Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Thank you for the IPv6 NAT capabilities in 2.5

    Scheduled Pinned Locked Moved IPv6
    44 Posts 5 Posters 7.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Bob.DigB
      Bob.Dig LAYER 8 @DaddyGo
      last edited by Bob.Dig

      @daddygo The prefix changes daily and pfsense don't know about it, because of the router upfront, so I have to it

      DaddyGoD 1 Reply Last reply Reply Quote 0
      • DaddyGoD
        DaddyGo @Bob.Dig
        last edited by DaddyGo

        @bob-dig said in Thank you for the IPv6 NAT capabilities in 2.5:

        The prefix changes daily and pfsense don't know about it

        Yupppp... ๐Ÿ˜‰

        it's an ISP issue + own setting, not pfSense

        can we agree with that?
        a good setting, = no restarts required + acceptable service provider

        BTW:
        I would go crazy, - if the solution was a daily reboot ๐Ÿ˜‰

        Cats bury it so they can't see it!
        (You know what I mean if you have a cat)

        Bob.DigB 1 Reply Last reply Reply Quote 0
        • Bob.DigB
          Bob.Dig LAYER 8 @DaddyGo
          last edited by Bob.Dig

          @daddygo It is not the ISP this time, its me having another router in front of pfsense. Need this for telephony and as a modem.

          DaddyGoD johnpozJ JKnottJ 3 Replies Last reply Reply Quote 0
          • DaddyGoD
            DaddyGo @Bob.Dig
            last edited by DaddyGo

            @bob-dig said in Thank you for the IPv6 NAT capabilities in 2.5:

            its my having another router in front of pfsense.

            hmmm.... it hurts

            It's up to you, throw it out ๐Ÿ˜‰

            Sure it's a joke, but you don't have another phone?

            +++edit:
            maybe we talked about it earlier
            is it a dual-NAT configuration?

            Cats bury it so they can't see it!
            (You know what I mean if you have a cat)

            Bob.DigB 1 Reply Last reply Reply Quote 0
            • Bob.DigB
              Bob.Dig LAYER 8 @DaddyGo
              last edited by Bob.Dig

              @daddygo Actually it is a fax, that I need three times a year. ๐Ÿ˜Š

              DaddyGoD 1 Reply Last reply Reply Quote 0
              • DaddyGoD
                DaddyGo @Bob.Dig
                last edited by DaddyGo

                @bob-dig said in Thank you for the IPv6 NAT capabilities in 2.5:

                it is a fax

                ๐Ÿ˜‰ ๐Ÿ˜‰ ๐Ÿ˜‰ ๐Ÿ˜‰ ๐Ÿ˜‰

                then it is time for liquidation..

                +++edir:
                seriously it is necessary

                Cats bury it so they can't see it!
                (You know what I mean if you have a cat)

                Bob.DigB 1 Reply Last reply Reply Quote 0
                • Bob.DigB
                  Bob.Dig LAYER 8 @DaddyGo
                  last edited by Bob.Dig

                  @daddygo You can vote with that... not with email. I am talking about the US.

                  DaddyGoD 1 Reply Last reply Reply Quote 0
                  • DaddyGoD
                    DaddyGo @Bob.Dig
                    last edited by DaddyGo

                    @bob-dig said in Thank you for the IPv6 NAT capabilities in 2.5:

                    You can vote with that

                    I do not believe it

                    I am not interested in the votes systems, just be safe ๐Ÿ˜‰

                    +edit:

                    good daily readings.....

                    https://thehackernews.com/
                    https://www.theregister.com/

                    Cats bury it so they can't see it!
                    (You know what I mean if you have a cat)

                    1 Reply Last reply Reply Quote 1
                    • johnpozJ
                      johnpoz LAYER 8 Global Moderator @Bob.Dig
                      last edited by

                      While its commendable you want to use IPv6 - since it is the future.. As of yet there is no actual "need" for it.. Do you have some actual need of IPv6 - is there some resource you can not access without IPv6? Are you behind a nat from your ISP, and the only service you can get that allows for unsolicited inbound is if your IPv6? Are you playing or hosting some game that only works via IPv6? I have yet to run into one of these unicorns..

                      Only reason I have any IPv6 at all - is well yes it is cool ;) And it is the future.. And this sort of stuff is fun for me.. But actual "need" nope haven't seen it.. I have a public IPv4, nothing is blocked inbound on it from the isp (25 and smb maybe). I can serve up what I want to serve up just via IPv4, while I do provide ntp for the pool via both IPv4 and v6.. That is not something I need to do..

                      Such scenarios with my isp at the time comcast shitty ipv6 deployment (changing prefixes) etc. I went with just a HE tunnel like 10+ years ago.. Guess what, multiple isps later - with current one not even supporting IPv6 and I still have my same /48 ;)

                      Never changes. Its static - I can assign whatever prefixes I want out of that /48 to my lans.. ie no need to track a prefix to assign.

                      For what maybe a couple of extra ms in latency, slight extra overhead since tunnel.. You could have your cake and eat it too if just went with HE - just saying.. More likely than not HE has better peering than your ISP anyway, atleast for IPv6..

                      There is no reason to try and find some work around or "method" that works with some isp, when in 30 seconds you could have a very stable, fast and static /48 assigned and even allows for PTR on the space.. Other than say some video services blocking it - because it could allow for geoip circumvention.. I have has zero problems with a HE tunnel as a way to use IPv6. And it frees you up to use really any isp you want, be it they support ipv6 or not.. If what you want is ipv6.

                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                      If you get confused: Listen to the Music Play
                      Please don't Chat/PM me for help, unless mod related
                      SG-4860 24.11 | Lab VMs 2.8, 24.11

                      DaddyGoD Bob.DigB 2 Replies Last reply Reply Quote 1
                      • DaddyGoD
                        DaddyGo @johnpoz
                        last edited by

                        @johnpoz said in Thank you for the IPv6 NAT capabilities in 2.5:

                        While its commendable you want to use IPv6 - since it is the future..

                        Hi John, we talked a long time ago...-

                        (I'm really starting to understand you)
                        now the situation is that I totally agree with you..!!!! โœŒ

                        Cats bury it so they can't see it!
                        (You know what I mean if you have a cat)

                        1 Reply Last reply Reply Quote 0
                        • Bob.DigB
                          Bob.Dig LAYER 8 @johnpoz
                          last edited by

                          @johnpoz I even became sage and it was a lot of fun. But I don't have a need for sending emails over IPv6 anymore and like you said, it is still totally optional, at least for me having dual-stack anyway.

                          johnpozJ 1 Reply Last reply Reply Quote 0
                          • johnpozJ
                            johnpoz LAYER 8 Global Moderator @Bob.Dig
                            last edited by johnpoz

                            Well then why dick with something that would change, or do NAT (uggggh).. Just use HE for your clearly "optional" IPv6 needs - way less hassle, and more functionality to be honest than what most isps call IPv6 ;)

                            edit: Yeah sage was fun.. Still have the shirt.. Even though it is starting show its age ;)
                            Certification Level: Sage earned at 2011-01-26 09:05:43

                            create_badge.php.png

                            An intelligent man is sometimes forced to be drunk to spend time with his fools
                            If you get confused: Listen to the Music Play
                            Please don't Chat/PM me for help, unless mod related
                            SG-4860 24.11 | Lab VMs 2.8, 24.11

                            DaddyGoD Bob.DigB JKnottJ 4 Replies Last reply Reply Quote 1
                            • DaddyGoD
                              DaddyGo @johnpoz
                              last edited by DaddyGo

                              @johnpoz said in Thank you for the IPv6 NAT capabilities in 2.5:

                              Even though it is starting show its age ;)

                              ๐Ÿ˜‰

                              BTW:

                              otherwise, the colleague is very evolving @Bob-Dig ๐Ÿ˜‰

                              Cats bury it so they can't see it!
                              (You know what I mean if you have a cat)

                              1 Reply Last reply Reply Quote 0
                              • DaddyGoD
                                DaddyGo @johnpoz
                                last edited by

                                @johnpoz said in Thank you for the IPv6 NAT capabilities in 2.5:

                                Certification Level: Sage earned at 2011-01-26 09:05:43

                                Let's start talking about ipv6? ๐Ÿ˜‰

                                Cats bury it so they can't see it!
                                (You know what I mean if you have a cat)

                                1 Reply Last reply Reply Quote 0
                                • Bob.DigB
                                  Bob.Dig LAYER 8 @johnpoz
                                  last edited by Bob.Dig

                                  @johnpoz Certification Level: Sage earned at 2020-04-03 13:04:33

                                  create_badge.php.png

                                  One year for me, ten for you. ๐Ÿ˜‰

                                  DaddyGoD 1 Reply Last reply Reply Quote 1
                                  • DaddyGoD
                                    DaddyGo @Bob.Dig
                                    last edited by

                                    @bob-dig said in Thank you for the IPv6 NAT capabilities in 2.5:

                                    one year for me, ten for you.

                                    ๐Ÿ‘

                                    Cats bury it so they can't see it!
                                    (You know what I mean if you have a cat)

                                    1 Reply Last reply Reply Quote 1
                                    • JKnottJ
                                      JKnott @Bob.Dig
                                      last edited by

                                      @bob-dig

                                      Yes, I received the new computer a few weeks ago. The VPN problems were actually not VPN problems. I get 2 IPv4 addresses from my ISP. For years, I had been using that 2nd address for testing, right up to the day before I updated to pfsense 2.5.0. For some reason, I can no longer connect to pfsense from that address, even though the packets are arriving at the WAN interface. On the other hand, the VPN works fine if I tether to my cell phone. I have absolutely no idea why that 2nd address now fails.

                                      Why is there another router ahead of pfsense? You should have your modem configured for bridge mode, not gateway.

                                      PfSense running on Qotom mini PC
                                      i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                                      UniFi AC-Lite access point

                                      I haven't lost my mind. It's around here...somewhere...

                                      DaddyGoD 1 Reply Last reply Reply Quote 1
                                      • JKnottJ
                                        JKnott @Bob.Dig
                                        last edited by

                                        @bob-dig said in Thank you for the IPv6 NAT capabilities in 2.5:

                                        Need this for telephony and as a modem

                                        My modem has Internet, phone and IPTV on it. It's in bridge mode. Gateway vs bridge mode has no effect on my phone. Are you sure your phone service requires gateway mode?

                                        PfSense running on Qotom mini PC
                                        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                                        UniFi AC-Lite access point

                                        I haven't lost my mind. It's around here...somewhere...

                                        Bob.DigB 1 Reply Last reply Reply Quote 0
                                        • Bob.DigB
                                          Bob.Dig LAYER 8 @JKnott
                                          last edited by Bob.Dig

                                          @jknott It is not cable anymore, now it is VDSL and I have no separated modem anymore, you have to rent or buy it yourself.

                                          JKnottJ 1 Reply Last reply Reply Quote 0
                                          • DaddyGoD
                                            DaddyGo @JKnott
                                            last edited by

                                            @jknott said in Thank you for the IPv6 NAT capabilities in 2.5:

                                            before I updated to pfsense 2.5.0

                                            hahaoooooo..

                                            Stay the running version 2.4.5-p1, until you get a green light,..... and test in a VM environment with 2.5.0 ... PLS

                                            Cats bury it so they can't see it!
                                            (You know what I mean if you have a cat)

                                            JKnottJ 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.