route: illegal option – i usage: route [-dnqtv] command [[modifiers] args]' Something changed on how default routes are added?  I had to manually add the route with this command route -n add -inet6 default 2001:470:1f10:b85::1 Yeah somebody changed something, I have not rebooted in a while – but now just rebooted and getting this. Jul 27 07:48:40 php: : The command '/sbin/route -inet6 default '2001:470:1f10:b85::1'' returned exit code '64', the output was 'route: illegal option -- i usage: route [-dnqtv] command [[modifiers] args]' Jul 27 07:48:40 php: : ROUTING: setting IPv6 default route to 2001:470:1f10:b85::1 And I put that 1 line back, and what would that have to do with wrong command?  And even changed my mask to /64 vs the /128
• 

  Please simplify sync issues…
  • Aaron M

  3
  0
  Votes
  3
  Posts
  1718
  Views

  

  Yeah, I think that's where I screwed up. The dates on the repo changes seemed pretty close to me, so I did a gitsync on the "mainline" repo, and just updated the url for the smos repo. Somehow it made me lose my IPv6 settings. I went though the how-to again, using your settings, and all my IPv6 settings are back. So thank you!
• N

  Bug in IPv6 RC3 ISO?
  • Nil Einne

  4
  0
  Votes
  4
  Posts
  2573
  Views

  C

  should be http://files.pfsense.org/jimp/ipv6/
• F

  Embeded July the 4th build to add ip6
  • fastcon68

  4
  0
  Votes
  4
  Posts
  1716
  Views

  F

  My plan is to stay on the on this verion until the release of 2.0 is finalized.  I happy with where I am and it is running well. My next issue is DHCP6 is not handing out address.  What I did was I found a web site that I could do translation from 4 to 6.  I converted my internal range(4) to a ip 6 range.  Now I can ping the firewall with IP 6.  I still learning.  This is the hardest thing I have worked on a while. 2.0 has a huge learning curve, I been reading the pfsense book and putting it use. RC
• D

  Ipv6 via Ovpn (Default route?)
  • dragon2611

  3
  0
  Votes
  3
  Posts
  1808
  Views

  D

  Decided to install PFsense with ipv6 support and try and do things properly
• 

  GIF tunnel on PPPoE reconnect / HE.net tunnelbroker IP DynDNS
  • jimp

  1
  0
  Votes
  1
  Posts
  2672
  Views

  No one has replied

• A

  2.0 RC3 released Jun 22
  • ang

  5
  0
  Votes
  5
  Posts
  2842
  Views

  A

  Thanks for your responses, I will try to follow instructions in the link provided by tebeve  :) Edit:  I gitsynced using https://github.com/smos/pfsense-ipv6.git and it worked beautifully.
• 

  Unbound on ipv6
  • johnpoz

  11
  0
  Votes
  11
  Posts
  9498
  Views

  I

  Thanks Wagonza, very nice and useful!
• S

  Cant Access cisco.com
  • shalib2

  2
  0
  Votes
  2
  Posts
  1427
  Views

  S

  after rebooting my pfsense its working fine sorry 4 the trouble
• M

  [SOLVED] Teredo
  • margen

  11
  0
  Votes
  11
  Posts
  11001
  Views

  

  Not a problem - glad its working for you.  I learned a bit more about teredo myself, since have not played with it quite some time.  What I learned is Im glad Im running a tunnel ;) hehehe Have fun!
• C

  Devwiki.pfsense.org and snapshots.pfsense.org now dual stack
  • cmb

  3
  0
  Votes
  3
  Posts
  2153
  Views

  C

  It will be merged immediately after 2_0 is branched, for 2.1 release.
• Z

  [SOLVED] Pfsense reboot issue
  • zer0 0

  10
  0
  Votes
  10
  Posts
  4076
  Views

  Z

  So it turned out that it wasnt pfsense or the switches that were causing the problem one of the computer on the netword had a rouge DHCP server running which was trying to assign the LAN of pfsense an IP which screwed everything up. So it took alot of trial and error to find which computer. I found the computer but I have not had chance to look into the DHCP server that it is running. Thanx everyone for their help
• J

  No gitsync update option for NanoBSD?
  • jasonlitka

  5
  0
  Votes
  5
  Posts
  2267
  Views

  

  It would be a mess for sure. You have to do the sync before the reboot or it would really freak out with a v6 config loaded on a normal system. Now that I think on it more, I'm not sure if the gitsync-on-update code accounts for having to install the files on the second NanoBSD slice either, so that wouldn't work at all either way. You might be better off waiting for databeestje to make new nanobsd snapshots, and then just gitsync from one of those manually after installing/upgrading using them.
• I

  Static IPv6 (got a /48)
  • init0

  4
  0
  Votes
  4
  Posts
  3133
  Views

  I

  Hello, Just FYI: I now not a /64 for routing purposes and can use the whole /48 as expected. Everything works fine now. Thanks again and Greetings, Jens
• R

  Creating IPv6 tunnels within OpenVPN (a HOW-TO)
  • rubenc

  4
  0
  Votes
  4
  Posts
  9093
  Views

  A

  i`m doing something like this but only with OpenVPN, not GIF on my pfsense. The difference is that i run OpenBGP package on pfSense and Quagga on the others Linux box. In Advanced config i have.. mode p2p; tun-ipv6; ifconfig-ipv6 2001:ffff::1 2001:ffff::2;
• N

  SixXS AICCU support?
  • Nil Einne

  2
  0
  Votes
  2
  Posts
  3477
  Views

  D

  fixed endpoint sixxs tunnels work just the same as with HE. There is no issue configuring those. I've looked at aiccu but combined with the awkward registration and kredit system I've decided not to invest time in it. If others are willing to code it, that's fine, submit patches or pull requests on github.com.
• D

  Dhcp v6 server out of memory
  • databeestje

  6
  0
  Votes
  6
  Posts
  2747
  Views

  T

  roger that, thanks for the update!
• W

  DHCP v6 - no route to host
  • wallabybob

  51
  0
  Votes
  51
  Posts
  27303
  Views

  M

  I have found the problem! I accidentally added the fe80::/16 range to the EasyRuleBlockHostsLAN alias to avoid my pfSense logs being swamped with local traffic. This caused these packets to be blocked thus the errors to be generated. I have removed the fe80::/16 range from the alias and the problem went away. DHCPv6 and static mappings are working smoothly now :D
• S

  Problems with gitsyncing the ipv6 development branch
  • survive

  6
  0
  Votes
  6
  Posts
  4111
  Views

  S

  Hi guys, Hmmmm….does the auto-updater check 32 vs. 64 bit when it runs? I've changed over from 32 to 64 and I bet I still have the i386 update url set in my config! Now that I think about it that would explain a lot..I would have sworn I was running 64 bit which is why I updated last night. -Will
• C

  Forum n00b with n00b questions
  • Chris71Mach1

  2
  0
  Votes
  2
  Posts
  1435
  Views

  D

  If you read the sticky when entering the board there is a nice tutorial linked from there on how to get your tunnel working. Google might find it too, yep, it does
• R

  Ipv6 in IPv4 tunnels
  • rubenc

  6
  0
  Votes
  6
  Posts
  4293
  Views

  D

  OpenVPN with IPv6 is now supported. Configure the IPv6 networks on the OpenVPN Server settings page. Create IPv6 firewall rules on the Firewall Rules OpenVPN server interface tab. Install the openvpn installer with IPv6 support. http://www.greenie.net/ipv6/openvpn.html http://www.greenie.net/ipv6/openvpn-2.2.0-ipv6-savepasswd-20110522-install.exe That should be enough. Client support is limited to windows with the modified installer and any other that has the IPv6 payload patches integrated. I've contacted the Viscosity folks but it's not in the pipeline yet. They are aware of the patches though.
• 

  Anyone else problems with he tunnel in chicago area
  • johnpoz

  8
  0
  Votes
  8
  Posts
  3001
  Views

  

  It works fine on either /64 or /128 for me now. Make sure to sync up with the current code before changing anything.
• E

  Native IPV6
  • El Snorro

  10
  0
  Votes
  10
  Posts
  6165
  Views

  R

  Yeah :) That way, works.
• O

  Tunnel OPT1 Interface randomly stops
  • Oxyg3n

  4
  0
  Votes
  4
  Posts
  1771
  Views

  D

  More fixes.
• U

  Ipv6 dhcp leases empty
  • UnderCover

  8
  0
  Votes
  8
  Posts
  3455
  Views

  U

  ok next weekend when i run a snapshot upgrade, I will also run the ipv6 upgrade as-well.
• U

  DNS Forwarder IPv6
  • UnderCover

  7
  0
  Votes
  7
  Posts
  5784
  Views

  I

  At the moment I'm editing the conf with textmate but I have also edited the file with Kod. I'm mounting the filesystem with an implementation of fuse called ExpanDrive so that I can edit and backup the file as if it were a local disk. The file doesn't seem to be corrupted, as I can read it back in after editing. Also, it gets reset when saving settings in the webconfigurator, as you noted. Perhaps there is something else going on, as I had a bunch of calcru went backwards error messages preceding a panic just now.
• C

  LAN IPv6 is different then what was assigned
  • Cino

  11
  0
  Votes
  11
  Posts
  3351
  Views

  

  so what your saying is there currently is no fix?
• U

  Dhcp lease error
  • UnderCover

  3
  0
  Votes
  3
  Posts
  2261
  Views

  U

  thanks for the this response too let me know when it is added to the code thanks for everything!
• U

  Manual install using gitsync
  • UnderCover

  7
  0
  Votes
  7
  Posts
  2988
  Views

  

  Cino has it just about right. Once 2.0 ships the current ipv6 code from databeestje will likely be pulled in and used as the basis for 2.1 from that point. Obviously many other things will go in to make 2.1 proper, but that will be a good starting point to jump ahead on ipv6. The current ipv6 code is periodically synced up with 2.0 proper to make sure there isn't too much divergence between them. Many of us devs are running the ipv6 code on routers in various places trying to help track down issues. I run it at home on my router and use a he.net tunnel, it works great for me (aside from some dhcpd issues which have probably been fixed since my last sync.)
• D

  Git repository change
  • databeestje

  16
  0
  Votes
  16
  Posts
  10641
  Views

  C

  @billm: That's a horrendously large sync.  Looks like it has over 1100 changed files, I'm not totally surprised it's making Firefox cry (mine didn't die, but it certainly had massive issues rendering the page).  If it's any consolation, I'm reasonably confident that our Gitorious install wouldn't have been any happier with it. Gitorious would have just refused to show it entirely, "too large", so it loading at all is definitely an improvement. Gitorious had that nice habit of doing that to small diffs in some circumstances too. That page indeed takes a long time to load but that's just the massive amount of stuff there. Chrome loaded the page about 5* faster than Firefox 4.
• D

  Default gateway problems after upgrade to 2.0rc1-ipv6
  • danne

  14
  0
  Votes
  14
  Posts
  11649
  Views

  D

  @Kampfwurst: i got the same error. Is it possible to post the fix It still doesn't work for me, but I have added the IPv4 and IPv6 gateways manually. When I have the time I will do a fresh install and restore the configuration and see if it works better.
• D

  2.0-RC1-IPv6 - Captive Portal - Authentification page not loading
  • Dym

  6
  0
  Votes
  6
  Posts
  4300
  Views

  C

  didn't know that, thanks for the info!
• Z

  IPv6 Firewall object Aliases?
  • zobel

  4
  0
  Votes
  4
  Posts
  1978
  Views

  Z

  @billm: Should be fixed here: https://github.com/smos/pfsense-ipv6/commit/fed025ea776a0f8ec2a7b324c73dbac9c72a2c6d ha, you were faster. i digged in the code myself, and was just about to commit a patch myself, but yours is more clean than mine.  :D
• D

  IPv6 RRD graphs broken
  • databeestje

  5
  0
  Votes
  5
  Posts
  2036
  Views

  

  Ok looks like reached max attachment size - had to create new post. This does seem a bit odd?  I looked at the total blocked ipv4 in after generating some ipv6 traffic, that shows as ipv6 passed in – this is odd.  Is this what your seeing?  See 3rd attachement
• B

  IPv6 DNS from OpenDNS
  • bman212121

  4
  0
  Votes
  4
  Posts
  7842
  Views

  B

  You're welcome guys :)