IPv6 not working - WAN and LAN Interface getting an IP Adress, not any Client
-
I guess you don't have much experience with packet captures. When you do that, you generally specify what you're looking for. For example, I mentioned DHCPv6 on the WAN and ICMP6 on the LAN side. When you use Packet Capture, there are boxes where you say, for example, whether IPv4 or IPv6, protocol and more. Use those to provide only the needed info. For example, most of those 2 captures were IPv4, which is irrelevant to what your problem is. Here's a screen capture of the LAN side, which will capture only ICMP6:
And here is the WAN side. Notice I specified both IPv6 and the port number, though I probably didn't have to specify IPv6, as that port shouldn't be used for anything on IPv4:
It wasn't necessary to specify the addresses in either.
Once you have the capture, you can download it to your computer and post here.
-
@jknott Heyho,
like you mentioned, WAN can be tricky, the first try was without any captured Packages :(Here is the LAN Capture: I'll try the WAN capture ASAP
-
-
One thing I see right off is in the solicit, you're asking for a /60, but being offered a /59. We saw this recently with someone on Comcast, IIRC. On my system, I request and get a /56. I have no idea why you're getting that.
IA Prefix
Option: IA Prefix (26)
Length: 25
Value: ffffffffffffffff3c000000000000000000000000000000…
Preferred lifetime: infinity
Valid lifetime: infinity
Prefix length: 60
Prefix address: ::IA Prefix
Option: IA Prefix (26)
Length: 25
Value: 000934d100126f513b2a0209084c1239a000000000000000…
Preferred lifetime: 603345
Valid lifetime: 1208145
Prefix length: 59
Prefix address: 2a02:908:4c12:39a0::On the LAN side, I see your RAs are saying to use a /63, when it should always be a /64. This also happened with that guy on Comcast.
ICMPv6 Option (Prefix information : 2a02:908:4c12:39a0::/63)
Given the same thing is happening with 2 different ISPs, I wonder if there's a bug somewhere.
BTW, you don't have to ZIP the captures. Just download and paste the file is good enough.
-
Here's the Comcast thread, with a similar problem to yours.
-
@jknott Wow ... that is really interesting, especially now, that comcast is not an german based ISP and I got the same issues.
Which now makes me think: Is there a work around that I can reach out via IPv6, is should I even disable it? I'm even fine using NAT until it's sorted out
-
Aehm ... Wow, not I'm just blown away ...
I got now an IPv6 Connection
The "only" thing I changed in pfsense: Set WAN to /59 prefix, DHCPv6-PD to /63 prefix. That is ... Wow ...
Now my last question is: Do I need to setup my pihole with IPv6 too or is it enough to be reachable via IPv4?
-
The /59 & /63 prefixes indicate there's still a problem somewhere.
-
@jknott That's true ... Still suprised that I'm now connectable
-
My concern is that /63. The LAN side prefix is supposed to be /64 for SLAAC to work properly. I don't know what will happen with the wrong prefix.
-
@jknott Hmm, okay. Well every VM in my network is configured to use SLAAC and working atm
-
At the moment, you're using an even number prefix. What happens if you pick an odd one? That /63 moves the boundary between the prefix and suffix over by one to the left. Will a prefix ID 1 now be the same as 0?