IPv6 local clients communicating through router instead of directly [Solved]
-
Dear pfSense forum
I've been running IPv6 for about half a year now, without noticing the problem I'm facing.
All local traffic (eq. My PC -> Local server) are being routed through the Router, effectively hammering the damn thing when I'm doing file transfers to my NAS or any kind of action.
My IPv6 skills are decent, but not that pro to figure this out. I've heard about something called 'On-Link Subnetting' but I can't figure out where and how that works in pfSense.My Router also cannot update anymore. I've done a nslookup and the update.pfsense.org domain results in 2610:1c1:3::116 which isn't responding to any ping requests, ipv4 works just fine (and updating did before I implemented IPv6).
I would appreciate your help :Þ
- Wraptor
-
Why would you need to do on-link subnetting?? That is not really even a thing is it, have never heard of it ;) 2 devices on the same network would not be going through your router.. Just not how it works at all. It does depend on the prefix it is using and via RA what is the on-link address and link-local etc. etc.
Your prefix should be on-link or on the same layer 2, If they are in the same /64 they would not go through router even with your global prefix..
its not update its updates but yeah I show it resolving to that as well. I don't think it every answered ping, but show it online for 80 and 443.. Not sure what that has to do with you talking to a local server?
Did you try to subnet your ipv6 space to something other than /64? Then yeah that could cause you all kinds of real weird shit!
-
Thank you for the answer. I'm not fully familiar with IPv6 since I'm all full thought and I haven't really spend that much time with it. But doing a tracert to my local server shows that I'm indeed going through my router's LAN NIC.
My ISP provides me a /56 subnet (xxxx:xxxx:49xx:2::/56) Which I added a suffix to so it's a /64 subnet (xxxx:xxxx:49xx:269::/64)
All devices get they IP's through SLAAC and my servers and workstations have been set up with a preserved IP through my DHCPv6 server.So my server's IP is: xxxx:xxxx:49xx:269:beaf:acce:1:0
And my workstation's IP is: xxxx:xxxx:49xx:269:bebf:acce:1:0If I do a tracert from my workstation to my server the hops will go through my router and back to the server.
-
….
If I do a tracert from my workstation to my server the hops will go through my router and back to the server.Hummm.
Tracing from my server (a Windows 2012 box) to my Syno diskstation using IPv6 - all on the same LAN segment (pfSense being the main gateway ):C:\Users\Administrateur>tracert -6 diskstation
Détermination de l'itinéraire vers diskstation.brit-hotel-fumel.net [2001:470:1f13:5c0:2::c3]
avec un maximum de 30 sauts :
1 <1 ms <1 ms <1 ms DiskStation.brit-hotel-fumel.net [2001:470:1f13:5c0:2::c3]
Itinéraire déterminé.C:\Users\Administrateur>
Looks ok to me :)
edit : this 'ping' or trace should even work when my pfSense is shut down while doing the trace.
I tend to say : it's a setup issue. -
(xxxx:xxxx:49xx:2::/56
So you mean
xxxx:xxxx:49xx:0200:0000:0000:0000:0000/56And your subnet is
xxxx:xxxx:49xx:0269
You have to be careful..
xxxx:xxxx:49xx:2::/56
Could be a host address in the xxxx:xxxx:49xx:00::/56
Which would run from
xxxx:xxxx:49xx:0000:0000:0000:0000:0000-
xxxx:xxxx:49xx:00ff:ffff:ffff:ffff:ffffIf you call that out how you did I would think its a host address.. if you want to call out that specific /56 then you should call it out like
xxxx:xxxx:49xx:200::/56
How exactly are you getting that is your /56? Or is that the address pfsense got on its wan?
-
I did mean:
xxxx:xxxx:49xx:0200:0000:0000:0000:0000/56
:ÞBut I've just reinstalled the entire router and reconfigured it which solved all the problems. Even the update problem where it could not contact the update site.