Static IPv6 LAN IP instead of using Track Interface not working after reboot

Box293

My ISP (internode) assigns a IPv6 /56 prefix, 2001:44b8:3132::

WAN

• IPv4 PPPoE
• IPv6 DHCP6
• Check "Request a IPv6 prefix/information through IPv4"

LAN

• IPV6, Track Interface
• IPv6 Interface: WAN
• IPv6 Prefix ID: 0

With this configuration, everything works fine.

I have a CentOS 7 machine which I have defined with the static IP of:
2001:44b8:3132:0:192:168:25:8888/64
It's default gateway is the IP that the LAN interface receives using track interface.
With this config, I can ping6 the ISP's dns server 2001:44b8:1::1

I then go and change my IPv6 configuration to Static IPv6 and define the LAN IP as:
2001:44b8:3132:0:192:168:25:1/64
I apply.

From the pfSense Diagnostics > Ping
Hostname: 2001:44b8:1::1
IP Protocol: IPv6
Source address: LAN

The ping test works.

I go back to my CentOS 7 machine
I can now ping the new LAN IP
I can no longer ping the old LAN IP
I change my default gateway to the new LAN IP
I can ping6 the ISP's dns server 2001:44b8:1::1

Great everything seems good

I reboot the pfSense firewall at this point.

From the pfSense Diagnostics > Ping
Hostname: 2001:44b8:1::1
IP Protocol: IPv6
Source address: LAN

The ping test now fails, 100% packet loss (ping test from CentOS 7 machine also fails).

If I change the source address to WAN the ping test works (so IPv6 > internet is still working).

I then go and change my IPv6 configuration back to Track Interface.
I disconnect/reconnect my PPPoE session via Status > Interfaces.

I now have the IPv6 auto assigned address again.

The pfSense Diagnostics > Ping works again.

Here are my questions:

After changing from "Track Interface" to "Static" everything works UNTIL I reboot the pfSense firewall. Why?

Am I configuring the IPv6 static IP wrong? Is there a setting somewhere I am missing?

cmb

Sounds like you're losing your PD subnet's route on the ISP side by doing that. They probably end up dropping it after you DHCPv6 renew without having a track6 interface defined.

Box293

Thanks for the response, I'll follow up with my ISP.

Do you know of any good documentation on how "track " works ?

devnull 0

If you're not using track interface on the lan, the prefix delegation won't be configured by the router, and subsequently your ISP won't delegate you a prefix. So, you need to setup the prefix delegation in the advanced section on the WAN page:

• send options: ia-pd 0

• request options: domain-name-servers, request domain-name

• prefix delegation: checked

• id-assoc pd ID: 0

• Prefix ipv6-prefix: ::/48 (probably, could also be ::/56

• pltime: infinity

then set the LAN interface statically. This should give you a PD even after a reboot.

Inq

This has to be ISP specific. I have the exact same setup as Box293 and i have no problem whatsoever setting a static configuration on the lan side. Everything works as expected after reboot.

Box293

Thanks very much dev/null & Inq for your input. I've been busy and haven't had a chance to revisit this but I plan to soon.

I'll report back after some testing and hopefully a resolution.

Box293

Thanks to /dev/null for pointing me in the right direction, based on his notes I was able to get it working.

This thread had the solution:

https://forum.pfsense.org/index.php?topic=90699.msg508549#msg508549

I had to setup the prefix delegation in the advanced section on the WAN page

• send options: ia-pd 0

• prefix delegation: checked

That was all that was required. I originally tried the options /dev/null provided but it didn't work. Once I cleared the fields so it was like the screenshot c0re had in the other post it worked straight away. Even after rebooting the pfSense box in continued to work OK.

Frustrating how it all works though.