BT Full Fibre only partially functioning via pfSense Router

stephenw10

That's fine. How do you have the WAN and LAN configured for IPv6 though?

It's probably at least mostly corret since it has pulled a prefix and is using it on the LAN.

Go to Diag Ping in pfSense and try to ping out using IPv6 there. Does that work? If not what error is shown?

brookheather

@MattDownes89 I have my IPv6 Prefix ID set to 1 and you need to set the Prefix Delegation Size to 64 (and select Enable DHCPv6 server on LAN interface). You shouldn't need to change any other options though personally I set the IPv6 DHCP address pool range from ::d:1 to ::d:ffff so it's obvious that the IPv6 address comes from the DHCPv6 server.

MattDownes89

OK, so here's the WAN Settings:

And the LAN Settings:

And then the DHCPv6 Settings:

I have no doubt I am missing something simple somewhere, I think I have probably caused myself more issues by trying to update what I had rather than starting fresh with the new ISP.

@stephenw10 Not sure what address to Ping to test? But if I ping the ISPs IPv6 address that's successful so it's getting that far!

stephenw10

You should be able to set the WAN to pull a /56 prefix so you can have addresses on more than one internal interface.

But if you can ping a v6 address from pfSense itself this is almost certainly an issue with assigning v6 addresses to the clients.

Can we assume that your LAN side clients are not getting an IPv6 address at all currently?

ficti0n851

Hi, not sure if you managed to get much further but heres what I got for LAN:

This is for WAN:

This is Router Advertisement as I dont use DHCPv6:

PS, I noticed your DHCPv6 is allocating a /56, I only allocate /64, maybe that doesnt help.

PPS, make sure you refresh your clients NIC to get new addresses.

fic.

MattDownes89

@stephenw10 I have set to /56 as suggested.

I think it is an issue on the LAN side - if I do an 'ipconfig /all' I can see my Laptop has picked up an IPv6 Address and if I look at DHCPv6 Leases I can see it in there as the only IPv6 Device on the list, but it just shows as idle/offline whereas in the normal DHCP list for IPv4 I can see all the devices on my network and the vast majority have a green tick and say they're online.

stephenw10

Hmm, what pfSense version is that?

That client still has the IPV6 address.

MattDownes89

@stephenw10 looks like I'm up to date:

stephenw10

You are not. Probably wouldn't make any difference for this but you should upgrade anyway. Try running at the command line : certctl rehash

Then recheck. You should see 2.7.2 available.

MattDownes89

@stephenw10 - that did it, will update and see if anything changes!

MattDownes89

OK, I am now on 2.7.2, looks subtly different and a few more devices seem to have got IPv6 Addresses but all showing as Offline in the list:

stephenw10

Hmm, those devices are actually present in the ARP table?

Are they all Windows clients?

MattDownes89

@stephenw10 so the bottom one in that screenshot was my Win11 Laptop I am on now, not sure what devices the other two were, however, this morning I have a different IPv6 Address if I do IP Config on here and it's not showing up in the leases - my laptop is showing the correct IPv4 & IPv6 addresses for pfSense as the DNS Servers.

If I do arp - a on the pfSense box it doesn't show any IPv6 addresses but I do see the IPv4 for my laptop in the list.

I don't know if any of that helps?

stephenw10

They won't show in the ARP table that only ever shows v4 addresses. But do those clients show there at all?

Check Diag > NDP Table to see the current v6 devices.

MattDownes89

@stephenw10 yes, my laptop is in the ARP Table with it's IPv4 IP.

NDP Table doesn't show the IPv6 address that my laptop is showing under IP Config.

stephenw10

Hmm, how are the clients configured for IPv6?