Reinstall pfSense+ with a custom DHCPv6 config

Kevin C

@johnpoz I was not clear before. I had to create a custom DHCPv6 config file in /usr/local/etc. I did create a full XML backup and while I see the reference to the file I do not see the file contents in the backup. Everything else such as normal config and certificates are in the backup.

johnpoz

@kevin-c said in Reinstall pfSense+ with a custom DHCPv6 config:

custom DHCPv6 config file in /usr/local/etc

Why did you have to do that? But yeah if you edit some file directly or create a file on your own. Those would have to be backed up and restored manually.

Can you not put these settings in the gui? There are specific advanced options you can set in the gui, your doing something that is not there?

bingo600

@kevin-c said in Reinstall pfSense+ with a custom DHCPv6 config:

/usr/local/etc.

Why don't you just backup that file manually, and restore it on the new 22.05 OS ?

/Bingo

Kevin C

@johnpoz AT&T requires you to use their Residential Gateway so to use pfSense you have to put that into passthrough mode. In order to get multiple prefix delegations I had to use the custom config. I found the help to do that in an older thread here:

Multiple IPv6 Prefix Delegation over AT&T Residential Gateway for pfSense 2.4.5

Unfortunately I don't think anything has changed. I would prefer to do it in the GUI but I don't think it is possible.

@bingo600 I was concerned that restoring without that file would cause issues before I had a chance to restore the file. I am worried it might change the configuration or mess up the DHCP reservations. Just trying to avoid any complicated fixes so I can get the router back up quickly once I start the reinstall.

I may just need to reinstall and fix any resulting issues.

johnpoz

@kevin-c not exactly sure what your putting in this config file.

But from this link showing what he used for his pfsense
https://forum.netgate.com/post/1061762

Does that all line up with the advanced stuff you can setup in the gui?

Kevin C

@johnpoz Here is what I put into that config file. I'll take a look at the advanced options but for each interface I setup a PD. If possible, it would be better to do it in the GUI.

interface ix3 {
	send ia-na 0;
	send ia-pd 0;
	send ia-pd 1;
	send ia-pd 2;
	send ia-pd 3;
	send ia-pd 4;
	send ia-pd 5;
        send ia-pd 6;
	send ia-pd 7;
	script "/var/etc/dhcp6c_wan_script.sh";
};
id-assoc na 0 { };
id-assoc pd 0 {
	prefix-interface igc0 {
		sla-id 0;
		sla-len 0;
	};
};
id-assoc pd 1 {
	prefix-interface igc0.20 {
		sla-id 0;
		sla-len 0;
	};
};
id-assoc pd 2 {
  	prefix-interface igc0.30 {
		sla-id 0;
		sla-len 0;
	};
};
id-assoc pd 3 {
  	prefix-interface igc0.40 {
		sla-id 0;
		sla-len 0;
	};
};
id-assoc pd 4 {
  	prefix-interface igc0.50 {
		sla-id 0;
		sla-len 0;
	};
};
id-assoc pd 5 { };
id-assoc pd 6 { };
id-assoc pd 7 { };

Kevin C

If there is a way to do this in the GUI, please let me know. I looked at it again and I'm not sure how to request the PDs and assign multiple to different interfaces. Without this custom config file, I only had one PD and could not give a different PD per interface.

stephenw10

There is no way to do that I'm aware of.

It's an odd setup. You have to request multiple /64 PDs instead of them just passing you a /56?

Kevin C

@stephenw10 Yes. It could have changed but when I first setup pfSense I had this issue. Here is the relevant information from a post here that explained it.

@ttmcmurry said in Multiple IPv6 Prefix Delegation over AT&T Residential Gateway for pfSense 2.4.5:

Why do this? In short, AT&T U-Verse & Fiber customer equipment is assigned a /60 and can only hand out eight /64 prefix delegations. It is not possible to request a larger PD, however it is possible to request multiple /64 PDs from pfSense's WAN interface. Since the pfSense UI does not expose this functionality directly, it is possible to take advantage of it by supplying a dhcp.conf to override pfSense DHCP6 behavior available from the UI.

Gertjan

@kevin-c

You use something like :

Right ?

This setting will get backed up in the config.xml
The file itself, I'm less sure.

I wouldn't place that file in /usr/local/etc/ but in /root/
And everything that I placed in root, is a copy of what I created on my PC, before uploading/pasting it in /root/
Or I could use a pfSense packages likes Files or Backup that can backup my own stuff that isn't part of the standard config.xml

stephenw10

Yes, if you are using a separate custom file, rather than modifying a system file, you can use the Filer package to store that in the config file. Obviously you would only want to do that for small text files but this looks like one of those.
Note that when you restore that config the system would have to reinstall the package at first boot so you may not get back the functionality relying on that file until the second boot.

Steve

Kevin C

@Gertjan @stephenw10 Thanks for the pointer. Filer does seem to at least backup the file. It's Base64 encoded but it is in the backup file. I will try it and see what happens.