IPv6 Static IP with track interface
-
Is it possible to assign the last 64bits of the IP on a pfSense LAN interface while using Track interface from a PD on the WAN?
I have the WAN being assigned an IPv6 address and a /56 delegation which is being assigned a handful of /64's as expected to my LAN interfaces. pfSense is generating the latter half of the IP address from the NIC as expected for those track interfaces. But I'm wondering if I can assign my own value for that latter half? It would make things quite a bit easier for entering DNS (within DHCP responses) and host based FW info for the clients
For this setup I am using pfSense as the DNS and DHCP servers.
I've seen another thread on the forum mentioning something about resetting the interface to static after a delegation is received and rebooting, but the version was an older rev and I wasn't quite clear that is what was trying to be accomplished. If this is indeed the method to accomplish this, how could a 'relative' IP be entered so if the prefix changes the last 64bits would remain the same? Could ::1 or some variable be used (ie. [PD0]::1) in that case?
-
The "latter half" is the host portion of the address. There are a variety of ways to provide it. A common way is SLAAC, where the MAC address is expanded to fill 64 bits. Also, a random number may be used instead of the MAC. Of course, DHCP or manual configuration can also be use. Your choice.
-
I'm looking to set the address for the interface itself in pfsense. I have dhcpv6 working on the network fine (managed mode) but if the interface is attempting to obtain a lease I don't see it in the logs, though I haven't enabled debug logging yet since I don't expect the router interface to request a lease from the DHCP server.
-
Hey tortue, what you want is possible in 2.3.4 using static IPV6 on the lan side and advanced DHCP6 Client Configuration on the wan side :
Send options - ia-na 0, ia-pd 0
Request Options - domain-name-servers, domain-name
check Prefix Delegation set id-assoc pd ID to 0 , IPv6 prefix to ::/56, pltime to infinity and leave vltime blank.Unfortunately the pfsense widedhcpv6 client doesn't support ifid statement, it would of made things easier. https://redmine.pfsense.org/issues/7138
-
Thank you for the info, that's very similar to the other thread I mentioned but more specific. A work-around will do for now, and I'll track that request.
I'll try it out and do some testing in my next config change but is there any way to know which internal LAN interface (I have multiple) will get which /64 subnet (00-ff) from the /56?
-
@inq Thanks. That was really helpful!
