Not getting ipv6 address on WAN unless prefix delegation size is set to none
ISP: telenet (Belgium)
pfsense: 2.4.3-RELEASE (amd64) built on Mon Mar 26 18:02:04 CDT 2018 FreeBSD 11.1-RELEASE-p7
According to this (https://www2.telenet.be/nl/klantenservice/ipv6-bij-telenet-technische-uitleg/) and this(https://www.stroobant.be/telenet-ipv6-pfsense-configuratie) document, I should set 'DHCPv6 Prefix Delegation size' to 56
However, when setting 'DHCPv6 Prefix Delegation size' (interface WAN) to 56, I DON'T get an ipv6 address.
When setting 'DHCPv6 Prefix Delegation size' to none, I DO get an ipv6 address.
On the LAN(s), the option to 'track interface', becomes meaningless, because, even though the WAN can be selected under 'Track IPv6 interface', the IPv6 Prefix ID can only be 0.
The following errors are in the DHCP log, but according to 'the web', they are codmetic:
May 10 11:36:45 dhcp6c 45232 failed initialize control message authentication
May 10 11:36:45 dhcp6c 45232 failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory
Anybody, who knows why I don't get an IPv6 address with prefix 56?
Remember you also have to set "Send IPv6 prefix hint". If you only request a /64 than of course you only can track 1 subnet (Prefix ID0). Thats no problem for private usage.
If I enable 'Send IPv6 prefix hint' with 'DHCPv6 Prefix Delegation size' set to 'none', I get an error while saving:
The following input errors were detected:
DHCPv6 Prefix Delegation size must be provided when Send IPv6 prefix hint flag is checked
If I enable 'Send IPv6 prefix hint' with 'DHCPv6 Prefix Delegation size' set to '56', I can successfully save, but I don't get an IP address.
I've tried all available prefix sizes from the drop down list, I only get an IP address when selecting none.
Do a reboot after hitting save.
Tried a reboot after saving the settings, no IPv6 address received…
What does your ISP have to say?
The entire exercise here is to make the router do what THEY require. It'd be nice if they said what they need.
Really, all you can do is set the PD request to 56, kick the DUID to something new, and reboot.
Be sure you enable the DHCP6c debug logs in the WAN configuration. You can see exactly what dhcp6c client thought about the lease process by going to Status > System Logs, DHCP and filtering on process dhcp6c.
@Derelict and anyone else who wants to help me
I've already submitted a technical question to my ISP, but haven't received an answer yet (long weekend here in Belgium - replies only guaranteed? in two working days.
As I said, I've tried all possible PD's, only receive an IPv6 if 'none'
However, since I already activated 'debug', I saw the message that the server was reading an existing DUID from file.
You say to 'kick the DUID', how do I do that?
Something like this:
@Derelict: Thank you so much
I did exactly what is recommended and now have an IPv6 (PD 56) on my WAN (igb0), two LAN (igb2 & igb3) interface tracking the WAN
So in summary for other users:
1. power off your cable modem
2. Save the /56 prefix request WAN configuration as shown in the other thread. Be sure DHCP6 debug output is checked.
3. Put one of the inside interfaces on Track Interface
4. Go to System > Advanced, Networking and be sure the DUID is set to be saved. The default format is DUID-LLT. You can increment that time in seconds by one or figure out what the current number would be based on the current time. The point is to use a new DUID the next time it requests a PD.
5. Halt the system and power it off
6. Power on the cable modem and let it go green
7. Power on the firewall.
When it settles in, look at the logs in Status > System Logs, DHCP. Filter on command dhcp6c. That will tell you exactly what happened.
Great to hear. Glad it worked.