• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Not getting ipv6 address on WAN unless prefix delegation size is set to none

IPv6
4
11
3.7k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    jpgsense251
    last edited by May 10, 2018, 9:53 AM

    ISP: telenet (Belgium)
    ABO: ExpressNet
    pfsense: 2.4.3-RELEASE (amd64) built on Mon Mar 26 18:02:04 CDT 2018 FreeBSD 11.1-RELEASE-p7

    According to this (https://www2.telenet.be/nl/klantenservice/ipv6-bij-telenet-technische-uitleg/) and this(https://www.stroobant.be/telenet-ipv6-pfsense-configuratie) document, I should set 'DHCPv6 Prefix Delegation size' to 56

    However, when setting 'DHCPv6 Prefix Delegation size' (interface WAN) to 56, I DON'T get an ipv6 address.
    When setting 'DHCPv6 Prefix Delegation size' to none, I DO get an ipv6 address.

    On the LAN(s), the option to 'track interface', becomes meaningless, because, even though the WAN can be selected under 'Track IPv6 interface', the IPv6 Prefix ID can only be 0.

    The following errors are in the DHCP log, but according to 'the web', they are codmetic:
    May 10 11:36:45 dhcp6c 45232 failed initialize control message authentication
    May 10 11:36:45 dhcp6c 45232 failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory

    Anybody, who knows why I don't get an IPv6 address with prefix 56?

    Thanks

    1 Reply Last reply Reply Quote 0
    • M
      mrsunfire
      last edited by May 12, 2018, 6:35 AM

      Remember you also have to set "Send IPv6 prefix hint". If you only request a /64 than of course you only can track 1 subnet (Prefix ID0). Thats no problem for private usage.

      Netgate 6100 MAX

      1 Reply Last reply Reply Quote 0
      • J
        jpgsense251
        last edited by May 12, 2018, 8:53 AM

        If I enable 'Send IPv6 prefix hint' with 'DHCPv6 Prefix Delegation size' set to 'none', I get an error while saving:
        The following input errors were detected:
        DHCPv6 Prefix Delegation size must be provided when Send IPv6 prefix hint flag is checked

        If I enable 'Send IPv6 prefix hint' with 'DHCPv6 Prefix Delegation size' set to '56', I can successfully save, but I don't get an IP address.

        I've tried all available prefix sizes from the drop down list, I only get an IP address when selecting none.

        1 Reply Last reply Reply Quote 0
        • M
          mrsunfire
          last edited by May 12, 2018, 6:00 PM

          Do a reboot after hitting save.

          Netgate 6100 MAX

          1 Reply Last reply Reply Quote 0
          • J
            jpgsense251
            last edited by May 13, 2018, 9:18 AM

            Tried a reboot after saving the settings, no IPv6 address received…

            1 Reply Last reply Reply Quote 0
            • D
              Derelict LAYER 8 Netgate
              last edited by May 13, 2018, 9:28 AM

              What does your ISP have to say?

              The entire exercise here is to make the router do what THEY require. It'd be nice if they said what they need.

              Really, all you can do is set the PD request to 56, kick the DUID to something new, and reboot.

              Be sure you enable the DHCP6c debug logs in the WAN configuration. You can see exactly what dhcp6c client thought about the lease process by going to Status > System Logs, DHCP and filtering on process dhcp6c.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • J
                jpgsense251
                last edited by May 13, 2018, 4:57 PM

                @Derelict and anyone else who wants to help me

                I've already submitted a technical question to my ISP, but haven't received an answer yet (long weekend here in Belgium - replies only guaranteed? in two working days.

                As I said, I've tried all possible PD's, only receive an IPv6 if 'none'

                However, since I already activated 'debug', I saw the message that the server was reading an existing DUID from file.

                You say to 'kick the DUID', how do I do that?

                Thanks

                1 Reply Last reply Reply Quote 0
                • D
                  Derelict LAYER 8 Netgate
                  last edited by May 13, 2018, 5:38 PM

                  Something like this:

                  https://forum.pfsense.org/index.php?topic=147798.msg802802#msg802802

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • J
                    jpgsense251
                    last edited by May 13, 2018, 6:52 PM

                    @Derelict: Thank you so much

                    I did exactly what is recommended and now have an IPv6 (PD 56) on my WAN (igb0), two LAN (igb2 & igb3) interface tracking the WAN

                    So in summary for other users:

                    1. power off your cable modem
                    2. Save the /56 prefix request WAN configuration as shown in the other thread. Be sure DHCP6 debug output is checked.
                    3. Put one of the inside interfaces on Track Interface
                    4. Go to System > Advanced, Networking and be sure the DUID is set to be saved. The default format is DUID-LLT. You can increment that time in seconds by one or figure out what the current number would be based on the current time. The point is to use a new DUID the next time it requests a PD.
                    5. Halt the system and power it off
                    6. Power on the cable modem and let it go green
                    7. Power on the firewall.
                    When it settles in, look at the logs in Status > System Logs, DHCP. Filter on command dhcp6c. That will tell you exactly what happened.

                    1 Reply Last reply Reply Quote 0
                    • D
                      Derelict LAYER 8 Netgate
                      last edited by May 13, 2018, 6:59 PM

                      Great to hear. Glad it worked.

                      Chattanooga, Tennessee, USA
                      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                      Do Not Chat For Help! NO_WAN_EGRESS(TM)

                      M 1 Reply Last reply Apr 20, 2024, 3:48 AM Reply Quote 0
                      • M
                        modi @Derelict
                        last edited by Apr 20, 2024, 3:48 AM

                        @Derelict the URL is not working

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.