Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPv6 local clients communicating through router instead of directly [Solved]

    IPv6
    3
    6
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      Wraptor
      last edited by

      Dear pfSense forum

      I've been running IPv6 for about half a year now, without noticing the problem I'm facing.
      All local traffic (eq. My PC -> Local server) are being routed through the Router, effectively hammering the damn thing when I'm doing file transfers to my NAS or any kind of action.
      My IPv6 skills are decent, but not that pro to figure this out. I've heard about something called 'On-Link Subnetting' but I can't figure out where and how that works in pfSense.

      My Router also cannot update anymore. I've done a nslookup and the update.pfsense.org domain results in  2610:1c1:3::116 which isn't responding to any ping requests, ipv4 works just fine (and updating did before I implemented IPv6).

      I would appreciate your help :Þ

      • Wraptor
      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        Why would you need to do on-link subnetting?? That is not really even a thing is it, have never heard of it ;)  2 devices on the same network would not be going through your router.. Just not how it works at all.  It does depend on the prefix it is using and via RA what is the on-link address and link-local etc. etc.

        Your prefix should be on-link or on the same layer 2, If they are in the same /64 they would not go through router even with your global prefix..

        its not update its updates but yeah I show it resolving to that as well.  I don't think it every answered ping, but show it online for 80 and 443.. Not sure what that has to do with you talking to a local server?

        Did you try to subnet your ipv6 space to something other than /64?  Then yeah that could cause you all kinds of real weird shit!

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

        1 Reply Last reply Reply Quote 0
        • W
          Wraptor
          last edited by

          Thank you for the answer. I'm not fully familiar with IPv6 since I'm all full thought and I haven't really spend that much time with it. But doing a tracert to my local server shows that I'm indeed going through my router's LAN NIC.

          My ISP provides me a /56 subnet (xxxx:xxxx:49xx:2::/56) Which I added a suffix to so it's a /64 subnet (xxxx:xxxx:49xx:269::/64)
          All devices get they IP's through SLAAC and my servers and workstations have been set up with a preserved IP through my DHCPv6 server.

          So my server's IP is:          xxxx:xxxx:49xx:269:beaf:acce:1:0
          And my workstation's IP is: xxxx:xxxx:49xx:269:bebf:acce:1:0

          If I do a tracert from my workstation to my server the hops will go through my router and back to the server.

          1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan
            last edited by

            @Wraptor:

            ….
            If I do a tracert from my workstation to my server the hops will go through my router and back to the server.

            Hummm.
            Tracing from my server (a Windows 2012 box) to my Syno diskstation using IPv6 - all on the same LAN segment (pfSense being the main gateway ):

            C:\Users\Administrateur>tracert -6 diskstation
            Détermination de l'itinéraire vers diskstation.brit-hotel-fumel.net [2001:470:1f13:5c0:2::c3]
            avec un maximum de 30 sauts :
              1    <1 ms    <1 ms    <1 ms  DiskStation.brit-hotel-fumel.net [2001:470:1f13:5c0:2::c3]
            Itinéraire déterminé.

            C:\Users\Administrateur>

            Looks ok to me  :)

            edit : this 'ping' or trace should even work when my pfSense is shut down while doing the trace.
            I tend to say : it's a setup issue.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              (xxxx:xxxx:49xx:2::/56

              So you mean
              xxxx:xxxx:49xx:0200:0000:0000:0000:0000/56

              And your subnet is

              xxxx:xxxx:49xx:0269

              You have to be careful..

              xxxx:xxxx:49xx:2::/56

              Could be a host address in the xxxx:xxxx:49xx:00::/56

              Which would run from
              xxxx:xxxx:49xx:0000:0000:0000:0000:0000-
              xxxx:xxxx:49xx:00ff:ffff:ffff:ffff:ffff

              If you call that out how you did I would think its a host address.. if you want to call out that specific /56 then you should call it out like

              xxxx:xxxx:49xx:200::/56

              How exactly are you getting that is your /56?  Or is that the address pfsense got on its wan?

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.7.2, 24.11

              1 Reply Last reply Reply Quote 0
              • W
                Wraptor
                last edited by

                I did mean:
                xxxx:xxxx:49xx:0200:0000:0000:0000:0000/56
                :Þ

                But I've just reinstalled the entire router and reconfigured it which solved all the problems. Even the update problem where it could not contact the update site.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.