• IPv6 gateway groups do not properly work

    2
    0 Votes
    2 Posts
    426 Views
    O

    @ofloo route get -inet6 default show the correct gateway, .. I've disabled the rule from the firewall that is making it use a this gateway.

    Still it uses the wrong interface.

    So I removed he.net from that gateway group. And still it uses he.net.

    Even when route get -inet6 default shows a different IPv6 gateway. This is not just broken, but seems impossible to me.

  • DHCP v6 - static mapping - address already in use?

    7
    0 Votes
    7 Posts
    982 Views
    MikeV7896M

    @fabrizior Nope, no setting for IAID in static mappings in 2.5.0...Sounds like a good feature request though... assuming dhcp6d has a way to use it...

  • Configuration IPV6

    13
    0 Votes
    13 Posts
    1k Views
    GertjanG

    @virgiliomi said in Configuration IPV6:

    Easier until you start assigning IP ..........
    I don't see any case where DHCPv6-PD would be desirable over a static IPv6 block. But maybe that's just me.

    Noop, you got a point.

    I have to add that I'm using a static IPv6 setup myself, as my ISP

    doesn't know what IPv6 is. and if they do, they come up with a single /64 or a /56 but only the first /64 is routable or ..... (whatever, their BOX has just one LAN so they don't understand the fuzz - not even that some clients are actually companies and they could have more then 1 LAN ....)

    with he.net, the one I'm using, the price is : not worlds fastest ISP, but free and rock solid. And very static.

    @virgiliomi said in Configuration IPV6:

    My prefix was rock solid on my last ISP (Comcast). .....
    unplugging the interface or rebooting.

    A pretty solid proof that '$$$€€€' and 'Mbits/sec' is just a part of the equation.
    Good 'protocol' support is as important. And this one doesn't need the reading of their promises on paper. It will always be "Hands on testing for 6 months" ;)

    @virgiliomi said in Configuration IPV6:

    But they don't. Because my DUID hasn't changed...

    They probably cleared out their DHCPv6 server cache and settings.
    As you said : they are probably in the implementing phase.

  • Neighbor Discovery Protocol (NDP) Proxy - Revisited

    13
    2 Votes
    13 Posts
    6k Views
    J

    @pmisch Well that's the thing. More and more the answer is "just use a competing product". What is Pfsense even for anymore if they can't fix years old bugs and they can't do IPv6 under realistic real world scenarios? Pfsense looks like a dying project to me so I've personally been steering people away from it.

  • pfSense stops routing IPv6 after a few days

    26
    0 Votes
    26 Posts
    3k Views
    I

    No further issues since upgrading to 2.5.0. Looks like the bugs have been squashed!

  • Upgrade to 21.02 and no IPv6 DNS servers

    Moved
    5
    0 Votes
    5 Posts
    743 Views
    I

    @viktor_g I have a static IP (via DHCP4/6) from my ISP. The IPv4 works with no problems. IPv6 gets an IP ok, but the resolv.conf.never updates.
    Rebooted multiple times.
    The other day I was looking at the scripts that update the resolv.conf for IPv6.
    If I am not mistaken, they only do so if the IP changes.
    Which it won't with a static IP.
    Although I could be misinterpreting.
    I gave up and added the DNS entries via the General Setup to get around this issue for now.

  • How to setup IPv6 on PFsense behind ER-X (ISP modem)

    30
    0 Votes
    30 Posts
    4k Views
    T

    @tadao I forgot to mention that the WAN Interface Address of the pfSense must be set to DMZ IP on the ISP router/modem.

  • dhcpv6 private and public IP

    5
    0 Votes
    5 Posts
    592 Views
    G

    @jknott Thanks for your help! I am gonna try that when I have the day off. I'll let you know if I got it to work!

  • pfsense / HE tunnel / client vm problem

    29
    0 Votes
    29 Posts
    4k Views
    GertjanG

    I upgraded this morning my main 'company' pfSense to 2.5.0.
    I'm using he.net for my my IPv6 'needs'.

    I had nothing to do.

    Everything came up and was working fine.
    ( + captive portal using FreeRadius - OpenVPN server for my remote access).

    Even a non-native package I installed many years ago was upgraded and kept on running.

  • 1 Votes
    13 Posts
    2k Views
    D

    @virgiliomi said in Updated to 2.5 everything went smooth except for WAN IPv6 status being stuck on "Unknown" and "Pending" - Have Comcast, despite multiple Cable Modem restarts, and PFSense restarts:

    There's a bug in 2.5.0 that has been found that requires a monitoring address to be manually added in the System > Routing settings for the IPv6 gateway. The gateway will show as "Pending" until a monitoring address is manually set. For whatever reason, 2.5.0 is not automatically getting the gateway address and monitoring it. Try adding a monitoring address (you can make it anything valid/reachable for the purpose of testing) and see if that fixes things for you.

    If you want to add the exact gateway address as the monitor address, go to Diagnostics > Routes and copy the default gateway from the IPv6 table. Just know that this could change if your ISP does maintenance before the bug is fixed.

    Hopefully that helps...

    This worked for me, thanks!

  • No IPv6 connectivity after upgrading to 2.5.0 RC

    17
    1 Votes
    17 Posts
    2k Views
    MikeV7896M

    @andrew_241 Yeah, those look like "policy routing" rules since you were specifying a gateway (rather than letting pfSense use the default gateway). But if you only have one WAN connection, or you don't want to route specific traffic in a specific way, you don't really need those rules, because everything can just route through the default gateway.

    But since you had those rules... there is a deeper issue with the IPv6 gateway behind the scenes, so the IPv6 rule was not functional because of the bug, and was preventing your IPv6 traffic from flowing as a result.

  • Now GUA RADVD doesn't work on main LAN - 2.50

    2
    0 Votes
    2 Posts
    540 Views
    JKnottJ

    I got it working again, by restoring a previous config.

  • IPv6 broke after reboot 21.02 (Pfatt) works on 2.4.5 though

    3
    0 Votes
    3 Posts
    635 Views
    M

    @virgiliomi does re-saving the interface fix the issue? That seems to be the case with me.

    Edit: did some testing and it seems that my interface got corrupted, deleted it and re made it and now its all good, survives reboots, looked in the logs and saw that the dhcp6c precess couldn’t find the interface and then it would quit.

  • Trackinterface Prefix can be only 0

    2
    0 Votes
    2 Posts
    570 Views
    D

    I just did another test with a second LAN Track Interface on WAN2.

    There i used Prefix 1 and after a reboot (why is this necessary?) the second LAN also get it's IPv6 prefix.

    So it seems you just can use it with increasing values. So why is this the case?

  • IPv6 is spoty

    3
    0 Votes
    3 Posts
    696 Views
    C

    @jefftee
    If I unblock private networks and loopback addresses on my WAN, the gateway comes back as up.
    Try that

  • IPv6 Route Troubleshooting

    21
    0 Votes
    21 Posts
    4k Views
    D

    @gary201 The issue from July 2019 was resolved without them really going into detail about what was happening during their large maintenance/migration. When I got in touch with them they were still in the "putting out fires" mode. They made a note of my issue, emailed me a few days later when they had a fix in place for me to verify, and all was good.

    Around December 2nd of 2020 I did have an IPv6 outage after a maintenance window. No IPv6 traffic was routing. I also tried different machines directly wired to the ONT at that time to verify it wasn't something on my end (not that I had changed anything). I reached out to them and they were able to in their words, "remove a filter" and it fixed my issue. I'm not sure how helpful that is, but it's all they told me.

  • IPv6 PPPoE MSS incorrect

    25
    1 Votes
    25 Posts
    5k Views
    B

    @viktor_g said in IPv6 PPPoE MSS incorrect:

    @bm118

    Could you test this patch: 135.diff

    You need to install System Patches pkg:
    https://docs.netgate.com/pfsense/en/latest/development/system-patches.html

    Works a treat, thank you very much!

  • fe80::1:1 duplicate from secondary pfSense

    3
    0 Votes
    3 Posts
    759 Views
  • xfinity, netgear cm1000 and ipv6 problems.

    12
    0 Votes
    12 Posts
    2k Views
    MikeV7896M

    @hescominsoon

    I'm not sure what to say other than maybe try Comcast's forums or other ISP community sites on the internet for settings that will work. It's been over a year since I had Comcast service, but I used pfSense with IPv6 and had no issues for over four years using the settings I provided earlier.

    If you have a gateway (modem+router) in gateway mode, pfSense won't work for IPv6 because the gateway will acquire a single /64 for its own use. I don't know if their gateways will sub-delegate additional /64's or not.

    If you have a gateway that is in bridge mode, or have just a regular modem (I used both Motorola/Zoom and Arris modems over my time on Comcast), you should be able to request a /60 unless they've changed things since I left.

  • Adding new IPv6 Track Interface does not get address

    7
    0 Votes
    7 Posts
    879 Views
    G

    OK i think I found the "issue". The first interface I ipv6 enabled gave itself the entire /56 delegation, I had to change the prefix id and change it back to make it only grant itself a /64.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.