IPv6 works fine to internet from pfsense, but not from LAN devices.

Bob.Dig

@s_d said in IPv6 works fine to internet from pfsense, but not from LAN devices.:

LAN is set to an address in the PD network.

It should be "Track Interface".

S_D

@bob-dig said in IPv6 works fine to internet from pfsense, but not from LAN devices.:

@s_d said in IPv6 works fine to internet from pfsense, but not from LAN devices.:

LAN is set to an address in the PD network.

It should be "Track Interface".

Thank you!

May I ask why? It used to work before when set to static IP and that's the way I saw it on a good YouTube tutorial this afternoon when I was sanity checking everything again...

Bob.Dig

@s_d If WAN has to be set to DHCP, then "Track Interface" is the usual way of doing it. Give it a try.

S_D

@bob-dig said in IPv6 works fine to internet from pfsense, but not from LAN devices.:

@s_d If WAN has to be set to DHCP, then "Track Interface" is the usual way of doing it. Give it a try.

OK unfortunately that's worse. With the Lan set to 'track' the LAN doesn't get a GUA at all. I've checked the DHCPv6 Prefix Delegation size is set to 48, as per Zen's allocation to me. Obviously with no GUA on the LAN my DHCPv6 server and RA don't work on my LAN network either, so no clients are getting a GUA.

NogBadTheBad

@s_d I'm with Zen too and also had issues with IPv6 on my local lans today

Did your WAN IPv6 address change and it was still in the /64 ND range, mine did.

I could ping the WAN IPv6 from the internet but not any of my LAN IPv6 addresses.

I'm sure I previously had the DHCPv6 Prefix Delegation size set to /48.

ND Prefix: 2a02:xxxx:xxxx:d8::/64
PD Prefix: 2a02:zzzz:zzzz::/48

I have my LANs set as static /64's and now seem to have resolved the issue with the following, I still don't think it's right though.

@Bob-Dig It should be "Track Interface", no it doesn't have to be set to "Track Interface"

S_D

@nogbadthebad said in IPv6 works fine to internet from pfsense, but not from LAN devices.:

@s_d I'm with Zen too and also had issues with IPv6 on my local lans today

Did your WAN IPv6 address change and it was still in the /64 ND range, mine did.

I could ping the WAN IPv6 from the internet but not any of my LAN IPv6 addresses.

I'm sure I previously had the DHCPv6 Prefix Delegation size set to /48.

ND Prefix: 2a02:xxxx:xxxx:d8::/64
PD Prefix: 2a02:zzzz:zzzz::/48

I have my LANs set as static /64's and now seem to have resolved the issue with the following, I still don't think it's right though.

@Bob-Dig It should be "Track Interface", no it doesn't have to be set to "Track Interface"

BOOM!

Amazing! THANK YOU. That setting 'dhcp6c will send a release to the ISP on exit, some ISPs then release the allocated address or prefix. This option prevents that signal ever being sent' fixed it for me! Didn't need Dhcp debug mode, but setting this release option then flapping the WAN interface manually brought everything up nicely. Now my IPv6 is working again! Woot!

Bob.Dig

@nogbadthebad said in IPv6 works fine to internet from pfsense, but not from LAN devices.:

@Bob-Dig It should be "Track Interface", no it doesn't have to be set to "Track Interface"

Until something changes... Track should be the safer setting for DHCPv6 in my opinion.

NogBadTheBad

@s_d Think Zen may have had an issue with the DHCP6 DUID.

Changed the DUID type, did a save then changed the DUID type back, effectively creating a new DUID-LLT and its now working as it should with the PD set to /48.

zennb1

@s_d would someone mind sharing what other settings are required to get clients to pick up an address. I seem to have a valid address on the wan side but my lan clients aren't getting anything. Any help appreciated. Thanks (zen customer too)

JKnott

@zennb1

Clients rely on router advertisements to learn the LAN prefix and they append the suffix to it. Run Packet Capture, filtering on icmpv6, to see if you have them. You could also run Wireshark on a computer to do the same thing.