Static IPv6 setup
-
Try one or both of these:
- Traceroute from a LAN client to 2001:XXXX:XXXX:900::1
- Goto the top menu Diagnostics --> Routes.
Screenshot just the section "IPv6 Routes".
You should see:
Destination -- Gateway
default -- 2001:XXXX:XXXX:900::1
2001:XXXX:XXXX:900::1 -- link##
2001:XXXX:XXXX:900::2 -- link##
2001:XXXX:XXXX:901::1 -- link##
2001:XXXX:XXXX:901::/64 -- link##ignore the fe80:: stuff
Keep in mind that /64 would make the WAN & LAN subnets separated properly, but a /56 would not.
2001abcd:900::1/56 is
Start Range: 2001abcd:900:0:0:0:0
End Range: 2001abcd:9ff:ffff:ffff:ffff:ffff -
am having same problem
i have BT statis ip address
network address: 2a00:2323:ffaa::/64
gateway 2a00:2323:ffaa::1WAN
ip: 2a00:2323:ffaa::5/64LAN
ip: 2a00:2323:ffaa:1000::/56ping
WAN to GW - OK
WAN to google - OKLAN to WAN - OK
LAN to GW - FAIL
LAN to google - FAILsystem > advanced > networking > ipv6 enabled
FIREWAL > WAN ipv6 *** pass
FIREWAL > LAN ipv6 *** passplease can you help? what am i missing?
-
For everyone having routing problems with IPv6, be sure you setup the router under:
http://firewall/services_router_advertisements.php?if=lanRouter Mode should be "Managed"
Managed - Will advertise this router with all configuration through a DHCPv6 server.That's the only way I've gotten it to work correctly.
-
"Managed" is not the only "correct" setting. It is only needed/used IF you want to disable SLAAC and tell the client to ONLY use DHCPv6, of which you need to also have DHCPv6 correctly configured on that interface.
In fact most deployments especially in residential will/should use unmanaged (DNS provided via RDNSS only), or stateless DHCP, this allows SLAAC addressing and RDNSS (provides DNS servers for devices supporting RDNSS) AND allows devices that only support DNS via Stateless DHCP to get DNS servers and such from DHCPv6 (Older Windows versions, including early Win10)
In fact a setting of Managed will not allow some/many device to get an IPv6 address at all as not all support DHCPv6, Android being the biggest ones.
If unmanaged is not working then double check all settings on the screen, also confirm the systems are getting DNS servers even if they are only IPv4 (provided they have IPv4 connectivity)
-
I don't know enough about DHCPv6 to know what the correct setting in every deployment scenario. Based on the OP and others' comments, I provided the only setting that worked for me in my deployment.
Can you please make a suggestion to @rhyde on what settings to change?
-
This post is deleted! -
Hey guys I finally had some breakthrough with this. Please note that the below config is if you want to have dual stack support.
Here is what ultimately worked:
Put the LAN and WAN in Bridge Mode
WAN interface config:
LAN interface config:
DHCPv6 & RA config:
DHCP config:
WAN firewall rules:
LAN firewall rules:
Let me know if you guys have any thoughts or suggestions to this config. I am open to whatever. There could be some issues with it but at least it works. :)
-
@rhyde said in Static IPv6 setup:
Let me know if you guys have any thoughts or suggestions to this config. I am open to whatever. There could be some issues with it but at least it works. :)
What does the ISP say you should be using? If they're expecting you to use DHCPv6-PD and you use a static config, you may find you have problems, even if it working at the moment.
-
@jknott the ISP is giving a static IP only. This is business grade internet, not residential.
-
I cannot imagine that a bridge like that is necessary.
That is really ugly.
They should route the /56 to an address on the WAN interface. That address can be obtained in multiple different ways. It can even be link-local. It is really up to them to tell you, in general terms, how to provision your router interface. For anyone else it would just be a guessing game.
This is an example of instructions for a static /48 from a popular IPv6 transit + colo provider:
IPv6 2001:xx:x:xx::/64 ::1 is ISP ::2 is Customer They route 2001:xxx:xxx::/48 to 2001:xx:x:xx::2
It's as simple as that. Interface network + routed subnet.
In that case you would set pfSense WAN to Static 2001:xx:x:xx::2/64 with a gateway of 2001:xx:x:xx::1 and use 2001:xxx:xxx::/48 on the inside however you want.