IPv6 works on pfsense but not on LAN side
-
each with a different "IPv6 prefix ID" between 0 and ff (hex)
Can you please tell which should be correct for my case?
00
01
02
03
04
05
06
07
09
0a
0b
0c
0d
0e
0f
…
...
...
fa
fb
fc
fd
fe
ff;)
-
I'm using pfSense 2.1 RELEASE.
On first setup, I,m only using IPv6 on LAN, result work. When I enable IPv4 on same interface, IPv6 cannot not work in same interface.
-
ok I made some progress.
After changing IPv6 Prefix ID=0e at Interfaces -> LAN now I can obtain an ipv6 on LAN card of my pc:
and
For some seconds I could successfully ping and open http://ipv6.google.com and then the same again… :(
-
ok I made some progress.
After changing IPv6 Prefix ID=0e at Interfaces -> LAN now I can obtain an ipv6 on LAN card of my pc:
You shouldn't have to set it to any "correct" value; with a /56 delegated to you, any value in the given range (0-255, converted to hex) should work.
The rest of your post sounds like a firewall issue. Do you have a pass rule for IPv6 traffic on the LAN interface (IPv6 from LAN subnet to any)? Anything relevant in the firewall log?
-
Yes that rule exists by default and I have replicated it also.Nothing is logged on firewall logs.
On systems logs this message is repeated all the time:php: rc.newwanipv6: rc.newwanipv6: Failed to update wan IPv6, restarting…
dhcp6c[59545]: update_ia: status code for NA-0: no addresses -
Try checking "request only a IPv6 prefix" in the WAN settings.
-
Also, make sure that in status->services, radvd is present and listed as running.
-
Try checking "request only a IPv6 prefix" in the WAN settings.
Success! Enabling that option along with 'Use IPv4 connectivity as parent interface' and prefix size /56 on WAN interface did the trick.Also I should select 'track interface' and 'IPv6 Prefix ID' something between 00-ff but not 0! (I choose 0e).Finally I rebooted the device and everything is working.
Thank you all for your help and patience! Cheers! -
I spoke too fast.Although ipv6 works correctly for 2-3 days, then suddenly it stops.Even if I reboot the device it dozen't work.The only way it can work again is by modifying the value "ipv6 prefix id" on lan to something else for example 6,8,f etc. Any ideas why this could happen?
-
I have the same issue, same hardware and version, different ISP (Hughesnet Gen4). I have native IPv6, I get a /64 on the WAN side, I can't get the right allocation on the LAN side because they hand out a /61 and that isn't a choice in the pull down menu, but if I pick /62 it all seems to look right. none of my hosts on the LAN side (pretty much all apple devices at the moment) get an address.
radvd is running in services, but because I have track interface for LAN, not a static, I can't set anything for the RA, and I don't know what the defaults are.
I see the RAs in tcpdump from fe80::1:1, which is the LAN interface address, and they have a /63 prefix in 2001: that matches the LAN address on the pfsense box, but the host never gets an autoconfig address. I use autoconfig on the same laptop at work every day, and it's fine there.
I'm new to pfsense, and I've only done IPv6 routing on enterprise-level gear, not home network stuff, but it's the only public address I can get out of Hughesnet, so any ideas are greatly appreciated.