@robsonvitorm said in IPv6 + DHCPv6 + statefull:
tcpdump -vvnn -i vtnet1.18 "icmp6 && (ip6[40] == 133 || ip6[40] == 134 || ip6[40] == 136) || (udp port 546 or 547)"
Thanks for the command !
(but the radv IPv6 bla bla traffic is also spamming )
Your image shows the - I think - the DHCPv6 server == pfSense answer.
So it received a request. And answered.
From a pfSense pint of view, DHCPv6 works.
Here is a sequence from mine :
Client to server
22:37:59.295387 IP6 (flowlabel 0x58369, hlim 1, next-header UDP (17) payload length: 141) fe80::a6bb:6dff:feba:16a1.546 > ff02::1:2.547: [udp sum ok] dhcp6 renew (xid=b34e82 (elapsed-time 0) (client-ID hwaddr/time type 1 time 643424141 a4bb6dba16a1) (server-ID hwaddr/time type 6 time 753711221 90ec7729392a) (IA_NA IAID:161790829 T1:6750 T2:10800 (IA_ADDR 2a01:cb19:907:a6e2::c7 pltime:13500 vltime:21600)) (vendor-class) (Client-FQDN) (option-request vendor-specific-info DNS-server DNS-search-list Client-FQDN))
server to client
22:37:59.315289 IP6 (hlim 64, next-header UDP (17) payload length: 173) fe80::92ec:77ff:fe29:392c.547 > fe80::a6bb:6dff:feba:16a1.546: [udp sum ok] dhcp6 reply (xid=b34e82 (client-ID hwaddr/time type 1 time 643424141 a4bb6dba16a1) (server-ID hwaddr/time type 6 time 753711221 90ec7729392a) (IA_NA IAID:161790829 T1:6750 T2:10800 (IA_ADDR 2a01:cb19:907:a6e2::c7 pltime:13500 vltime:21600)) (DNS-server 2a01:cb19:907:a6e2:92ec:77ff:fe29:392c) (DNS-search-list brit-hotel-fumel.net.) (Client-FQDN))
client to server
22:37:59.568116 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) fe80::a6bb:6dff:feba:16a1 > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16
source link-address option (1), length 8 (1): a4:bb:6d:ba:16:a1
0x0000: a4bb 6dba 16a1
server to client
22:37:59.568669 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 152) fe80::92ec:77ff:fe29:392c > fe80::a6bb:6dff:feba:16a1: [icmp6 sum ok] ICMP6, router advertisement, length 152
hop limit 64, Flags [managed, other stateful], pref medium, router lifetime 1800s, reachable time 0ms, retrans timer 0ms
prefix info option (3), length 32 (4): 2a01:dead:beef:a6e2::/64, Flags [onlink], valid time 86400s, pref. time 14400s
0x0000: 4080 0001 5180 0000 3840 0000 0000 2a01
0x0010: dead beef a6e2 0000 0000 0000 0000
route info option (24), length 8 (1): ::/0, pref=medium, lifetime=1800s
0x0000: 0000 0000 0708
rdnss option (25), length 24 (3): lifetime 1800s, addr: 2a01:dead:beef:a6e2:92ec:77ff:fe29:392c
0x0000: 0000 0000 0708 2a01 dead beef a6e2 92ec
0x0010: 77ff fe29 392c
dnssl option (31), length 56 (7): lifetime 1800s, domain(s): bhf.tld.
0x0000: 0000 0000 0708 1062 7269 742d 686f 7465
0x0010: 6c2d 6675 6d65 6c03 6e65 7400 1062 7269
0x0020: 742d 686f 7465 6c2d 6675 6d65 6c03 6e65
0x0030: 7400 0000 0000
mtu option (5), length 8 (1): 1500
0x0000: 0000 0000 05dc
source link-address option (1), length 8 (1): 90:ec:77:29:39:2c
0x0000: 90ec 7729 392c
Looks like the client requests,
and the server answers 'something',
Then the client makes a second requests
and the server answers with all the details.