Outbound NAT not work if pppoe have been used in WAN

axot

Hi team, my current config has been setup as following,

WAN
IPv4: PPPoE
IPv6: SLAAC: 2405:xxxx:7792

LAN
IPv4: static ip
IPv6: static ip fc00::254

Outbound NAT
Interface: WAN
Source: fc00::/64
Destination: any

With this config, I can not ping6 from my Mac (fc00::1c69:c11f:9ef1:1900),
I also checked with tcpdump in pfsense machine, snat seems not work

# at my Mac
$ ping6 2404:6800:4004:822::200e
PING6(56=40+8+8 bytes) fc00::1c69:c11f:9ef1:1900 --> 2404:6800:4004:822::200e

# at pfsense
$ [2.6.0-RELEASE]: sudo tcpdump -nnn ip6 and host 2404:6800:4004:822::200e
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on igb0, link-type EN10MB (Ethernet), capture size 262144 bytes
01:28:33.017296 IP6 fc00::1c69:c11f:9ef1:1900 > 2404:6800:4004:822::200e: ICMP6, echo request, seq 0, length 16
01:28:34.022610 IP6 fc00::1c69:c11f:9ef1:1900 > 2404:6800:4004:822::200e: ICMP6, echo request, seq 1, length 16
01:28:35.024011 IP6 fc00::1c69:c11f:9ef1:1900 > 2404:6800:4004:822::200e: ICMP6, echo request, seq 2, length 16

## ping from pfsense works
[2.6.0-RELEASE]: ping6 2404:6800:4004:822::200e
PING6(56=40+8+8 bytes) 2405:xxxx:7792 --> 2404:6800:4004:822::200e
16 bytes from 2404:6800:4004:822::200e, icmp_seq=0 hlim=116 time=5.262 ms

But if I setup IPv4 of WAN from PPPoE to None, the I can reach ipv6 from my Mac.
Is this an existed issue, any workaround?

Thanks.

axot

This caused by wrong rule

nat on pppoe0 inet6 from fc00::/64 to any -> 2405:xxx:7792/128 static-port

works after manual change it to

nat on igb0 inet6 from fc00::/64 to any -> 2405:xxx:7792/128 static-port

but how to make this persistent, the rule will reset after reboot

axot

solved by add a WAN_IGB0 interface and use it in NAT Outbound.