Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfSense host gets IPv6 from ISP (Google Fiber) but not LAN clients

    Scheduled Pinned Locked Moved IPv6
    11 Posts 3 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • jimpJ
      jimp Rebel Alliance Developer Netgate
      last edited by

      Are you certain your ISP is giving you a prefix delegation? And is that prefix delegation size correctly selected in the WAN DHCPv6 settings?

      Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • R
        rsaanon
        last edited by

        @jimp - Thx for responding.

        WAN Delegation Prefix Size: 56

        DHCP the log snippet below.

        Sep 26 10:02:20	dhcp6c	79038	got an expected reply, sleeping.
Sep 26 10:02:20	dhcp6c	79038	removing an event on em0.2, state=RENEW
Sep 26 10:02:20	dhcp6c	79038	script "/var/etc/dhcp6c_wan_dhcp6withoutra_script.sh" terminated
Sep 26 10:02:20	dhcp6c		dhcp6c renew, no change - bypassing update on em0.2
Sep 26 10:02:20	dhcp6c	79038	executes /var/etc/dhcp6c_wan_dhcp6withoutra_script.sh
Sep 26 10:02:20	dhcp6c	79038	update a prefix 2605:xxxx:xxxx:xxxx::/64 pltime=64800, vltime=86400
Sep 26 10:02:20	dhcp6c	79038	update an IA: PD-0
Sep 26 10:02:20	dhcp6c	79038	dhcp6c Received INFO
Sep 26 10:02:20	dhcp6c	79038	unknown or unexpected DHCP6 option vendor specific info, len 39
Sep 26 10:02:20	dhcp6c	79038	get DHCP option vendor specific info, len 39
Sep 26 10:02:20	dhcp6c	79038	IA_PD prefix: 2605:xxxx:xxxx:xxxx::/64 pltime=64800 vltime=86400
Sep 26 10:02:20	dhcp6c	79038	get DHCP option IA_PD prefix, len 25
Sep 26 10:02:20	dhcp6c	79038	IA_PD: ID=0, T1=900, T2=14400
Sep 26 10:02:20	dhcp6c	79038	get DHCP option IA_PD, len 41
Sep 26 10:02:20	dhcp6c	79038	DUID: 00:01:00:01:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
Sep 26 10:02:20	dhcp6c	79038	get DHCP option client ID, len 14
Sep 26 10:02:20	dhcp6c	79038	DUID: 00:03:00:01:xx:xx:xx:xx:xx:xx
Sep 26 10:02:20	dhcp6c	79038	get DHCP option server ID, len 10
Sep 26 10:02:20	dhcp6c	79038	receive reply from fe80::e681:xxxx:xxxx:xxxx%em0.2 on em0.2
Sep 26 10:02:20	dhcp6c	79038	send renew to ff02::1:2%em0.2
Sep 26 10:02:20	dhcp6c	79038	set IA_PD
Sep 26 10:02:20	dhcp6c	79038	set IA_PD prefix
Sep 26 10:02:20	dhcp6c	79038	set option request (len 4)
Sep 26 10:02:20	dhcp6c	79038	set elapsed time (len 2)
Sep 26 10:02:20	dhcp6c	79038	set server ID (len 10)
Sep 26 10:02:20	dhcp6c	79038	set client ID (len 14)
Sep 26 10:02:20	dhcp6c	79038	a new XID (6e3516) is generated
Sep 26 10:02:20	dhcp6c	79038	Sending Renew
Sep 26 10:02:20	dhcp6c	79038	reset a timer on em0.2, state=RENEW, timeo=0, retrans=10431
Sep 26 10:02:20	dhcp6c	79038	IA timeout for PD-0, state=ACTIVE
Sep 26 10:02:07	dhcp6c	79038	got an expected reply, sleeping.
Sep 26 10:02:07	dhcp6c	79038	removing an event on em0.2, state=RENEW
Sep 26 10:02:07	dhcp6c	79038	script "/var/etc/dhcp6c_wan_dhcp6withoutra_script.sh" terminated
Sep 26 10:02:07	dhcp6c		dhcp6c renew, no change - bypassing update on em0.2
Sep 26 10:02:07	dhcp6c	79038	executes /var/etc/dhcp6c_wan_dhcp6withoutra_script.sh
Sep 26 10:02:07	dhcp6c	79038	add an address 2605:xxxx:xxxx:xxxx::1/128 on em0.2
Sep 26 10:02:07	dhcp6c	79038	update an address 2605:xxxx:xxxx:xxxx::1 pltime=64800, vltime=18078597966930727296
        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          I don't see any sign of a /56 in that log file. Only a /64.

          Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • R
            rsaanon
            last edited by

            I had noticed that as well and tried changing the WAN/Delegation Prefix Size to /64 after which the pfSense host was no longer able to pull IPv6 from the ISP (even after a reboot). Changed it back to a /56 and the pfSense box successfully pulled IPv6 lease from ISP.

            1 Reply Last reply Reply Quote 0
            • R
              rsaanon
              last edited by

              FYI: Under LAN/Track IPv6 Interface, the IPv6 Prefix ID is set to the default of 0. Wondering if that needs to be changed. Also, in the past I had left that setting to the default of 0.

              Since the problem is not with pulling IPv6 from ISP, but instead clients not able to get IPv6 from the pfSense box, I am guessing the problem is somewhere in the LAN interface configuration (eg: may be ipv6 prefix id needs to be set to /64 or /56?).

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                The prefix ID on LAN is generally 0 since it's the first one. As long as LAN is set to track WAN for IPv6 that should be all you need to do.

                It really looks like it's failing to pull the prefixes properly from the ISP. I don't think it's a LAN settings issue at all, but a problem in what they're sending you.

                Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                R 1 Reply Last reply Reply Quote 0
                • jimpJ
                  jimp Rebel Alliance Developer Netgate
                  last edited by

                  For example, on my test setup here I have my edge handing out /60 blocks to routers behind, and it shows this:

                  Sep 26 10:53:10 missy dhcp6c[94557]: get DHCP option IA_PD prefix, len 25
Sep 26 10:53:10 missy dhcp6c[94557]:   IA_PD prefix: 2001:db8:1:ee10::/60 pltime=4500 vltime=7200

                  And then later it shows the individual prefixes being applied:

                  Sep 26 10:53:10 missy dhcp6c[94557]: make an IA: PD-0
Sep 26 10:53:10 missy dhcp6c[94557]: create a prefix 2001:db8:1:ee10::/60 pltime=4500, vltime=7200
Sep 26 10:53:10 missy dhcp6c[94557]: add an address 2001:db8:1:ee10:290:bff:fe7a:8a66/64 on igb1
Sep 26 10:53:10 missy dhcp6c[94557]: add an address 2001:db8:1:ee11:290:bff:fe7a:8a67/64 on ix0
Sep 26 10:53:10 missy dhcp6c[94557]: add an address 2001:db8:1:ee12:290:bff:fe7a:8a68/64 on ix1
Sep 26 10:53:10 missy dhcp6c[94557]: T1(2250) and/or T2(3600) is locally determined
Sep 26 10:53:10 missy dhcp6c[94557]: make an IA: NA-0
Sep 26 10:53:10 missy dhcp6c[94557]: create an address 2001:db8::ffff:c9e4 pltime=4500, vltime=11007750181759228960
Sep 26 10:53:10 missy dhcp6c[94557]: add an address 2001:db8::ffff:c9e4/128 on igb0

                  That was after an edit/save/apply on WAN, though. Your logs appear to be from a renew and not from a new request.

                  Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                  Need help fast? Netgate Global Support!

                  Do not Chat/PM for help!

                  1 Reply Last reply Reply Quote 0
                  • R
                    rsaanon @jimp
                    last edited by

                    @jimp Thanks again for taking time.

                    Still doubt that there's any issues with pulling the prefixes properly from the ISP as the pfSense box itself successfully pulls an IPv6 from ISP (ie: the WAN interface shows the IPv4 as well as the IPv6. Going to troubleshoot some mo' later.. Will post any updates. Thanks!
                    -r

                    1 Reply Last reply Reply Quote 0
                    • jimpJ
                      jimp Rebel Alliance Developer Netgate
                      last edited by

                      I just showed you what a working setup looks like and what a working server sends. Your server is not sending that, thus your server is not working properly.

                      Getting a working WAN address is not the same as getting a working and viable prefix delegation from upstream. One can work while the other is broken.

                      Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                      Need help fast? Netgate Global Support!

                      Do not Chat/PM for help!

                      N 1 Reply Last reply Reply Quote 0
                      • N
                        NickyDoes @jimp
                        last edited by

                        @rsaanon, looking for an update.

                        Did you ever get IPv6 working smoothly with Google Fiber?
                        Do you still have Google Fiber? What is your PD size now?

                        @jimp said in pfSense host gets IPv6 from ISP (Google Fiber) but not LAN clients:

                        I just showed you what a working setup looks like and what a working server sends. Your server is not sending that, thus your server is not working properly.

                        Getting a working WAN address is not the same as getting a working and viable prefix delegation from upstream. One can work while the other is broken.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.