Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ULA address in addition to tracking interface

    Scheduled Pinned Locked Moved IPv6
    19 Posts 5 Posters 3.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Bob.DigB
      Bob.Dig LAYER 8
      last edited by Bob.Dig

      You need a patch for this to work fully. But this patch is buggy. You will not be able to turn on IPv6 via track on another interface with this patch applied.

      1 Reply Last reply Reply Quote 0
      • P
        pixel24
        last edited by

        I have now configured the ULA address as described in the instructions:

        28ff1518-ffc5-451a-b1c7-6b03e047ab9e-grafik.png

        9952781e-ff5e-45e7-b8ca-07e8e6f86347-grafik.png

        I can reach a server in the LAN at its IPv6 ULA address via the diagnostics:

        a3483bfa-6125-4a74-8ca0-726cfb798562-grafik.png

        Do I understand the linked article (ULA bug) correctly that the problem is that it does not appear here? :

        9a0a6a09-3b10-4a2d-ae0f-1a23374523d6-grafik.png

        The network (ULA) is missing here. A patch is mentioned in the article on the ULA bug.

        I have never applied a patch, can anyone tell me how it works?

        JKnottJ 1 Reply Last reply Reply Quote 0
        • JKnottJ
          JKnott @pixel24
          last edited by

          @pixel24

          Why is part of this in English and part of some other language? It makes it hard to know what I'm looking at.

          BTW, there's no need to hide part of the ULA address. Like RFC 1918 IPv4 addresses, they can't be reached from elsewhere.

          PfSense running on Qotom mini PC
          i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
          UniFi AC-Lite access point

          I haven't lost my mind. It's around here...somewhere...

          the otherT 1 Reply Last reply Reply Quote 0
          • the otherT
            the other @JKnott
            last edited by

            @JKnott
            It's pfsense GUI with German language setting.
            Might be a good idea for the original poster to switch to english and post those shots again to reach mor ppl here (*winkwink)

            the other

            pure amateur home user, no business or professional background
            please excuse poor english skills and typpoz :)

            P 1 Reply Last reply Reply Quote 0
            • P
              pixel24 @the other
              last edited by

              @the-other said in ULA address in addition to tracking interface:

              @JKnott
              It's pfsense GUI with German language setting.
              Might be a good idea for the original poster to switch to english and post those shots again to reach mor ppl here (*winkwink)

              Sorry! I switch my UI to english

              1 Reply Last reply Reply Quote 0
              • P
                pixel24
                last edited by pixel24

                I have

                Services -> Router Advertisement

                RA subnet(s): fdd0:a044:0f4c:0000:: /64

                Firewall -> Virtual IP's -A Add

                Type: IP alias
Interface: LAN
Address type: Single address
Address(es): fdd0:a044:f4c::fe
Description: ULA address LAN

                configured. Do I understand the problem correctly that now under: DiagnosticsTables -> LAN_NETWORK

                the IPv6 ULA network (fdd0:a044:0f4c:0000::) should appear?

                JKnottJ 1 Reply Last reply Reply Quote 0
                • JKnottJ
                  JKnott @pixel24
                  last edited by

                  @pixel24 said in ULA address in addition to tracking interface:

                  the IPv6 ULA network (fdd0:a044:0f4c:0000::) should appear?

                  Where do you find that? I don't see anything like that.

                  I see you're running 2.7.2 and I have 2.7.0, but I wouldn't expect that to cause the difference.

                  PfSense running on Qotom mini PC
                  i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                  UniFi AC-Lite access point

                  I haven't lost my mind. It's around here...somewhere...

                  1 Reply Last reply Reply Quote 0
                  • P
                    pixel24
                    last edited by

                    @pixel24 said in ULA address in addition to tracking interface:

                    the IPv6 ULA network (fdd0:a044:0f4c:0000::) should appear?

                    I asked this question because I was given the hint in the post above that I need a patch and also a link to a longer post here in the forum. In this post it was written that the ULA network is not under: DiagnosticsTables -> LAN_NETWORK.

                    I wanted to know if this should be the case. Maybe I didn't understand the problem in the linked post correctly :-(

                    the otherT 1 Reply Last reply Reply Quote 0
                    • the otherT
                      the other @pixel24
                      last edited by the other

                      @pixel24 hey there,
                      nope: that patch mentioned was thought to fix a bug (vip IPs in rules stopped working after pfsense update > bug > patch > another problem occurred). Besides (!) that pfsense does not show ulas only gua and link locale (if I recall that right).

                      Now: you could add a new ula and it seems to be working (ping gets thru).
                      In tables (=tabellen) it shows your local IPv4 and your (?) gua...I assume you have rules including those two on that interface, so they show. No rule for ula yet? Won't show there then.

                      So: Dashboard won't show ula, tables will show in case you set a rule including it, status > interfaces only shows gua and local link but no ula...but it is working.

                      What did do? For example: go to diagnostics > command prompt and type "ipconfig" enter....tadaaaa....you should now see your interfaces and any assigned IP including ulas.
                      So you can see if and what address(es) interfaces use. I do not know of any other way under GUI to get pfsense to show its ula addresses.

                      BTW: IF you have a firewall rule including a GUA in LAN and your prefix changes (if your ISP is giving you dynamic ones) then your rule might become obsolet...that's one of the real messy things with IPv6, dynamic prefixes and pfsense IMHO...

                      the other

                      pure amateur home user, no business or professional background
                      please excuse poor english skills and typpoz :)

                      1 Reply Last reply Reply Quote 0
                      • P
                        pixel24
                        last edited by

                        Thank you for the explanation! Then I don't need this patch :-)

                        With ifconfig on the console I see all addresses :-)

                        Yes, I still have the problem with the dynamic IPv6 prefix. To "work around" this, I tried to "route" the incoming IPv6 connections with the HA proxy to the appropriate ULA address based on the URL called:

                        https://forum.netgate.com/topic/186422/provider-prefix-delegation-prefix-changes-ha-proxy/3

                        which unfortunately does not work :-(

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.