How do I create a Static IPv6 address
-
@nogbadthebad I have DHCP6 on WAN, and I have assigned a static IPv6 address only LAN.
In my DHCPv6 Server & RA LAN DHCPv6 Server, I have setup a range,
Then i go to DHCPv6 leases, and I see it has generated addresses..
And I (+) to set this address as static.. but doesn't seem to assign, when I to a reboot.. or come back a day later.. -
Go to the Status -> DHCPv6 Leases Table does the DUID differ to the entry in the static ?
Are the devices Andriod ?
-
@nogbadthebad Yes the DUID does differ
eg
00:01:00:01:1e:c1:15:1f:bc:6c:21:16:3c:e1
00:01:00:01:22:ea:11:47:bc:6c:21:16:3c:e1 -
It's a client issue if the DUID differs.
Out of interest what are the devices ?
-
@nogbadthebad xbox and mac, pc
-
I have several Macs and the DUID doesn't change, I always have consistent IPv6 addresses post pfSense reboot / Mac reboot.
mac-mini:~ andy$ sudo plutil -p /var/db/dhcpclient/DUID_IA.plist
Password:
{
"DUID" => <00010001 20e52264 a8206610 fcb7>
"HostUUID" => <f8f0911a 6b7e59fa a6f50479 e7a70753>
"IAIDList" => [
0 => "en0"
1 => "vlan0"
2 => "vlan1"
3 => "vlan2"
]
}
mac-mini:~ andyk$00:01:00:01:20:e5:22:64:a8:20:66:10:fc:b7 << my mac-mini DUID from the lease page.
-
One thing to bear in mind, with IPv6 you generally have multiple addresses. With SLAAC, the method commonly used to assign addresses, you will likely have one address, based on the MAC address, which does not change and one or more privacy addresses that change frequently. You'd use the MAC based address when you want to connect to that device and the privacy address for outgoing connections.
-
@jknott said in How do I create a Static IPv6 address:
One thing to bear in mind, with IPv6 you generally have multiple addresses. With SLAAC, the method commonly used to assign addresses, you will likely have one address, based on the MAC address, which does not change and one or more privacy addresses that change frequently. You'd use the MAC based address when you want to connect to that device and the privacy address for outgoing connections.
Indeed:-
mac-mini:~ andy$ ifconfig en0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=10b<RXCSUM,TXCSUM,VLAN_HWTAGGING,AV>
ether a8:20:66:10:fc:b7
inet6 fe80::188e:a68d:917f:ffa3%en0 prefixlen 64 secured scopeid 0x7
inet 172.16.1.23 netmask 0xffffff00 broadcast 172.16.1.255
inet6 2a02:xxxx:xxxx:xxxx::17 prefixlen 64 dynamic
nd6 options=201<PERFORMNUD,DAD>
media: autoselect (1000baseT <full-duplex,energy-efficient-ethernet>)
status: active
mac-mini:~ andy$ -
@nogbadthebad said in How do I create a Static IPv6 address:
Indeed:-
Not quite. I see a dynamic address, which I assume is a privacy address and a link local. Don't confuse link local with a MAC based global address. They're both based on the MAC address, but link local addresses are irrelevant beyond the local LAN. On my computer, when I first start it, I have, in addition to the link local, one MAC based global address and one privacy address, which is based on a random number. A new privacy address is created every day and added to the list, with those older than 7 days being deleted. An outgoing connection will use the most recent privacy address and the others remain valid, to support connections that existed prior to the latest address being created. I don't know much about Apple computers, but on Linux and Windows, it's possible to configure for whether MAC or privacy addresses are created or both. Based on what you posted, I suspect MAC based addresses are not enabled.
-
Right.
If you use SLAAC the host should establish a "permanent" address based on the MAC address but randomly generate temporary addresses.
In general the "permanent" address can be used for connections to the host, while the random address is used for connections from the host.
This is all controlled by settings on the host itself, not the routers or firewalls.
