IPV6 - pfsense behind BT Hub

Jid

@stephenw10

Thanks ,Stv unfortunateley no device is currently connected to LANof BT hub ,apart from Pfsense.

Jid

@Jid
Tried DHCPv6 now getting this fdaa:bbcc:ddee: ?
For the LAN side what should it ? Statics? with DHCPv6 active?

stephenw10

I expect dhcpv6 to pull an routable v6 IP from a /64 withing the /56 BT are delegating to you.

I think you probably need to confirm a laptop connected to the Hub is getting that before going further here.

Steve

Jid

@stephenw10

BT Hub IPv6 status:
Enabled

IPv6 network status:
Enabled

IPv6 WAN details
Global unicast address:
2a00:xxxx:xxxx:x801:86a1:d1ff:fea1:f0dd

Global unicast prefix/length:
2a00:xxxx:xxxx:x801::/64

Link local address:
fe80::86a1:d1ff:fea1:f0dd

Remote link local address:
fe80::1e6a:7aff:fe68:f00

DNS:
Not available

IPv6 LAN details
Global unicast address:
2a00:xxxx:xxxx:x800:86a1:d1ff:fea1:f0df

ULA prefix / length:
fdaa:bbcc:ddee::/64

Link local address:
fe80::86a1:d1ff:fea1:f0df

Pfsense Status:
WAN : fdaa:bbcc:ddee:0:215:5dff:feb8:ea10 9 (DhcpV6)
LAN: 2a00:xxxx:xxxx:x802:87a1:d1ff:fea1:1000 /64 (Static)
Dhcpv6 server (enabled)
Range: 2a00:xxxx:xxxx:x802::100 to 2a00:xxxx:xxxx:x802::250 (PC are getting this range)
RA: RouterMOde Assisted.
Priority Normal
DNS Config. : 2001:4860:4860::8888

Is any thing unusual here?

Jid

@stephenw10

Thanks will try this later as its remote site .

Jid

@Jid
Just looked further on the BT Hub(under connected devices) and saw this :

GUA (Permanent)
2a00:xxxx:xxxx:x800:215:5dff:feb8:ea10
DHCP
ULA
fdaa:bbcc:ddee:0:215:5dff:feb8:ea10
Assigned by device
Link local address
fe80::215:5dff:feb8:ea10
Assigned by device
SO the Pfsense is Actually getting ipv6 in the Right Prefix via Dhcp from HUb ,HOWEVER its prefers the link-local on the WAN interface.

JKnott

@Jid said in IPV6 - pfsense behind BT Hub:

@JKnott
"With it in gateway mode, only devices connected directly to it will get an address". That is the case here .
The Probem is HOW do I get Devices on LAN side of Pfsense(connected directly to BT hub) to be able to route out in ipv6.

You don't. You're likely only getting a singe /64 from the modem. You can't take it further. You have to get the modem in bridge mode to do what you want.

JKnott

@Jid said in IPV6 - pfsense behind BT Hub:

fdaa:bbcc:ddee:0:215: is that good.

That would be a Unique Local Address, the IPv6 equivalent of IPv4 RFC 1918 addresses. It is not usable for accessing the Internet.

JKnott

@JKnott said in IPV6 - pfsense behind BT Hub:

@Jid said in IPV6 - pfsense behind BT Hub:

@JKnott
"With it in gateway mode, only devices connected directly to it will get an address". That is the case here .
The Probem is HOW do I get Devices on LAN side of Pfsense(connected directly to BT hub) to be able to route out in ipv6.

You don't. You're likely only getting a singe /64 from the modem. You can't take it further. You have to get the modem in bridge mode to do what you want.

I just did a quick search and came across this about putting your modem into bridge mode. This is what you have to do.

stephenw10

If you don't have reason not to have it in bridge mode then just do that and win. But there were some odd static v4 issues you may hit of you have a number of IPv4 addresses in a subnet they route to you.

Jid

@JKnott
Thanks
But got a /56 from BT ,i thought i could break this down into further /64 ,use one on the WAN to (same subnet as BT Lan range ,and use another in the Pfsense LAN?

JKnott

@Jid said in IPV6 - pfsense behind BT Hub:

@JKnott
Thanks
But got a /56 from BT ,i thought i could break this down into further /64 ,use one on the WAN to (same subnet as BT Lan range ,and use another in the Pfsense LAN?

That would required configuring that hub in a way that wasn't intended, so you're not likely to have much luck. while BTprovides up to a /56, in gateway mode, you only get a single /64 and there's nothing pfSense can do with that, other than act as a straigth through firewall. It's the same situation as I have hear. I have a modem from my ISP, which I have in bridge mode. It passes the full /56 to pfSense, which I can then split into 256 /64s. If my modem was in gateway mode, I would only get a singe /64. In gateway mode, it won't even provide IPv6 on the guest WiFi.

Bottom line, put it into bridge mode and pfSense will do what you want.

JKnott

@stephenw10 said in IPV6 - pfsense behind BT Hub:

If you don't have reason not to have it in bridge mode then just do that and win. But there were some odd static v4 issues you may hit of you have a number of IPv4 addresses in a subnet they route to you.

In gateway mode, it's likely providing NAT to a single address.

stephenw10

It's been a while but the Business Hub was BTs device they gave you if you ordered a subnet of static IPv4s as well as some other "business" features. But I think it used a numberless PPP connection or something similar to give you the entire subnet on the LAN which pfSense cannot replicate.
That may have changed, it was a few years ago I hit that.

Steve