IPv6 segmentation for VLANs - setup with SLAAC
-
Hello all,
I am a newbie to IPv6 and trying my best to get IPv6 on all my VLANs. However, I am having trouble segmenting IPv6 adresses to different VLANs. I was told previously that SLAAC is the way to go instead of DHCP6 for Android compatibility and ease of use.
I get a /56 subnet from my ISP. I use a Netgate SG3100.
This is the IP address showing up as LAN (I have changed the first four digits to begin with 2001 for privacy)
2001:3400:65f:4e00:208:a2ff:fe0d:c82
Now, I have got the following interfaces & VLANs set up:
- LAN (untagged)
- IoT
- Radio
- Cameras
- Guest
I have looked around online, and from what I read is to set a prefix id to 1, 2, 3, 4, etc. for each of the VLANs.
However, I am not sure how to implement it, as selecting the IPv6 option with SLAAC does not give me any location where I can input these prefix ids for each of these VLANs. I would like to use SLAAC, as I have read that Android does not work with DHCP6.
These are my configuration settings:
WAN Interface
LAN Interface
LAN DHCP6
Router Advertisements
IoT Interface (VLAN interface as an example)
Should the segmentation look something like this?
- LAN --> Track Interface
- IoT ---> 2001:3400:65f:4e02::1
- Radios -->2001:3400:65f:4e03::1
- Cameras --> 2001:3400:65f:4e04::1
- Guest --> 2001:3400:65f:4e025::1
Can someone more knowledgeable than me assist me where and how to add prefix ids for each of the interfaces?
Thank you!
-
Setting up SLAAC on a VLAN is no different than on the LAN, so you set it up exactly the same way. The only thing is you must select a different Prefix ID for each interface. For example, my main LAN is ID 0, my guest WiFi ID 3 and OpenVPN ff.
-
@jknott Thanks, setting that up was simple!
However, I don't seem to be getting any IPv6 addresses (either through Ethernet or Wireless). This is my setup:
SG3100 -> Ubiquity US-8-60W switch --> Ubiquiti UAP-nanoHD
I can get an IPv6 address on the LAN WLAN but not on the other WLANS (IoT, Radios etc.). Any ideas what could be blocking IPv6?
-
Is IPv6 enabled on the VLANs?
-
@jknott
Yes, as far as I know. Is there somewhere I need to check? Some screenshots of my system:
Also does the "Track Interface' setting automatically divy up a /56 subnet into individual /64 subnets? I dont see any setting to specifically change this in pfsense. -
Can you try disabling all those block rules to see if it works? I can't check my system at the moment, as the computer it was running on died.
-
@jknott . It is working now. Apparently it needed a reboot. Helped by a power outage in my suburb. Thanks for your help!