WAN IPv6 prefix delegation to LAN interface

JKnott · Jan 5, 2022, 7:07 PM

@derelict said in WAN IPv6 prefix delegation to LAN interface:

And, if it changes, it needs to be updated manually. It cannot be updated dynamically.

This applies whether you use PD or not. My prefix is consistent but I understand not everyone is so fortunate.

Derelict · Jan 5, 2022, 7:11 PM

@jknott Why would it change if it is not a DHCP6 PD?

JKnott · Jan 5, 2022, 9:14 PM

If the prefix from the ISP changes, then everything behind pfsense gets a new prefix. When you route to additional routers, they have to have addresses within what you get from the ISP. It doesn't matter how you provide IPv6 to those routers.

Derelict · Jan 5, 2022, 10:00 PM

@jknott It's either static or dynamic. An ISP changing a static routed prefix is a different problem.

JKnott · Jan 5, 2022, 10:34 PM

@derelict

Did the OP say they had static addresses? Or DHCPv6-PD? If his ISP is like mine, even with DHCPv6-PD, the addresses are virtually static. Mine even survived replacing the computer I run pfsense on, complete with new NICs. On the other hand, with IPv4, the new hardware caused my host name to change, as well as the address.

Derelict · Jan 6, 2022, 2:58 AM

@jknott said in WAN IPv6 prefix delegation to LAN interface:

This applies whether you use PD or not.

@jknott said in WAN IPv6 prefix delegation to LAN interface:

@derelict

Did the OP say they had static addresses? Or DHCPv6-PD?

Right. So why bring something other than PD up in the first place? It's either a PD or it's static.

A PD that rarely changes is still a PD.

JKnott · Jan 6, 2022, 7:44 PM

@derelict said in WAN IPv6 prefix delegation to LAN interface:

Right. So why bring something other than PD up in the first place? It's either a PD or it's static.
A PD that rarely changes is still a PD.

I thought we were talking about distributing a prefix to another router behind pfsense and the OP wanted to use PD for that. Then you mentioned the upstream prefix changing.

asdjklfjkdslfdsaklj · Jan 6, 2022, 8:45 PM

@derelict after thinking about this for a bit, I could have phrased my intent better.

I had made a leap that after sorting out WAN dhcp6.conf I'd be able to "apply" the PD to the LAN interface's DHCPv6 config in such a way that the "Prefix Delegation Range" could be automatically derived and populated.

Get /56 from ISP, make it available to the LAN DHCPv6 config, assign something from that as southbound PD, albeit partially automatically.

I learned you need to specify the entire address in the PD range, and couldn't populate any part of it automatically. Here I've taken a /57 range from aforementioned /56, for southbound PD:

A way to say "provide a PD on the interface, of /x size, from WAN PD space" would be a nice feature.

JKnott · Jan 6, 2022, 10:28 PM

@asdjklfjkdslfdsaklj said in WAN IPv6 prefix delegation to LAN interface:

A way to say "provide a PD on the interface, of /x size, from WAN PD space" would be a nice feature.

Does your prefix change? If not, then it's not an issue.

4920441 0 · Mar 22, 2022, 3:16 PM

@jknott
That's problem... in good olde yurop many ISPs privide also a dynamic IPv6 prefix.... and not a small one either, many a /56 or /48 - but dynamically assigned....

Derelict · Mar 23, 2022, 4:20 PM

@4920441-0 But if they honor the DUID and give you the same prefix every time it should change very rarely, but I agree some tracking of the dynamically-assigned prefix would be nice.

It would also be nice if ISPs would give static IPv6 addressing, /48s, etc.

4920441 0 · Mar 23, 2022, 4:20 PM

@derelict

No they don't - the prefix changes every reconnect and nothing can be kept as it was - not even coincidentially....

Some want to sell the more expensive business accounts, others are simlply ingnorant:-)

Cheers

4920441

asdjklfjkdslfdsaklj · Mar 23, 2022, 5:06 PM

@derelict well said, and sums up my thoughts.

Respective DUID state is nice, and it would be even nicer to track and adjust relatively on the pfSense side.

Thanks for your time.