@IonutIT said in Why does pfsense run dhcpv6 and slaac by default?: RFC6724 mandates that IPv4 is preferred over ULA IPv6 but IPv6 GUA is preferred over IPv4. You can obviously manually bypass this by breaking RFC in Linux systems but can't be done for other embedded systems. I guess my computer hasn't read that RFC. Neither have I for that matter. host firewall firewall.jknott.net has address 172.16.0.1 firewall.jknott.net has IPv6 address fd48:1a37:2160:0:4262:31ff:fe12:b66c ping firewall PING firewall(firewall.jknott.net (fd48:1a37:2160:0:4262:31ff:fe12:b66c)) 56 data bytes 64 bytes from firewall.jknott.net (fd48:1a37:2160:0:4262:31ff:fe12:b66c): icmp_seq=1 ttl=64 time=0.313 ms 64 bytes from firewall.jknott.net (fd48:1a37:2160:0:4262:31ff:fe12:b66c): icmp_seq=2 ttl=64 time=0.162 ms 64 bytes from firewall.jknott.net (fd48:1a37:2160:0:4262:31ff:fe12:b66c): icmp_seq=3 ttl=64 time=0.136 ms 64 bytes from firewall.jknott.net (fd48:1a37:2160:0:4262:31ff:fe12:b66c): icmp_seq=4 ttl=64 time=0.120 ms

@johnpoz Hi John That was fast:-) Sorry that my explanation was not clear enough. fc00:18f:11ab:3010::1 and fc00:18f:11ab:3010:0:0:0:1 is the default gateway for the subnet on the interface. That was what I tried to explain by saying I change the IPv6 number of the interfaces from short to long or the otherway. So no the server have the same IPv6 number all the time ending on 11 (fc00:18f:11ab:3010::11). Configuration of the Interfaces: IPv4 Configuration Type: Static IPv4 IPv6 Configuration Type: Static IPv6 Static IPv6 Configuration IPv6 address fc00:18f:11ab:3010::1/64 (Short) or fc00:18f:11ab:3010:0:0:0:1/64 (Long) Regards Henning

@chill_out Personally I normally just have it use loopback.. And I am back to that - I don't really need my dns going out my HE tunnel..And other than that test of theirs have no need of it.

My ISP has, after weeks of fighting them on the matter, admitted that this is in fact their fault. I would delete this thread, but I cannot.

@Fandangos said in Ipv6 almost working?: https://www.reddit.com/r/ipv6/comments/evv7r8/ipv6_and_netflix/ Is this beyond what the end user is able to solve? That was years ago (the reddit post : more the 4 years). When Netflix, like everybody else started to use IPv6. Netflix, for very understandable reasons don't want me to look at season 10 of Walking Dead, while it's already old and out in other countries. They use my IPv6 to 'know' where I connect from. The thing is : they had not mapped the entire Ipv6 into a a GEO IPv6 database to determine where I connect from. [ and now they know that they will never be able to do so, as there isn't enough materiel on planet earth to build all the hard disks to store this database ] Some IPv6 ranges, tough, are already listed : the ones from huricane.net for example, some sort of VPN IPV6 supplier. I was using them as they offered a good IPv6 implementation (way better as many ISP today). The solution was an easy one : pfBlockerng ! Like this : [image: 1702882235533-229110bf-a604-473e-9916-a319272cbd73-image.png] There is a list on this forum with all (there are several) netflix domain names that you have to enter. Netflix, from then on, will be accessed over IPv4, and you'll be fine.

@tmoore said in Setting up ipv6 with one /64 allocation: For what it's worth my ISP is Teksavvy. I phoned in to them this morning and asked them to give me a /56 address delegation which they have done. So now I have a /56. Are you connected via Bell or Rogers? If Rogers, you might want to check the Rogers config. A friend of mine is with Teksavvy on Rogers. Another friend used be be with them on Bell. As for that pending gateway, you have to provide a monitor address that responds to pings. For mine, I ran traceroute to Google and picked the first address that responded. That address is 2607:f798:10:10d2:0:241:5615:217. It might be different for you, depending on where you are.

@Kenneth_H said in IPv6 with framed IPv6-prefix: it does however seem strange that the lease time is around 5 minutes My lease time is over 164 hours.

@Spaylia Well, I don't know what to say. It's a really strange system you have there. The MAC address comes from the NIC, not pfSense. So, if you're seeing the MAC, that is the 48 bit hardware address, on the LAN side, there must be some other path involved. This is why I asked you to provide the Packet Capture file, so that I can examine it in Wireshark.

@regiolis said in IPv6 not working on LAN: hat's my case..... so i don't know how to do Describe your Internet connection. For example, I'm on a cable modem, which I put into bridge mode. This allows DHCPv6-PD to reach my pfSense firewall, which will then provide IPv6 to the LAN.

I've just put pfsense 2.7 in for my parents Toob connection, it's a IPV4 CGNAT / IPV6 service and I think they allocate /56. Not needed to carve up VLANs etc. it's a flat network. I must check the log file myself to confirm what they had out.

@elbombo Editing /conf/config/xml worked... ``` <dhcrelay> <interface>lan,opt3,opt4,opt8,opt25</interface> <server>10.200.0.233</server> <carpstatusvip>none</carpstatusvip> <enable></enable> </dhcrelay> <dhcrelay6> <interface>lan,opt3,opt4,opt8,opt25</interface> <server>xxxx:xxxx:x:xxxx::233</server> <carpstatusvip>none</carpstatusvip> <enable></enable> </dhcrelay6>

@chill_out said in Router solicitations not working on vlans (2.7.1-RC): My understanding is that with ipv6 there's no more broadcasts, everything is either unicast or multicast That is correct. The closest thing to a broadcast is the all hosts multicast. There are some differences, such as the scope can be specified and for some things, the hop count can be set to 255 as protection against a bogus packet being sent through a router.

Edit: I found the solution, I disabled the DHCPv6 server, RA on Assisted and Priority on High, and on the LAN interface I left it on Track Interface. It works without problems even after the restart. Thanks! @JKnott