ISP Delegates /64 Multiple Times But No /56 or /60
-
-
@vader9000 Check the docs.
You have to roll out ULAs on all other Interfaces but the LAN, which still gets the one /64 that is working for you.One example:
You have to create these rules for every other interface than LAN and change the Source accordingly. -
Thank You Im Going to Try it
-
On The Interface Lets call it TEST(igb1.5) VLAN tag 5 i Set the interface as STATIC IPV6?
If so wen the ISP changes the ips for the router this will stop working correct? -
@vader9000 said in ISP Delegates /64 Multiple Times But No /56 or /60:
On The Interface Lets call it TEST(igb1.5) VLAN tag 5 i Set the interface as STATIC IPV6?
Yes and you give it an ULA with /64 like shown above.
If so wen the ISP changes the ips for the router this will stop working correct?
No, LAN is still handled via Track Interface so in general it should work.
-
@Bob-Dig said in ISP Delegates /64 Multiple Times But No /56 or /60:
You have to roll out ULAs on all other Interfaces but the LAN, which still gets the one /64 that is working for you.
Actually, you can add ULA to the LAN, along with GUA. In fact, I don't think ULA is allowed to route to GUA addresses.
PfSense running on Qotom mini PC
i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
UniFi AC-Lite access pointI haven't lost my mind. It's around here...somewhere...
-
Hello,
Thank you for the help, I managed to get it working on my test box so I will be setting up my live box.
Best regards,
FC -
@JKnott said in ISP Delegates /64 Multiple Times But No /56 or /60:
Actually, you can add ULA to the LAN, along with GUA.
True but at least with Track Interface you need a patch for pfsense and this patch is only working partially.
In fact, I don't think ULA is allowed to route to GUA addresses.
Someone has to test this.
I ditched my ULAs because of the mentioned problems, so it won't be me. -
@Bob-Dig said in ISP Delegates /64 Multiple Times But No /56 or /60:
Someone has to test this.
RFC 6724 describes priority when you have multiple addresses to choose from, but doesn't appear to get into the GUA <> ULA situation. However, I seem to recall reading elsewhere that it wasn't allowed. Can't say for certain though.
Anyway, I have both GUA and ULA on my subnets.
-
@Bob-Dig said in ISP Delegates /64 Multiple Times But No /56 or /60:
Someone has to test this.
I just did and I can reach ULA from GUA. I tested from my VPN, which only has GUA to my desktop computer and it's ULA address.
