2.2.1: No IPv6 assigned to LAN anymore
-
Or if I do this also works just fine (see image)
I have PPPoE also and have to use the settings in the attached image before I can get my /56 PD to work as the normal settings did not work.
-
Majin3 - your dhcp6c config file does not have 'prefix-interface' statement inside of it, thus even though log you posted shows us that prefix is returned from DHCPv6 server dhcp6c simply ignores it because it does not know what to do with it. I looked at the code and I don't see how this could have worked with 2.2. If you have reverted to 2.2 and could post /var/etc/dhcp6c_wan.conf that might help a lot. Also, how did you configure custom DUID?
Ugh, you are right. Seems like it was a configuration error after all and loading my snapshot of 2.2 was also loading a working DHCP6C configuration (with prefix-interface defined) I seem to have broken at some point…
Thank you and sorry for wasting time. No relation to 2.2.1 whatsoever. -
I did not use advanced options before.
also request domain options dont play ANY role here… I just tried with diffetent options...
only custom config or advanced settings from screenshot are working... Lan is static ipv6 in my case.
also I have no config error somethibg borked conf file during upgrade... -
I did not use advanced options before.
also request domain options dont play ANY role here… I just tried with diffetent options...
only custom config or advanced settings from screenshot are working... Lan is static ipv6 in my case.
also I have no config error somethibg borked conf file during upgrade...Your basic config stopped working because of this change: https://redmine.pfsense.org/issues/4436. PD is no longer being requested if you do not have tracking interfaces configured. If you changed from static to track interface on LAN side it would work fine. Can you share why you configure your lan as static instead of track?
-
Sure.
I have static /64 on pppoe and static /56 (divided into /64) on my lan, so track iface is naturally not an option for me…
I missed that one actually was anomaly that in 2.2.1 is now resolved... -
I did not use advanced options before.
also request domain options dont play ANY role here… I just tried with diffetent options...
only custom config or advanced settings from screenshot are working... Lan is static ipv6 in my case.
also I have no config error somethibg borked conf file during upgrade...Your basic config stopped working because of this change: https://redmine.pfsense.org/issues/4436. PD is no longer being requested if you do not have tracking interfaces configured. If you changed from static to track interface on LAN side it would work fine. Can you share why you configure your lan as static instead of track?
I am holding off on updating PFsense partly due to this very thread. IPv6 is important to me and I don't want any issues regarding it.
Maybe I am mis-understanding you. Are you saying that I cannot have a static IPv6 LAN address and a working DHCPv6 prefix delegation ? As that is precisely the setup that has been working here for years and years (only recently with PFsense).
And in my view such a setup makes perfect sense, my :/48 prefix is static (just as my ipv4 and routed subnet) but my ISP requires me to using DHCP for both.
For the lan side, I use RADVD but in managed mode, as I don't want clients (let alone servers or routers) to get IP address from RA, they should get IP address and DNS server settings from an authorized internal IPv6 DHCP server.
-
To me, it seems everything is actually working except you have to do in the advanced configuration section what has always worked in the normal WAN setup area. I assume this is a simple gui error and not an underlying issue with pfsense. I'd also assume it will be corrected in .2
probably already fixed in the nightly updates actually, but I haven't tried it.
-
This is my personal opinion which might not match with pfSense dev opinion.
The whole idea of DHCP (v4 and v6) is that your IP gets configured and then managed by DHCP client. Even if you have static mapping on the DHCP server it is still recommended to use DHCP so you are not left with broken network if someone changes your static mapping. So using DHCPv6+PD on WAN and then statically assigning IP to LAN interface is a bit backwards to say the least and I don't think this kind of setup is officially supported and tested during release testing. I am pretty sure that some of you that do that are doing it so you can use DHCPv6 server on LAN side, since you can only enable it if LAN has static IP. If that is the case this is the bug for the issue: https://redmine.pfsense.org/issues/3029 go complain there instead of blaming other parts of the system.
With that being said, change 4436 was intentional and I don't think it is going to be rolled back. If that affects you, reproduce your old setup using advanced DHCP6 settings. Since you kind of need to know what you are doing when configuring advanced settings. Here is a quick "guide":
If you want to be 100% sure that future updtates don't break your setup utilize 'Config File Override' option.
-
lol :)
Thanks for you explanation but I know what am I doing.
And no I don`t use static LAN so that I can use DHCPv6 server, in fact I have it disabled. -
Now I use my custom config file```
interface em0_vlan88 {
send ia-na 0; # request stateful address
send ia-pd 0; # request prefix delegation
request domain-name-servers;
request domain-name;
script "/var/etc/dhcp6c_wan_script.sh"; # we'd like some nameservers please
};
id-assoc na 0 { };
id-assoc pd 0 {
prefix ::/48 infinity;
};I would like to use the advanced config section but I don’t know exactly how to fill up these fields. The first part works, but where should I put``` id-assoc na 0 { }; id-assoc pd 0 { prefix ::/48 infinity; ```for getting the right result? -
Of course setting a fixed ipv6 address on any device isn't backwards. Especially not if the chance that the assigned prefix ever changes is zero.
One would think that if this prefix does chance, it would be the least of your worries, as the number of dynamic dns services that support ipv6 is extremely low.
There are valid reasons to assigning a fixed IPv6 address on a router interface, even though in RA the router address used is the link local address. If for whatever reason, one has completely disabled RA on say a server, one could use the static IPv6 of the router interface + a static route and be done with it.
Having said that, at least using advanced options enables us to re-instate the old behavior, which to me makes much more sense, especially in enterprise.
It is clear this was a deliberate change, I am however not convinced that change makes a lot of sense and I doubt that people that have been bitten by this chance are a tiny group.
Edit to add, no I am not setting a static IPv6 address on the router interface just so that I can use the dhcpv6 server supplied by pfsense, that server isn't running on the router and for good reason to.
-
If you are using a service like comcast or time warner cable that assigns dynamic IPV6 addresses via DHCP and should be using a track interface and your are assigning static addresses here and there, you are screwing up. Your pain is your fault.
-
Yeah that is not good :)
But my provider gives me one /64 static connecting segment (pppoe) and a static /56 that I divided into 256 /64 networks and I HAVE TO USE STATIC on my VLANs :)
Trac interface is at no use to me…br,
m -
If you are using a service like comcast or time warner cable that assigns dynamic IPV6 addresses via DHCP and should be using a track interface and your are assigning static addresses here and there, you are screwing up. Your pain is your fault.
My point was that there are quite a few providers that provide STATIC ::/48 or ::/56, but rely on PD to get the prefix to a router, in such cases this change doesn't really make sense.
-
You described my case very well ;)
-
OK - I see.
-
Now I use my custom config file```
interface em0_vlan88 {
send ia-na 0; # request stateful address
send ia-pd 0; # request prefix delegation
request domain-name-servers;
request domain-name;
script "/var/etc/dhcp6c_wan_script.sh"; # we'd like some nameservers please
};
id-assoc na 0 { };
id-assoc pd 0 {
prefix ::/48 infinity;
};I would like to use the advanced config section but I don’t know exactly how to fill up these fields. The first part works, but where should I put``` id-assoc na 0 { }; id-assoc pd 0 { prefix ::/48 infinity; ```for getting the right result?Configure advanced settings exactly how they appear in the image I posted, then add '::/48' in the 'Prefix ipv6-prefix' field and 'infinity' in 'pltime' field.
-
Yeah that is not good :)
But my provider gives me one /64 static connecting segment (pppoe) and a static /56 that I divided into 256 /64 networks and I HAVE TO USE STATIC on my VLANs :)
Trac interface is at no use to me…br,
mmaverick, why do you have to use static on your VLANs? I use DHCP6+PD with VLAN configured as track interface and everything works fine.
-
Because I need: XXXX:XXXX:XXXX:XXXX::X to be static and always the same.
I have 5 subnets that I chose and of course they need to be static… -
So essentially you are doing it because you want to have a short interface identifier (rightmost 64-bits) in your IPv6 address instead of having them be auto-configured, which would be the case if you used track interface. Did I understand that correctly?