Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Verizon Fios and IPV6, Which Settings Work?

    Scheduled Pinned Locked Moved IPv6
    140 Posts 25 Posters 76.0k Views 24 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      tman222 @jmpalacios
      last edited by tman222

      @jmpalacios said in Verizon Fios and IPV6, Which Settings Work?:

      I think the only other thing I did, that probably deviates from the general guidance here, is setting the DHCP6 DUID to "DUID-LL: Based on Link-layer Address" in System -> Advanced -> Networking -> IPv6 Options, using my WAN's MAC address (with my WAN interface being the one connected directly to the FIOS ONT).

      I agree, I've had to set this as well, although I think I used DUID-LLT instead. In fact I've found that the DUID needs to be updated for IPv6 every time the WAN interface MAC address changes (for instance by changing the WAN interface to a different network port on the firewall), otherwise no new IPv6 prefix would be assigned.

      J 1 Reply Last reply Reply Quote 0
      • J Offline
        jmpalacios @tman222
        last edited by

        @tman222 Well, if I'm not mistaken, the intention is precisely for the prefix to change as little as possible, hence my use of a fixed identifier.

        Or am I misunderstanding the purpose of DUID, and/or the way it should be used?

        JKnottJ 1 Reply Last reply Reply Quote 0
        • JKnottJ Offline
          JKnott @jmpalacios
          last edited by

          @jmpalacios said in Verizon Fios and IPV6, Which Settings Work?:

          Well, if I'm not mistaken, the intention is precisely for the prefix to change as little as possible, hence my use of a fixed identifier

          That's my understanding too.

          PfSense running on Qotom mini PC
          i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
          UniFi AC-Lite access point

          I haven't lost my mind. It's around here...somewhere...

          J 1 Reply Last reply Reply Quote 0
          • J Offline
            jmpalacios @JKnott
            last edited by

            @JKnott Well, in that case, using a time-based component would cause it to change every time it's renewed. I can of course see several cases in which that would be desirable, but my use-case is not one of those, hence leaving out the time-based component from the DUID.

            1 Reply Last reply Reply Quote 0
            • D Offline
              daryl425
              last edited by

              Just wanted to shout out to all those on this thread. I have IPv6 working over FiOS in NYC now with my pfsense CE 2.6.0 setup. Now to migrate my rules to v6.

              1 Reply Last reply Reply Quote 0
              • T Offline
                tman222
                last edited by

                I recently upgraded to Verizon Fios 2Gbit service and it looks like I lost IPv6 capability in the process. The settings described in this thread had been working fine on the prior 1Gbit service, but with the new service I'm unable to get a IPv6 prefix delegated to me (using the same settings). Enabling debug mode on dhcpv6 I see the solicit (RS) going out, but unfortunately no advertisements (RA) follow. Does anyone with the 2Gbit Fios service have IPv6 working for them? The service is still relatively new so perhaps that capability (IPv6) is not yet enabled and will be made available later on. Thanks in advance.

                luckman212L 1 Reply Last reply Reply Quote 1
                • N Offline
                  Nuher @MikeV7896
                  last edited by

                  @MikeV7896 Just want to say thank you,followed your settings and it works.

                  1 Reply Last reply Reply Quote 0
                  • M madbrain referenced this topic on
                  • Y Offline
                    y2raza
                    last edited by

                    Hello Mike, 2025 I used your posted settings and cannot have ipv6 work on WAN and one single WIFIVLAN. Do you happen to have any update(s) on this topic?

                    1 Reply Last reply Reply Quote 0
                    • luckman212L Offline
                      luckman212 LAYER 8 @tman222
                      last edited by

                      @tman222 Hello from 2025. I just upgraded my FIOS to 2GB from a 1GB circuit where DHCP6 + PD /56 was working fine. Now zero RAs given here too. Searching around here and on Reddit I can't find anyone reporting a working 2G + v6 setup either. So I guess it's back to a tunnel broker for the rest of the year...

                      B 1 Reply Last reply Reply Quote 0
                      • B Offline
                        betapc @luckman212
                        last edited by

                        @luckman212 Hi, I’m having the same issue. Which tunnel are you using? The one I tried was limiting my speed to about 200–400 Mbps, and it feels a bit pointless to have a 2 Gbps connection if the tunnel only gives me a fraction of that. Since majority of the traffic will prefer IPv6 pathway. Thanks.

                        luckman212L 1 Reply Last reply Reply Quote 0
                        • luckman212L Offline
                          luckman212 LAYER 8 @betapc
                          last edited by luckman212

                          @betapc I haven't set up the tunnel yet, because I ran out of time yesterday. but I'm going to try these 3:

                          • ROUTE64
                          • BGPTunnel.com
                          • Hurricane Electric

                          I'll let you know about the results.

                          I had the same problem years ago (with macOS mostly) where clients were preferring the IPv6 route, so I wrote a Python module for Unbound to strip away AAAA records from DNS responses. This forces IPv4-only but still allows V6 traffic when I specifically target an IPv6 host by address. The script also has an allowlist (config file) of domains to pass AAAA records thru for, since I have some IPv6-only services I deal with.

                          So far so good on all that. But it's only been 2 days.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.