@bob-dig Yes, which is why I encouraged to connect directly. Which worked. Still going to only get a /64. Many ISPs do that for reasons known only to them. Makes no sense at all...

@JKnott @Derelict Thank you guys. I am passed this issue, everything is almost fine, after I added that specific link local, the ISP has sent me. My only problem is that the interface clients don't communicate between each other (for the time being, ping). The internet communicates with them, from anywhere, they communicate with the internet, but not between each other. I mean clients from one interface with clients from another interface. Clients within the same subnet talk to each other just fine. The very first thing I tried is adding an allow from any to any firewall rule on IPv6 for both interfaces, all protocols, first rule from top to bottom, but nothing..

@JKnott ok sorry. Noob more in regard of IPv6 itself. I'm not a networking guy, I got a fair understanding of IPv4, but not so much about IPv6. And to that I must say: still a noob, and looking to learn. About the HOW, I'm sorry if that wasn't clear and I didn't get the hints to explain that part better, but its out in the clear now I guess. I may have missed mentioning it was a Datacenter I just said "provider" my bad and I'm sorry for the confusion. I have 4 dedis with 2 pfSense routers. WAN is only connected to the pfSenses via vSwitch. All vm's get their connectivity through pfSense and are not host-bound. @Derelict I didn't mean to offend probably as much as you meant me. I already explained the "noob" part, but consider saying to someone: You should also probably paste EXACTLY what they are telling you instead of your interpretation of the same. Its like people (or me in this case) are stupid and can't interpret what were told. Your comment was specifically about one's ability to understand a message and pass it on. People who can't understand a simple message and repeat it fall in such categories. Maybe you could have phrased better. Anyway, please note I said it seemed, I am sure that's not what you meant, yet I felt the remark was due. I have been working with IT and customers for 14 years and I never made such a remark to any, despite how dumb I may think they are sometimes. Anyway I don't want to derail the topic to this, was just a comment. I'm still insisting with the DC so they give me a bigger prefix.

@virgiliomi said in Add setting for "Use excluded prefix for WAN": Especially if the WAN address is on the opposite end of my prefix from where my LAN and other networks are. My WAN address has absolutely nothing to do with my prefix. However, as you mentioned, you could pick any address within your prefix. For example, with my /56, I use prefix ID ff for OpenVPN. There's no reason it couldn't also be used as a target. However, I haven't tried that.

@gertjan said in IPv6 when LAN goes down: @peter-fyri Like https://redmine.pfsense.org/issues/10966 ? Right :) Well, it sounds very similar to my issue, it's just the trigger that it's different, but with the same effect. Thank you :)

@beremonavabi I have never been able to understand the reasons for not supporting DHCPv6 on Android. The reasons I've read could equally apply to SLAAC.

@virgiliomi Thanks. That's a really helpful answer. I appreciate it.

@jknott . It is working now. Apparently it needed a reboot. Helped by a power outage in my suburb. Thanks for your help!

@hemachayart It's been like a month... I remember setting it back to regular Unbound mode as a test, then rebooting it and it came back up with my IPV6. I then set it back to Python and restarted Unbound again if memory serves and it came back up OK. That was when version 3 first came out. I've upgraded it with those small incremental updates since and haven't had any other issue like that. I suspect if I were to power cycle the modem or disconnect it I would probably have to restart Unbound again, as I have left it in Python mode. It's like a weird timing thing between the modem and router when it's in python mode.

A̵ ̵c̵r̵o̵n̵-̵j̵o̵b̵ ̵(̵/̵u̵s̵r̵/̵b̵i̵n̵/̵n̵i̵c̵e̵ ̵-̵n̵2̵0̵ ̵/̵e̵t̵c̵/̵r̵c̵.̵r̵e̵l̵o̵a̵d̵_̵a̵l̵l̵)̵ ̵s̵e̵e̵m̵s̵ ̵t̵o̵ ̵d̵o̵ ̵t̵h̵e̵ ̵j̵o̵b̵.̵

You could set firewall rules to only allow traffic to the servers' IPv6 addresses, and not allow connections to other PCs. You might double check your ISP's router as well...many block inbound IPv6 by default.

@databeestje Confirmed working from Helsinki, Finland with operator Telia, but had to edit WAN-interface's DHCP-client to request option-212 and run a packet capture for relay and prefix details. 6RD Prefix:2001: 2003:f400::/38 6RD Border relay: 84.251.255.254 6RD IPv4 Prefix length: 14 From what I've heard, in Finland especially Telia is really behind in native IPv6 -deployment and 6RD is extensively in use. Only the first 32 bits of the prefix are static and to add insult to injury the border relay IPs sometimes change. Would it be possible to add a checkbox in the 6RD config GUI for the automatic update of the 6RD parameters via option-212? Keep up the good work!

So I am running multi-WAN, and I do have NPt set up to translate my /48 with an HE.net /48 on my backup connection, and I see the same behavior you posted a screen shot of. I tried removing the NPt rule and still observed the same behavior on my primary WAN (IPv6 address being reported as the router WAN IP, not my desktop IPv6 address) Any suggestions on things I could check or this just a side effect of using multi-WAN and gateways w/fail-over?

@ksdehoff Odd that yours didn't work for the static mapping, maybe because I enumerated the entire interface ID (::7d86:e96:bb0c:fe85 for example). So I don't have to mess with changing anything in the static mapping. I had another issue unrelated to it (caused by Snort of all things) and I had as part of troubleshooting, unchecked the 'do not allow release...' setting and rebooted, and yep the prefix changed and the servers got new IPs with the same interface ID and the new prefix. So I am happy with that small victory.

@nineeyes maybe you have a wrong address somewhere or maybe the address changed I would check the $FRIEDL_FARM interface settings to see if there are wrong settings there

Hmm... look... another ISP (in Germany this time) with the same issue. I guess Comcast isn't the only one broken. Can this be looked into now to see where the problem lies as far as pfSense's handling of prefix size received being different from prefix size requested? https://forum.netgate.com/topic/159463/ipv6-not-working-wan-and-lan-interface-getting-an-ip-adress-not-any-client

@gamienator-0 At the moment, you're using an even number prefix. What happens if you pick an odd one? That /63 moves the boundary between the prefix and suffix over by one to the left. Will a prefix ID 1 now be the same as 0?

@jknott Yes, the "routing" is done by link local address.