• 6RD connection without using 6RD to configure it - Possible?

    9
    0 Votes
    9 Posts
    3k Views
    F

    I installed the alpha from 17th of April just now. 6RD is still not working, but it does not seem exactly the same either. A few examples:

    A promising log entry:
    php: rc.bootup: ROUTING: setting IPv6 default route to 2a01:79d:3e85:a408::213.167.115.92

    But:
    wan_stf is gone from ifconfig, and no ipv6 config apart from fe80 (local link) addresses are seen.

    The IPv6 address is gone from status | dashboard | wan.

    These two last problems are probably related to 6rd failing on creation, I have posted this issue in https://forum.pfsense.org/index.php?topic=75707.0

  • [solved] Comcast xfinity: asking for /64, getting /128, help!

    4
    0 Votes
    4 Posts
    2k Views
    S

    OK, quick update. Previously, the LAN interface was not getting anything but the link-local IPv6 address, but after a reboot, it's now getting a /64. Machines on my LAN are also now getting addresses within that /64, so this issues seems to be resolved. Thanks again.

  • How to deal with duplicate link local when testing

    2
    0 Votes
    2 Posts
    2k Views
    G

    Bumping to see where I can resolve this issue. As a lark I install m0n0wall and setup IPv6 there. PD allocation worked, yet still no LAN traffic passing the local netgear modem.

    But when I did enabled IPv6 on the LAN interface, the link-local always stayed in EUI64 format. So just trying to figure out what portion of pfSense code is changing the link-local addresses to fe80:1::1:1, and how to revert back to SLAAC-style addresses.

  • HE.net Tunnel fails with pfSense 2.1.2

    6
    0 Votes
    6 Posts
    2k Views
    D

    @adler187:

    After changing the 'gif tunnel local address' to the IPV6 local address on the GIF and setting IPV6 to None on the interface, I got things working.

    Yes, that is how it should be. :)

  • Computers are receiving multiple IP addresses with IPv6 and SixXS tunnel

    2
    0 Votes
    2 Posts
    897 Views
    R

    You are indeed wrong; this is perfectly normal for IPv6. Typically an IPv6-enabled host will have a SLAAC address (generated from the NIC's MAC), a temporary address (IPv6 privacy extensions), and possibly a DHCPv6-assigned address on each v6-enabled interface, plus link-local addresses. For privacy reasons, the temporary address is what will generally be used for outbound connections (which is what those websites will see); however, you should still be reachable at the other addresses for inbound connections.

  • Comcast Business *won't* Work with Prefix Delegations Right Now

    1
    0 Votes
    1 Posts
    729 Views
    No one has replied
  • Do I have a /56 or /60

    6
    0 Votes
    6 Posts
    1k Views
    R

    Yes, thank you. That's where I went wrong. I see it now.

  • Dhcp6c[37336]: client6_recvadvert: XID mismatch every 2 minutes

    2
    0 Votes
    2 Posts
    1k Views
    P

    Can't really tell you what it means.  But, I can tell you how to clear it up.

    Shutdown pfSense and power off the cable modem. Power on the CM and wait until it syncs. Boot up pfSense.

    The errors will be gone.

  • IPv6 LAN Client DNS Address not Updating when IPv6 Subnet Changes from ISP

    14
    0 Votes
    14 Posts
    4k Views
    R

    Probably the DUID.

  • Routing IPv6 over GRE - Default Gateway gets overwritten by remote host

    6
    0 Votes
    6 Posts
    2k Views
    M

    The problem seems to have been resolved in 2.1.1, as the tunnel now works without setting the default gateway. The manner in which the OPT-interface can have its IPs set has changed from 2.1 to 2.1.1

  • Ipv6 + multi-wan + gateway group + NPt + inbound problem

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • IPv6 do not wok if IPv4 is configured on the LAN

    3
    0 Votes
    3 Posts
    1k Views
    D

    Thanks to everybody and apologies,

    I am restarting all configuration from scratch (I did not finished yet, but I believe I am on the right way).

    Anyway I think the many changes I operated stratified badly compromising somehow the final result with unreasonable results.

    Should I get in trouble again I will provide more details.

    Thanks again and regards

    Dario

  • Routing the Tunnelbroker /48 (brain fart)

    9
    0 Votes
    9 Posts
    3k Views
    E

    Can you show you anonymized /tmp/rules.debug?

  • Unable to remove unwanted default gateway

    2
    0 Votes
    2 Posts
    10k Views
    E

    Just delete your gateway on system routing.

  • Need for NAT in VMs in v6 world

    3
    0 Votes
    3 Posts
    1k Views
    johnpozJ

    "And if not, can you have multiple VMs bridged to the same NIC and using different addresses (either in a v6 world or v4)?"

    You can bridge as many as you want to be honest..  Why do you think you need nat in VM setup?

  • MultiWAN IPv6 using SIXXS

    9
    0 Votes
    9 Posts
    2k Views
    E

    Normally you have to use NAT for this.

    It is very dependant and error prone to change prefixes like that on failure.
    That is because definition of failure is very vague.

    Also presently there is no way you can follow(track6) 2 different WANs in pfSense.

  • Subnet delegation stops working after 10 minutes

    2
    0 Votes
    2 Posts
    1k Views
    R

    same here.
    however, I tried both pfSense and OpenWrt. both of them do that. so I think it might be the ISP side.
    I'm using TWC in NEOhio area.

    I did a tracert to google.com.  first hop responsed very quick(it'm my wan ip), then lots of responses and timeouts
    2    *        *        *    Request timed out.
    3    9 ms    *      10 ms  2605:a000:0:4::2:22b
    4    15 ms    9 ms    10 ms  2605:a000:0:4::2:4dc
    5    *        *        *    Request timed out.
    6    *        *
    …..

  • Packet loss when Router Advertisement enabled

    1
    0 Votes
    1 Posts
    832 Views
    No one has replied
  • IPv6 cheat?

    2
    0 Votes
    2 Posts
    1k Views
    jimpJ

    Check out the advanced options on limiters, you can set artificial latency (and loss) there, though that would affect the whole connection and not just the initial packets.

  • IPv6 and Firewall

    5
    0 Votes
    5 Posts
    2k Views
    chpalmerC

    @cmb:

    Checking "Allow IPv6" only removes the block all inet6 rules.

    Understood!

    Your allowing v6 would be on the tunnel, assuming WAN is your Internet connection with v4 only that has the 6to4 tunnel. In that case, your WAN only sees v4 traffic, and your tunnel rules would allow or deny v6 traffic inbound on the tunnel.

    But my tunnel is part of the WAN page as you can see above.  So there are no "tunnel rules" to be had.  In fact I must built the rules on the WAN tab for them to be effective.

    There aren't any rules permitting IPv6 other than what's user-configured.

    I can guarantee that Ive made no rules to allow any IPv6 traffic of any kind from the WAN or any Tunnel side as Ive been working on this. In fact I reproduced it on my lab machine tonight.  The rules page I posted the shot of above is how I have things set up now. But without any of the v6 rules it readily passes the traffic.

    I tried this also using DHCP6 on another machine and did not have the same findings.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.