Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Set up mixed IPv4 and IPv6 traffic?

    Scheduled Pinned Locked Moved General pfSense Questions
    26 Posts 3 Posters 3.3k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P Offline
      pfguy2018
      last edited by

      To date, I have only ever set up IPv4 networks, and IPv6 is disabled completely on my pfSense hardware and all switches in my network. I am contemplating a switch to an IPTV system that apparently requires the use of IPv6, even when the ISP-supplied router is in bridge mode (which would be my preference, as it always has). My notion is that I would have the TV traffic on one of my vlans (would likely be wired and wireless), which is currently IPv4 only. Is there a way to set things up so that all vlans except one are IPv4 only, with the remaining vlan being IPv4/IPv6? I suppose that all my switches/access points must be capable of dealing with IPv6 traffic in order to handle that? Any guidance appreciated (and sorry if this is a really elementary question - I have managed to completely ignore IPv6 to date).

      stephenw10S JKnottJ 2 Replies Last reply Reply Quote 0
      • stephenw10S Online
        stephenw10 Netgate Administrator @pfguy2018
        last edited by

        Sure, you would only have v6 available on the interfaces you assign a v6 prefix to. That's not an issue.

        More of an issue is likely to be how the IPTV is delivered. You have set-top boxes to stream it?
        It requires mutlicast etc?

        Steve

        P JKnottJ 2 Replies Last reply Reply Quote 0
        • P Offline
          pfguy2018 @stephenw10
          last edited by

          @stephenw10
          I am not sure what the underlying delivery mechanism is. It is Rogers Ignite TV, which I understand is based on Comcast's system. I am told that the set top boxes can connect to one's own wifi access points even if the router is in bridge mode, but I don't know what things have to be in place to allow this to happen. It would be great if the system would fall back to IPV4 in that scenario, but I can't seem to find reliable information about this, and the ISP does not provide support if the gateway function is disabled in favor of bridge mode.

          stephenw10S JKnottJ 2 Replies Last reply Reply Quote 0
          • stephenw10S Online
            stephenw10 Netgate Administrator @pfguy2018
            last edited by

            It looks to be pretty much explained here:
            https://communityforums.rogers.com/t5/Ignite-TV/Using-the-Ignite-TV-Modem-Gateway-in-Bridge-Mode/m-p/460414#M6643

            And in the linked IPv6 page here:
            https://communityforums.rogers.com/t5/Internet/Rogers-IPv6-Status/m-p/373238/highlight/true#M36710
            Which even has a set of pfSense settings to use.

            It doesn't look like anything special is required at all beyond having IPv6.
            I also note the very first response on that IPv6 page is from a certain @JKnott. Could be a coincidence but.... ๐Ÿ˜‰

            You may want to request a larger prefix delegation than /64 though if Rogers will provide one. Each internal subnet you want to have IPv6 will need a /64 to use.

            Steve

            P 1 Reply Last reply Reply Quote 0
            • P Offline
              pfguy2018 @stephenw10
              last edited by

              Thank you so much - very helpful links. I will bookmark those in case I decide to proceed with this change to my cable.

              1 Reply Last reply Reply Quote 0
              • JKnottJ Offline
                JKnott @pfguy2018
                last edited by

                @pfguy2018 said in Set up mixed IPv4 and IPv6 traffic?:

                Is there a way to set things up so that all vlans except one are IPv4 only, with the remaining vlan being IPv4/IPv6?

                You can enable IPv6 on a per network basis, but why would you want to? IPv6 is the future and you should be moving to it.

                PfSense running on Qotom mini PC
                i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
                UniFi AC-Lite access point

                I haven't lost my mind. It's around here...somewhere...

                1 Reply Last reply Reply Quote 0
                • JKnottJ Offline
                  JKnott @stephenw10
                  last edited by

                  @stephenw10 said in Set up mixed IPv4 and IPv6 traffic?:

                  More of an issue is likely to be how the IPTV is delivered. You have set-top boxes to stream it?
                  It requires mutlicast etc?

                  I took a look at mine (Rogers) and it appears to be IPv6 TCP only. I also thought it would be multicast

                  PfSense running on Qotom mini PC
                  i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
                  UniFi AC-Lite access point

                  I haven't lost my mind. It's around here...somewhere...

                  1 Reply Last reply Reply Quote 0
                  • JKnottJ Offline
                    JKnott @pfguy2018
                    last edited by

                    @pfguy2018 said in Set up mixed IPv4 and IPv6 traffic?:

                    I am told that the set top boxes can connect to one's own wifi access points even if the router is in bridge mode, but I don't know what things have to be in place to allow this to happen.

                    I have mine connected via Ethernet, as I already had it at every point I have a TV.

                    PfSense running on Qotom mini PC
                    i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
                    UniFi AC-Lite access point

                    I haven't lost my mind. It's around here...somewhere...

                    P 1 Reply Last reply Reply Quote 0
                    • P Offline
                      pfguy2018 @JKnott
                      last edited by

                      @jknott said in Set up mixed IPv4 and IPv6 traffic?:

                      I have mine connected via Ethernet, as I already had it at every point I have a TV.

                      Is your ethernet connection to an IPV4 network, or IPV6?

                      JKnottJ 1 Reply Last reply Reply Quote 0
                      • JKnottJ Offline
                        JKnott @pfguy2018
                        last edited by JKnott

                        @pfguy2018 said in Set up mixed IPv4 and IPv6 traffic?:

                        Is your ethernet connection to an IPV4 network, or IPV6?

                        Both. I've been running IPv6 for almost 11 years and 5 of those as provided by Rogers. My entire network is dual stack and everything that supports IPv6 uses it. However, for a while, my guest WiFi was IPv4 only, due to my TP-Link AP not handling VLANs properly. So, my Rogers TV boxes are connected to my main LAN, where they work fine.

                        BTW, what sort of bandwidth are you getting from Rogers. I have 500/10 and a friend on Bell fibre gets 500/500. I suspect the increase in bandwidth has something to do with IPTV, though I don't know what.

                        PfSense running on Qotom mini PC
                        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
                        UniFi AC-Lite access point

                        I haven't lost my mind. It's around here...somewhere...

                        P 1 Reply Last reply Reply Quote 0
                        • P Offline
                          pfguy2018 @JKnott
                          last edited by

                          @jknott
                          I am on 1000/30 with Rogers, and I do actually get that bandwidth. I have not taken the plunge on Ignite yet. Before I can do so, I would have to swap out my switches and access points to ensure that IPv6 can be used. I am getting a headache just thinking about it.

                          stephenw10S JKnottJ 2 Replies Last reply Reply Quote 0
                          • stephenw10S Online
                            stephenw10 Netgate Administrator @pfguy2018
                            last edited by

                            Switches and APs should not see or care about IPv6 other than their own management, which doesn't have to be v6. They are layer 2 devices (mostly ๐Ÿ˜‰ )

                            Steve

                            P 1 Reply Last reply Reply Quote 0
                            • P Offline
                              pfguy2018 @stephenw10
                              last edited by

                              @stephenw10
                              Looks like I have a lot to learn about this. How can a switch or access point pass IPv6 traffic if it only has IPv4 in all its settings?

                              stephenw10S 1 Reply Last reply Reply Quote 0
                              • stephenw10S Online
                                stephenw10 Netgate Administrator @pfguy2018
                                last edited by

                                Because settings on a (layer2) switch or access point that include any sort of IP would only apply to the management interface.
                                You could connect two Ethernet cables through a switch and pass, for example, 50 IPv4 subnets between them. The switch may only have an IP for management in one of them but still passes all subnets, it doesn't care what the IPv4 traffic is.
                                In fact it will pass anything at layer 2, doesn't have to be IP at all could be IPX or Appletalk.
                                So it will pass IPv6.
                                https://en.wikipedia.org/wiki/List_of_network_protocols_(OSI_model)#Layer_3_(Network_Layer)

                                Steve

                                1 Reply Last reply Reply Quote 0
                                • JKnottJ Offline
                                  JKnott @pfguy2018
                                  last edited by JKnott

                                  @pfguy2018

                                  Switches and access points should have no problem at all with IPv6, as they are supposed to pass all Ethernet frames. Many years ago, switches were used to pass IPX and many other frame types. The only thing is some gear might be IPv4 only on the management interface. As I mentioned, I've been running IPv6 for almost 11 years. The only thing that absolutely has to hand IPv6 is the router and pfsense does that very well.

                                  PfSense running on Qotom mini PC
                                  i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
                                  UniFi AC-Lite access point

                                  I haven't lost my mind. It's around here...somewhere...

                                  P 1 Reply Last reply Reply Quote 1
                                  • P Offline
                                    pfguy2018 @JKnott
                                    last edited by

                                    @jknott @stephenw10
                                    Like I said, I guess I have a lot to learn. I am still not clear on how vlans work with IPv6 if the switch/APs don't see IPv6 (how does the equipment know which vlan to place the traffic in? Just based on the tag? Does the tag work with both v4 and v6?). I will have to do some reading/learning about this.

                                    JKnottJ 1 Reply Last reply Reply Quote 0
                                    • JKnottJ Offline
                                      JKnott @pfguy2018
                                      last edited by

                                      @pfguy2018

                                      They work exactly as they do with IPv4. You're confusing layers. Ethernet is layer 2 and IP, both 4 & 6 (and IPX) are layer 3. VLANs are an extension of Ethernet and so belong at layer 2 (some say 2.5). In every Ethernet frame, the first significant bytes are the 2 in the Ethertype/Length field. This is what determines what the frame contains. If it is 1500 or below, it is an 802.3 frame and the value refers to the payload size. Otherwise, it's a DIX II frame and the number refers to the data type, including IPv4, IPv6 and much more. So, normally a frame would have the Ethertype for IPv4 or IPv6. But if it's for a VLAN, it would have the Ethertype for VLANs, followed by 2 bytes for the VLAN ID and then followed by the original IP Ethertype, etc. So, for a VLAN, there are 4 bytes added, which the switch uses to sort according to VLAN.

                                      PfSense running on Qotom mini PC
                                      i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
                                      UniFi AC-Lite access point

                                      I haven't lost my mind. It's around here...somewhere...

                                      P 1 Reply Last reply Reply Quote 0
                                      • P Offline
                                        pfguy2018 @JKnott
                                        last edited by

                                        @jknott
                                        Thank you for the extremely detailed explanation. I am going to read and re-read that a few times until I grasp all the concepts you outlined. I think what you are saying though is that if pfSense passes IPv6 traffic on to a vlan, it will stay on that vlan throughout my networking equipment (switches, APs) even if that equipment does not explicitly have settings for IPv6?

                                        JKnottJ 1 Reply Last reply Reply Quote 0
                                        • JKnottJ Offline
                                          JKnott @pfguy2018
                                          last edited by

                                          @pfguy2018 said in Set up mixed IPv4 and IPv6 traffic?:

                                          I think what you are saying though is that if pfSense passes IPv6 traffic on to a vlan, it will stay on that vlan throughout my networking equipment (switches, APs) even if that equipment does not explicitly have settings for IPv6?

                                          Yep. As mentioned above, the only equipment where that would be a factor is routers. Switches and APs are transparent to the layer 3 packet type.

                                          PfSense running on Qotom mini PC
                                          i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel 1 Gb Ethernet ports.
                                          UniFi AC-Lite access point

                                          I haven't lost my mind. It's around here...somewhere...

                                          P 1 Reply Last reply Reply Quote 0
                                          • P Offline
                                            pfguy2018 @JKnott
                                            last edited by

                                            @jknott
                                            So as long as pfSense is set up to accept and process IPV6, I don't need to change anything in my switches or APs or vlans? Whichever vlan the cable boxes get added to (either by ethernet connection to an untagged port belonging to the desired vlan on a switch or by joining a wireless network associated with that vlan), things will just work?

                                            JKnottJ 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.