On LAN no temporarily IPv6 address.
-
I don't even think another solicit needs to go out. In fact I believe there are rules against clients sending gratuitous router solicitations unless certain events occur (like link down-to-up). The client knows what prefix it is on already. All it does is slaac another address. There will be periodic RAs anyway.
The client has to be receiving RAs if anything is working because the "gateway" is not configured by DHCPv6. It is obtained from the RAs.
As long as the LAN is set to unmanaged or assisted there is nothing left to do on the firewall. It is 100% up to the client.
-
@Derelict said in On LAN no temporarily IPv6 address.:
s not configured by DHCPv6. It is obtained from the RAs.
Very true... My guess is he has privacy turned off on this client. As you can see it only takes a minute or two to flip between these modes, etc.
-
Below you can see that I get an IPv6 address from the router. And that privacy is turned on.
-
Did you just enable that - or was it already like that? If you just enabled you will need to bounce the box, or disable/enable ipv6 on the interface..
So look to your RA, do packet capture on pfsense for that interface, icmp6 only - you will see the RAs Validate that the auto flag is set.. Your prefix is using /64 right??
Just open your packet capture with wireshark for example
As long as the Auto flag is set in your RA, and your prefix is not wonky - ie something other than /64 then that is all on your client.
edit: Here I just changed radvd back to managed vs assisted - and you see no Auto Flag in the prefix info of the RA
-
This is what I get:
-
Strange it works now but I don't understand anymore :-(
I have disabled the DHCPv6 server. And on the WAN port under DHCP6 Client Configuration I have adjusted DHCPv6 Prefix Delegation size to 62. And now it works....
-
@ColinDexter << LOL a Morse fan perchance ?
-
62 prefix is borked that is for sure. /64 is what your interface should have on it
-
I have been testing past time. But don't get it working the way it should be. If I put DHCPv6 Prefix Delegation size back to 64 on the WAN interface and enable DHCPv6 Server I only get a fixed IPv6 address again. Still not the temporary :-(
And it should not be that difficult in my opinion. But probably I have a setting somewhere not right.
-
prefix delegation size 48 ?
shouldn't it be /64 ?
IPv6 subnets must really be a /64 for stateless autoconfiguration to work afaik -
@kiokoman said in On LAN no temporarily IPv6 address.:
IPv6 subnets must really be a /64 for stateless autoconfiguration to work afaik
Exactly!!!
IPv6 is not all that difficult - its just "different" then how stuff works in ipv4... I suggest you go get your cert over at hurricane electric.. The research required to answer the questions on the tests will walk you thru learning what you need to know. And when you finish and get sage level they will send you a FREE tshirt!
-
this one?
̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
Please do not use chat/PM to ask for help
we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
Don't forget to Upvote with the 👍 button for any post you find to be helpful. -
This value was still there from testing. It makes no difference if I put /64 there. If I enter there /64 I still don't get a temporary IPv6 address.
Could this be because I use a bridge?
[Edit]
I have now found the solution. Below the settings with which it now works
-
Check that box.
Edit/Save WAN
Look at Status > System Logs, DHCP
Filter on command
dhcp6cLook at the prefix delegation you are actually getting.
What does your ISP say you should be getting? /64, /60, /56, /48?
Make the request match. You will probably need to change the DUID (**System > Advanced, Networking) to get a new delegation. I would save what's there then increment the last digit to make changes. Your ISP might also have some sort of rate-limiting in place on leases/delegations. You'll need to talk to them about it if it doesn't work. But the settings on the DHCP6 WAN client page need to match the delegation you actually receive.
The Prefix Delegation size in the DHCP6 Server page does not matter unless you set the PD range there. That does not have anything to do with the DHCP6 server giving addresses in the interface's /64 prefix. That is for delegating prefixes to downstream routers (like your ISP is doing for you).
-
@kiokoman said in On LAN no temporarily IPv6 address.:
this one?
Yup! That looks pretty fresh - mines showing its age.. But got mine back in 2011 ;)
-
Hi Derelict,
Thanks for the answer. I get a / 64 from my ISP and that is also true when I look in the log you mention. And after I have set these check boxes mention above it is working :-)
