IPv6 duid

admins

Hi all
I need to set the DUID fix in pfsense. So my isp is setting the ipv6 prefix static to a duid.
How could I set it and how could I check if pfsense is correctly set it?

thx
admins

NogBadTheBad

System -> Advanced -> Networking ->IPv6 Options

Try a packet capture on the WAN interface

JKnott

@admins said in IPv6 duid:

Hi all
I need to set the DUID fix in pfsense. So my isp is setting the ipv6 prefix static to a duid.
How could I set it and how could I check if pfsense is correctly set it?

thx
admins

Is the ISP saying you have to provide a DUID??? Normally, it's generated automatically by your system and used by DHCPv6-PD to identify your network. It shouldn't require any involvement by you.

admins

Hi
I should provide it and the duid should not change after a reboot.

admins

JKnott

@admins said in IPv6 duid:

Hi
I should provide it and the duid should not change after a reboot.

I must be missing something. The DUID should be created and used automatically. There is also a setting "Do not allow PD/Address release" on the WAN page that should be selected. With that, you don't have to do anything else, as it just works. So, what is it that you think you're missing?

Derelict

System > Advanced, Networking

admins

@Derelict
Hi Derelict

My settings in advanced Networking following setting:
DHCP6 DUID: Raw DUID: As stored in DUID file or seen in firewall logs
DUID: 0e:00:00:01:00:01:23:e2:27:2c:ac:1f:6b:69:dd:9e

May it's not the same:
od -h /var/db/dhcp6c_duid
0000000 000e 0100 0100 e223 2c27 1fac 696b 9edd
0000020

I need to have a fix DUID because my provider is setting in his dhcp fix my duid. If my duid change
I don't receive the prefix.

How could I fix the configuration.

Thx
admins

Derelict

Very possible that od is just encoding it that way. Looks like some sort of byte order thing. Note that each pair of bytes is the same but reversed.

Enable the extended logging in the DHCP6 client on the WAN interface then look at Status > System Logs, DHCP and filter on command dhcp6c. You will see the DHCP DUID being sent logged there.

Send those logs to the ISP if the DUID appears correct.

admins

@Derelict
I've requested the logs. I've set the duid now in the configuration:

<global-v6duid> 0e:00:00:01:00:01:23:e2:27:2c:ac:1f:6b:69:dd:9e</global-v6duid>
<ipv6allow/>

May the interface advanced networking shows duid-llt: Based on Link-layer Address Plus Time.

Whats wrong?
Thx
admins

Derelict

@admins said in IPv6 duid:

0e:00:00:01:00:01:23:e2:27:2c:ac:1f:6b:69:dd:9e

That looks like it matches what you originally posted.

What really matters is what is being sent in the DHCP logs. That is what the ISP will see.

Looks like you have an extraneous space in there. The way to set that is using the web interface as described above. Please don't take this as condescending but don't over-think this. It works fine.

It is impossible to say what is wrong. We have no ideas what specific instructions your ISP is insisting you perform. These questions are really better suited at them then give us EXACTLY what they are telling you to do. then, if possible, make pfSense do that. Else it is just guessing.