Rogers pfSense configuration
-
However, if I run a server on a network, DHCP6 would allow me to set a static address correct - this would make it easier to setup firewall rules?
With SLAAC, you can have 2 types of address, MAC based and random number "privacy" addresses. For a server, you'd configure the firewall and DNS for the MAC based address, as it's static. You may have to configure the server to have a MAC address. It's usually available in Linux, but with Windows you have to specifically enable it.
-
Yes. Though it is arguable that a static config on the server is no more work than setting up a static assignment. At least it's centralized in the DHCP server.
With SLAAC and MAC based addresses, there's no setup at all. It just works.
-
Yes. Though it is arguable that a static config on the server is no more work than setting up a static assignment. At least it's centralized in the DHCP server.
With SLAAC and MAC based addresses, there's no setup at all. It just works.
Except that static DHCP/DHCPv6 also includes hostname resolution in DNS forwarder/resolver, while SLAAC would require a DNS Entry that would need to be changed every time the prefix changes.
-
@virgiliomi:
Yes. Though it is arguable that a static config on the server is no more work than setting up a static assignment. At least it's centralized in the DHCP server.
With SLAAC and MAC based addresses, there's no setup at all. It just works.
Except that static DHCP/DHCPv6 also includes hostname resolution in DNS forwarder/resolver, while SLAAC would require a DNS Entry that would need to be changed every time the prefix changes.
Agreed about the hostnames. Also, it's not like it's difficult to enable dhcpv6. Since it's being used for dhcpv4, you may as well also use it for dhcpv6.
-
Yes. Though it is arguable that a static config on the server is no more work than setting up a static assignment. At least it's centralized in the DHCP server.
With SLAAC and MAC based addresses, there's no setup at all. It just works.
I know that. But change a NIC and you have to change all of that. Setting a static IP address on the server is probably easier over the long run. Or a push, like I said. It is pretty common practice to set static IP addresses in IPv4 for servers. Not really any need to change that.
-
If you're using DHCP, changing a NIC will require updating the server too, as the MAC address, which the server maps the address to, will change.
-
Not talking about using DHCP.
-
A bit of an update. When I started this thread, Rogers provided only a /64, but has been providing a /56 for quite some time. It appears they might now be offering a /48, as the DHCPv6 Prefix Delegation size on the WAN page now goes to /48, whereas it used to be /56. I haven't tried it yet, but someone else may be interested in trying a /48.
-
What you can select on the WAN page has nothing to do with what the ISP will or will not do.
You can set it to anything from /48 on down.
If you want to change it you probably need to copy out the DUID file to a safe place like /root so you can put it back if you need to, delete it, then change the prefix hint and save. Otherwise the ISP might ignore the prefix hint and give you your old delegation based on the DUID.
The DUID file is: /var/db/dhcp6c_duid
You might also need to clear it out of System > Advanced, Networking if you have saved it there (or change it there if you know what you are doing).
-
What you can select on the WAN page has nothing to do with what the ISP will or will not do.
You can set it to anything from /48 on down.
I don't recall ever seeing /48 before, though I could be mistaken. I'll give it a try later and see what happens.
-
What you can select on the WAN page has nothing to do with what the ISP will or will not do.
You can set it to anything from /48 on down.
My mistake. It appears you're right. I guess I'll just have to make do with a /56. ;)
-
Can anyone validate these settings still work? Trying to get IPV6 running on an XB6 Gateway in bridge mode running on PFSense 2.4 and no joy on getting the WAN interface to draw an IP. I've tried the settings above and various other combinations with no success.
-
@mjnr said in Rogers pfSense configuration:
Can anyone validate these settings still work? Trying to get IPV6 running on an XB6 Gateway in bridge mode running on PFSense 2.4 and no joy on getting the WAN interface to draw an IP. I've tried the settings above and various other combinations with no success.
Those settings are still good. Try connecting a computer directly to the modem, to see if that works. You should get an IPv6 address.
-
Use IPv4 connectivity as parent interface: yes
This can be set to no now. You no longer have to request over ipv4
-
@james2432 said in Rogers pfSense configuration:
Use IPv4 connectivity as parent interface: yes
This can be set to no now. You no longer have to request over ipv4
I thought that meant use the same interface as IPv4, not use IPv4 to get IPv6. A different connection can also be used for IPv6. For example, many use a tunnel to get IPv6, as I did for almost 6 years.
-
Use IPv4 Connectivity as Parent Interface:
When set, the IPv6 DHCP request is sent using IPv4 on this interface, rather than using native IPv6. This is only required in special cases when the ISP requires this type of configuration. -
I was just reviewing the earlier posts. I don't ever recall using that setting and I've had IPv6 via Rogers for 3 years.
-
@JKnott said in Rogers pfSense configuration:
I was just reviewing the earlier posts. I don't ever recall using that setting and I've had IPv6 via Rogers for 3 years.
Yeah Rogers can dhcp request over native ipv6 now, probably at the time of writing the guide the network engineer was correct as ipv6 wasnt wildly adopted
-
@mjnr said in Rogers pfSense configuration:
Can anyone validate these settings still work? Trying to get IPV6 running on an XB6 Gateway in bridge mode running on PFSense 2.4 and no joy on getting the WAN interface to draw an IP. I've tried the settings above and various other combinations with no success.
Did you figure this out? I'm having trouble with an XB7 getting IPv6.
With my previous Hitron modem, I dont' recall having this much trouble getting IPv6 configured.
-
I'm still using those settings with the Ignite modem, whatever that model is.
Maybe if you post the settings you're using and what's happening.
