how do i set pfsense to get ipv6 from isp
-
Sorry, I must have missed that. However, I see you gave a prefix delegation size of 64. If your ISP provides only a /64, then you can't pass IPv6 onto your LAN. If the ISP provides a different size then you use that number. For example my ISP provides a /56, which I can then split into 256 /64s on the LAN side.
-
Yeah, I pull a /56 here with link-local on WAN.
You could pull a /64 and use it only on LAN. Make sure you are requesting the correct prefix size though. I have seen that fail if it's not exactly what the ISP is offering.
-
-
@firefox
Your ISP's router may not be responding to IPv6 ping requests. Maybe do a IPv6 traceroute (you might need to temporarily disable monitoring to do this, see below) and try using hop #3 or 4 as the monitoring IP address, or use something more global like Google DNS or something. Or you can change the gateway setting to disable the monitoring (System > Routing > [edit the IPv6 gateway] > check "Disable Gateway Monitoring"), though that might affect failover if you have dual WAN. -
@virgiliomi
Or not use gateway monitoring. I don't use it, as it doesn't do much for most users.
-
updating
I returned everything to the previous state
Ipv4 only
Because for some reason everything works slowly
I currently will not use ipv6 maybe I will try again in a few months -
Yeah, that's typical of having partial v6 connectivity. Most operating systems will try to use it first if they think they have a v6 connection. If that is broken you have to wait for it to timeout before it tries v4 resulting in a pretty bad experience!
-
@stephenw10
Is there a way around this?
Any page loaded in a second or two
Loads after 10 or 20 seconds -
You can probably configure the clients to use only IPv4 or use v4 by default.
Otherwise you need to either have fully functioning IPv6 or none.
Steve
-
While you can normally adjust a OS preference to ipv4 from v6. Some devices are more difficult than others, and can be difficult to actually disable completely.
If you are having issues with ipv6 - the simple solution is just not provide it at all.. Which is easy enough to disable at pfsense. Its much easier to do that way, then trying to configure each client to not use ipv6 or prefer v4 over, etc.
I don't provide any automatic IPv6 to any clients on any of my vlans. But I can configure clients on the vlans I have it enabled manually to use it..
-
i disabled ipv6
on my pc
Now it works properlyThanks
-
@firefox said in how do i set pfsense to get ipv6 from isp:
i disabled ipv6
on my pc
Now it works properlyThanks
Smart move! Here you can see why:
https://www.youtube.com/watch?v=Vt4Jl4t43ug -
I wouldn't put much stock in what that guy says. He doesn't understand IPv6 enough to make those claims. In fact some of what he said is nonsense.
I made some comments on on that video last month.
@ firefox
As for IPv6, that is where the world is moving, so disabling IPv6 is not the fix. All you're doing is hiding the problem. If your ISP has a problem and they can't/won't fix it, there's always he.net.
PfSense running on Qotom mini PC
i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
UniFi AC-Lite access pointI haven't lost my mind. It's around here...somewhere...
-
Yes, a fully functional IPv6 connection is the way forward here.
-
@jknott said in how do i set pfsense to get ipv6 from isp:
In fact some of what he said is nonsense.
haha - "some" its pretty much all nonsense, I wasn't going to sit through 30 minutes of nonsense.. so just skipped through it.. Every part I stopped on was just nonsense.
Some of his comments as well - don't read books, don't read rfc's - watch videos? Come on!
I would agree disable ipv6 is not a "fix" What it is, is a way for you to get up to speed with your understanding before you use what yes is the future.
Until such time that you have a NEED there is no reason to have it enabled unless you actually understand how it works, how to secure it and how it functions to be able to troubleshoot it when things go wrong.
Many users have it and don't even know, they might not be having any problems, they might not attribute issues they are having with IPv6, etc.
Do you have a web server running if you don't need one, do you have ftp running when you don't need one.
Security 101 says if your not using something - then it shouldn't be enabled. If you have no use for ipv6 then there is little reason for you to have it up and running. Unless your actively going to be using it, or experimenting with it.
I would not say you should disable your IPv6 unless you're having issues. But if you are, there is nothing wrong with just turning it off until such time that you actually need it. Or are willing to spend the time needed to get up to speed and properly configure your network for its use.
You can for sure bring up ipv6 in limited fashion to use and play without until such time your are comfortable and know enough to properly deploy it across your full network.
What is nice about pfsense - it gives you the ability to do just that. Vs some soho router where it on or off, with limited ability to manage it or monitor it, etc.
The mentioned hurricane electric is a very controlled way to bring ipv6 into your network. Limit its scope or not. With no need to have to deal with your isp lack of ipv6 support or inadequate type of deployment.
-
@johnpoz said in how do i set pfsense to get ipv6 from isp:
haha - "some" its pretty much all nonsense,
That pretty much sums up his videos. I have tried to watch a couple of others but couldn't stomach them. I guess he's one of these "experts" who's read a couple of magazine articles and now knows all there is to know.
It reminds me of a job I was on a few years ago, where the woman, who was the office manager, got annoyed because I plugged my computer into the switch with a CAT 5 patch cord. She was convinced it was going to affect her network, which we'd just cabled with CAT 6. She knew that because her husband (he's a veterinarian) had read some magazine articles.
-
Thank you all
Although I would like it to work properly
I currently do not really need ipv6
I wanted it to work to test something
And it's probably not easy
One of the times I tried I was left without an internet connection
So i had to restart pfsense and select restore to previous state
Because no matter what I did it was left without an internet connectionIf it was as simple as changing the settings and clicking apply
I would do that
But as I wrote down
I was left without internet
And even if I changed the settings to the previous mode it did not workOnly when I started pfsense and selected restore to previous state
It's back to work -
@James, you and Lawrence from Lawrence System have been working with IPv6 for many years. Even now he don't use IPv6.
About the video, well nonsense is really a strong word. I think the point he wants to make, that average users don't know how to modify IPv6. By default most devices use IPv6 are not configured correctly. -
Actually, considering what he was saying, nonsense is not too strong. He was flat out wrong. See my comments on that video As for Lawrence, I don't know what he does with IPv6. My interest in his videos has been mainly with Unifi APs and I don't recall him ever mentioning IPv6. However, he may be doing a video on a data tap, as per my suggestion.
As for IPv6 in general, I find some people just dismiss it, because they don't want to learn and think it's OK that the Internet will be crippled as long as IPv4 is the main protocol. I saw the address problem with IPv4, shortly after I started learning about TCP/IP in the mid '90s. Not long after, I read about IPv6 in the April 1995 issue of Byte magazine and realized that was the way to go.
-
bad luck
Now for some reason it has returned to the state where each page loads after 20 seconds or 30 seconds even though ipv6 is disabled (in pfsense and pc)How to fix it
So that it will work without any problems
