IPv6 prefix delegation size (/56) vs available range
-
@lifespeed said in IPv6 prefix delegation size (/56) vs available range:
Didn't work. Do I need to add three more colons to the IPv6 range so that the 0-f range is the least significant bits?
:: always represents a string of "0" necessary to fill out 128 bits. You can use it once and only once in an address. For example, ::1 is the IPv6 loop back address. That's 127 0 bits and a single 1.
-
@pfadmin said in IPv6 prefix delegation size (/56) vs available range:
The config in DHCPv6 is for delegating behind a second router.
There are 2 ways to automagically assign host addresses in IPv6, SLAAC and DHCPv6. pfSense provides both. If there were another router behind the first, then pfSense would have to support DHCPv6-PD on the LAN side as a server, but it doesn't.
Yes, the modem has to be in bridge mode, not gateway.
-
@JKnott said in IPv6 prefix delegation size (/56) vs available range:
t DHCPv6-PD on the LAN side as a server, but it doesn't.
Maybe it does'nt, but under DHCPv6 Server, the field which is filled with "60", this is for sub networks as it is discribed below "...This allows for assigning networks to subrouters..." So it has nothing to do directly with the /56 or /48 from ISP. It has to be only "within". So I missunderstood your discussion or you talk about the wrong options. The Prefix ID is in "Interface", not DHCPv6 Server. @livespeed you show it in your pictures. first you have /56 in "Prefix delegation Size" and then you have "/60". This is not the right place because this is for subnets you don't have. The right place is in Interfaces/LAN, there is a free choice between "0" to "ff" if you got a Prefix of /56 from your ISP. In DHCPv6 Server take ::1000 to ::3000 or so. Under Router Advertisements use assisted for DHCPv6 and SLAAC
-
@pfadmin said in IPv6 prefix delegation size (/56) vs available range:
Maybe it does'nt, but under DHCPv6 Server, the field which is filled with "60", this is for sub networks as it is discribed below "
This refers to the size of the prefix assigned by the ISP, just like with SLAAC. You can use any size up to whatever is provided. So, with a /56, you could configure for /60 or /63 or whatever, so long as it isn't a larger prefix than what's provided. On the LAN side, pfSense only hands out /64s. The prefix ID is used to select which of the available /64s is used. For example, I have a /56. That allows me up to 256 /64s. I use prefix ID 0 for my main LAN, 4 for a test LAN and ff for OpenVPN. I have also used others with a VLAN or assigning to a Cisco router I have here. If Comcast is only providing a /60, then @lifespeed has only 16 /64s to choose from.
Perhaps someone with Comcast experience can speak up. I'm on Rogers.
-
I am pretty sure Comcast gives out a /60. It sounds like for each LAN (currently I have only one, no VLANs) it must be /64. So this would be 16 possible ranges. So the range on the DHCPv6 Server page should be ::0 to ::f, with prefix delegation size /64? No, that doesn't make sense, /64 is a single prefix (not a single address)? Should Prefix Delegation Range be filled out?
Edit: I have a Netgear CM1000 DOCSIS 3.1 cable modem, it is not a router.
-
@lifespeed said in IPv6 prefix delegation size (/56) vs available range:
I am pretty sure Comcast gives out a /60. It sounds like for each LAN (currently I have only one, no VLANs) it must be /64. So this would be 16 possible ranges. So the range on the DHCPv6 Server page should be ::0 to ::f, with prefix delegation size /64? No, that doesn't make sense, /64 is a single prefix (not a single address)? Should Prefix Delegation Range be filled out?
The Prefix id is set at Interface Page from 0 to f, your resulting LAN Prefix (first 64 Bit) is xxxx:xxxx:xxxx:xxxx:xxx[0-f]:: Each LAN Interface gets a unique Number from 0 to f. Now at DHCPv6 Server Page you can give every LAN Interface a Range between ::0000:0000:0000:0000 to ::ffff:ffff:ffff:ffff for a /64 for example ::ffff:0000:ffff:0000 to ::ffff:0000:ffff:ffff or somthing like this. Nothing more. No Prefix delegation stuff, because this sends one part of the /60 prefix to a router in your network for the net behind it - which you dont have and JKnow said it doesn't work.
JKnow said it too, but I think your on different Options.
Again:
At Interfaces/LAN choose Track Interface as Type and then WAN as IPv6 Interface and then 0 as Prefix ID. At DHCPv6 Server options choose ::ffff:1000 to ::ffff:3000 thats it.
But maybe pfsense has a problem with /60 ? Anyone?
-
@lifespeed said in IPv6 prefix delegation size (/56) vs available range:
Comcast
https://blog.barclayhowe.com/16-ipv6-subnets-pfsense-and-comcast
there is a user who runs pfsense with comcast. On WAN use DHCP6 and Send IPv6 prefix hint and 60 as DHCPv6 Prefix. It should be the solution
-
@pfadmin thank you for the advice. I will try this tonight. Working from home today, so no need to monkey with the router during business hours.
-
If you have a /60, you indeed have 16 /64s to choose from. Which one you pick is entirely your decision. If you add a VLAN or another interface, then you'd choose another. You can keep doing this, until you've used all 16.
As I mentioned, I have 256 /64s. I don't use anywhere near that many.
-
@pfadmin said in IPv6 prefix delegation size (/56) vs available range:
At Interfaces/LAN choose Track Interface as Type and then WAN as IPv6 Interface and then 0 as Prefix ID. At DHCPv6 Server options choose ::ffff:1000 to ::ffff:3000 thats it.
Correctly specifying the range may have been where I got it wrong.
-
I reconfigured the DHCPv6 server address range as suggested. So far it seems to be more reliable at getting an IPv6 address from the cable modem after a reboot of pfSense, but only experience over a number of weeks will tell for sure.
I have noticed that pfSense boots up and receives an IPv4 address immediately. The IPv6 addresses for the WAN, LAN, and devices on the LAN take a good 3 - 4 minutes to appear. Which has confused me at times, but I do think this is the correct configuration.
I saw the prefix delegation option does not have a "not used" selection in the drop down menu, so there will always be a number there, in my case I left it at /48. I think without a prefix delegation range specified, it is unused.