IPv6 gateway address is outside of provided /64 subnet.

qtlnx

Little Happy Cloud KVM provides IPv6 with the following configuration:

Subnet prefix_48:/64
Gateway prefix_48::1

When I set IPv6 WAN in DHCP6 there are no IPv6 addresses assigned but a route to gateway shows in routing table and I can assign any prefix_48:/64 address manually from console using ifconfig and everything works as expected. Of course it does not survive a reboot.

If I select Static IPv6, enter /64 address and gateway prefix_48::1 then gateway is not reachable.

I tried to enter route to gateway manually using route command but it did not help, although routing table seemed the same as after DHCP6.

My current workaround is to use StaticIPv6, specify prefix_48:blah/48 address in IPv6 address field.

The manually defined gateway prefix_48::1 becomes reachable and all works.

Question: what is the correct way to configure IPv6 in this environment?

cmb

That type of config is only supported in 2.3 (without manual hacks).
https://redmine.pfsense.org/issues/972

You're probably best off using latest 2.3 snapshot in that circumstance.

qtlnx

That was quick, thank you!
Where can I find upgrade from 2.2.6 release to 2.3 snapshot instructions?

cmb

Download the full update from snapshots.pfsense.org and install it under System>Firmware, or option 13 at console.

qtlnx

Upgraded. I now see new checkbox "Use non-local gateway" under System/Routing/Gateways/Edit.
Enabling it adds an explicit route to the gateway but as I explained in my initial message adding explicit route to the gateway manually from command line does not help.

IPv6 only works if

DHCP6 allowed to do gateway route with following manual IPv6 address assignment
or
WAN interface is statically configured with wide enough subnet to reach gateway directly.

qtlnx

a working gateway route is created when DHCP6 is enabled

[2.3-BETA][admin@lhc]/root: netstat -rn6
Routing tables

Internet6:
Destination Gateway Flags Netif Expire
default prefix_48::1 UGS vtnet0
::1 link#5 UH lo0
prefix_48::/48 link#1 U vtnet0
prefix_48::1 xx:xx:xx:xx:xx:xx UHS vtnet0
…

IPv6 address is not assigned automatically but after assigning it manually
ifconfig vtnet0 inet prefix_48:abcd/64
IPv6 works.

qtlnx

Static IPv6 setup is missing one route and IPv6 is not working.

[2.3-BETA][admin@lhc]/root: netstat -rn6
Routing tables

Internet6:
Destination Gateway Flags Netif Expire
default prefix_48::1 UGS vtnet0
::1 link#5 UH lo0
prefix_48::1 xx:xx:xx:xx:xx:xx UHS vtnet0

Looks like new functionality "Use non-local gateway" under System/Routing/Gateways/Edit is incomplete.

johnpoz

What am I missing here - why would an ISP do such a stupid setup? Makes no sense, its not like they don't have plenty of addresses to work with..

What is the possible advantage to such a odd ball configuration.. Using a gateway outside of the network your in is not how networking is suppose to freaking work…

qtlnx

I am told this the way IPv6 can legitimately operate.
there is no problem setting up route manually in Linux on the same network:
https://clients.inceptionhosting.com/knowledgebase.php?action=displayarticle&id=8

The FreeBSD variant of Linux ip commnds

route add -inet6 -net prefix_48::/48 -interface vtnet0
route add -inet6 -prefixlen 0 default prefix_48::1

produces virtually the same routing table as DHCP6 (probably via routing advertisement) created one but there is no IPv6 connectivity.

Update: on Little Happy Cloud CentOS 6 static IPv6 configuration looks like:

Could anyone explain how to configure pfSense to achieve the same configuration?

IPv6 gateway address is outside of provided /64 subnet.

cat /etc/sysconfig/network-scripts/ifcfg-eth0