Is this how prefixes work?

smk

Running pfSense Plus 24.03

LAN ipv6 set to track the WAN. I have prefix delegation set to /56 and getting IPv6 from the ISP.

I was expecting my LAN computers to get address: 2605:e000:7fc0:6b00:xxxx:xxxx:xxxx:xxxx , but instead LAN computers are getting: 2603:8001:3400:4a00:xxxx:xxxx:xxxx:xxxx

I was expecting that LAN assignment because assignment from ISP is: 2605:e000:7fc0:6b:xxxx:xxxx:xxxx:xxxx

I have Router Advertisement turned on and set to unmanged and DHCPv6 turned off.

Shouldn't the LAN addresses follow the ISP assignment?

My ISP is Spectrum in SoCal

Thanks in advance!

johnpoz

@smk your delegated prefix doesn't have to be inline with the IPv6 your wan actually gets on it.. The prefix is just routed to you via the transit you have on your wan.

smk

Thanks @johnpoz

I think I am getting a prefix delegation of /56 because I have an IPv6 on WAN and everything seems to work. But how can I really be sure what prefix the ISP is assigning?

System Logs -> DHCP and filtering by dhcp6c does not show the ISP assigned prefix

johnpoz

@smk there was a thread before about this asking where to see what is actually delegated.. You could always just sniff and see what is delegated to you..

Yeah you can for sure be delegated a /56, but that doesn't mean its going to be in the same /56 as you wan IPv6 address.

tinfoilmatt

It's possible that your WAN interface has recevied a GUA from within the 2605:e000:7fc0:6b00::/64 prefix (i.e. 2605:e000:7fc0:6b00:xxxx:xxxx:xxxx:xxxx/128). And the tracked LAN interface has been assigned the 2603:8001:3400:4a00::/56 delegated prefix.

DHCP logs would confirm or refute.

johnpoz

@smk this thread I recalled where talking about viewing the delegated prefix

https://forum.netgate.com/topic/189392/where-in-the-interface-is-an-interface-s-ipv6-prefix-delegation-pd-shown

You should be able to look in the dhcp log when your wan gets the delegation to see the specifics of what prefix was delegated to you.

JonathanLee

You should take that free hurricane electric tunnel broker ipv6 class. You get a T-shirt I think too.

johnpoz

@JonathanLee Yup its a great run through of different aspects of IPv6.. And yup the free t-shirt is just a nice bonus for making it to sage level.

smk

My logs can't seem to confirm what prefix is being delegated by the ISP, although after setting /56 in pfsense configs everything seems to work fine.

Does this mean pfsense is getting a /128?

And nothing in the DHCP logs:
Sep 25 07:36:26 dhcp6c 79849 no responses were received
Sep 25 07:36:25 dhcp6c 79849 no responses were received
Sep 25 07:36:12 dhcp6c 79849 Sending Release
Sep 25 07:36:11 dhcp6c 79849 Sending Release
Sep 25 07:36:04 dhcp6c 79849 Sending Release
Sep 25 07:36:04 dhcp6c 79849 Sending Release
Sep 25 07:36:01 dhcp6c 79849 Sending Release
Sep 25 07:36:00 dhcp6c 79849 Sending Release
Sep 25 07:35:59 dhcp6c 79849 Sending Release
Sep 25 07:35:59 dhcp6c 79849 Sending Release
Sep 25 07:35:58 dhcp6c 79849 add an address 2605:e000:7fc0:6b:a056:3221:e365:83e1/128 on mvneta0
Sep 25 07:35:58 dhcp6c 79849 add an address 2603:8001:3400:4a02:2e0:edff:fec4:b04e/64 on mvneta1.2
Sep 25 07:35:58 dhcp6c 79849 add an address 2603:8001:3400:4a03:2e0:edff:fec4:b04e/64 on mvneta1.3
Sep 25 07:35:58 dhcp6c 79849 add an address 2603:8001:3400:4a04:2e0:edff:fec4:b04e/64 on mvneta1.4
Sep 25 07:35:58 dhcp6c 79849 add an address 2603:8001:3400:4a94:2e0:edff:fec4:b04e/64 on mvneta1.4084
Sep 25 07:35:58 dhcp6c 79849 add an address 2603:8001:3400:4a93:2e0:edff:fec4:b04e/64 on mvneta1.4083
Sep 25 07:35:58 dhcp6c 79849 add an address 2603:8001:3400:4a92:2e0:edff:fec4:b04e/64 on mvneta1.4082
Sep 25 07:35:58 dhcp6c 79849 add an address 2603:8001:3400:4a00:2e0:edff:fec4:b04e/64 on mvneta1.4081
Sep 25 07:35:58 dhcp6c 79849 dhcp6c Received REQUEST
Sep 25 07:35:58 dhcp6c 79849 Sending Request
Sep 25 07:35:58 dhcp6c 79849 Sending Solicit
Sep 25 07:35:58 dhcp6c 79849 remove an address 2603:8001:3400:4a02:2e0:edff:fec4:b04e/64 on mvneta1.2
Sep 25 07:35:58 dhcp6c 79849 remove an address 2603:8001:3400:4a03:2e0:edff:fec4:b04e/64 on mvneta1.3
Sep 25 07:35:58 dhcp6c 79849 remove an address 2603:8001:3400:4a04:2e0:edff:fec4:b04e/64 on mvneta1.4
Sep 25 07:35:58 dhcp6c 79849 remove an address 2603:8001:3400:4a94:2e0:edff:fec4:b04e/64 on mvneta1.4084
Sep 25 07:35:58 dhcp6c 79849 remove an address 2603:8001:3400:4a93:2e0:edff:fec4:b04e/64 on mvneta1.4083
Sep 25 07:35:58 dhcp6c 79849 failed to remove an address on mvneta1.4082: Can't assign requested address
Sep 25 07:35:58 dhcp6c 79849 remove an address 2603:8001:3400:4a00:2e0:edff:fec4:b04e/64 on mvneta1.4081
Sep 25 07:35:58 dhcp6c 79849 Sending Release
Sep 25 07:35:58 dhcp6c 79849 Start address release
Sep 25 07:35:58 dhcp6c 79849 remove an address 2605:e000:7fc0:6b:a056:3221:e365:83e1/128 on mvneta0
Sep 25 07:35:58 dhcp6c 79849 Sending Release
Sep 25 07:35:58 dhcp6c 79849 Start address release
Sep 25 07:35:58 dhcp6c 79849 restarting

I mean to take that class over the weekend! Thank you for telling me.

JKnott

@smk said in Is this how prefixes work?:

I was expecting my LAN computers to get address: 2605:e000:7fc0:6b00:xxxx:xxxx:xxxx:xxxx , but instead LAN computers are getting: 2603:8001:3400:4a00:xxxx:xxxx:xxxx:xxxx

Entirely normal. The WAN prefix has nothing to do with your LAN.

@smk said in Is this how prefixes work?:

But how can I really be sure what prefix the ISP is assigning?

Well, if you really want to be sure, capture your DHCPv6 sequence and examine the capture with Wireshark. However, you can be fairly certain that whatever prefix is on your LAN is what your ISP has assigned you.

JKnott

@smk

Here are a couple of other points:

A WAN interface doesn't actually need a public address. With IPv6, routing is often done with the link local address.

That /128 prefix length means there's no actual subnet there. That address is nothing more than a label for your router.