pfsense 2.4.4p3 - IPv6 on bridged interfaces not working...
-
i'm replicating your config on my virtual machine, i have the same behavior.
ipv4 work on all interface, ipv6 only on LAN -
i get an adress if i configure a /64 but dhcpv6 still not working idk if it's a bug or what
-
@kiokoman exactly. Only slac works and only for /64 prefixes (which is obvious) DHCPv6 works only on first interface of the bridge
-
i can't find a way out ...
what i found with packet capture is that there is no answer from dhcp
from console i use struss against the running dhcp. it see request coming from dhclient -4 but it see nothing coming from dhclient -6 -
@kiokoman when you assign shorter network for each one of the interfaces from the bridge it will work. But will work randomly. This is apparently a bug but...
-
Interfaces get a /64. Anything else is nonsense.
-
yes, well i was testing with prefix set to /64 for the interface but i don't understand why dhcpv6 is unreacheable
-
Yes, despite the prefix set (/64 or any else) DHCPv6 doesn't work over bundled interfaces. It should normally as it does for DHCPv4. I have floating rule allowing all traffic in the lan area so it is no issue either here...
BTW, shorter prefixes are used widely in the enterprises, this is not nonsense.
-
@tomeq82 said in pfsense 2.4.4p3 - IPv6 on bridged interfaces not working...:
BTW, shorter prefixes are used widely in the enterprises, this is not nonsense.
Not on the LAN, where /64 must be used. The shorter prefixes are split by routers, eventually winding up at /64s. For example, I get a /56 from my ISP, which I can split up into 256 /64s. I could, if needed, spit it into other prefixes, for routing elsewhere, before getting to the /64s.
-
@JKnott Correct, nevertheless - in this scenario it doesn't really matter. /64 is not hard limit in any kind (only if you use SLAAC it is "must")
-
@tomeq82 said in pfsense 2.4.4p3 - IPv6 on bridged interfaces not working...:
@JKnott Correct, nevertheless - in this scenario it doesn't really matter. /64 is not hard limit in any kind (only if you use SLAAC it is "must")
From RFC4291
" For all unicast addresses, except those that start with the binary
value 000, Interface IDs are required to be 64 bits long and to be
constructed in Modified EUI-64 format." -
@tomeq82 well aware that interfaces may be set to prefixes longer than /64 in certain router-to-router links, etc. That is not what is being discussed here. Interfaces with hosts on them need to be /64.
-
-
-