How do I know how many IPv6 addresses I'm getting from my ISP?



  • My ISP started to support IPv6 less than 2 days ago. I'm looking to enable IPv6 for my website and it seems like I need to delegate addresses from the block my ISP supposedly gives me.

    How do I know how large of a block I'm getting within pfSense? I'm fine with either the web UI or console.

    Here's my ifconfig if that's useful:

    vtnet0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    	options=c00b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO,LINKSTATE>
    	ether 26:1a:a5:60:65:19
    	hwaddr 26:1a:a5:60:65:19
    	inet6 fe80::241a:a5ff:fe60:6519%vtnet0 prefixlen 64 scopeid 0x1
    	inet6 xxxx:xxxx:xx::xxxx prefixlen 128
    	inet yy.yyy.xxx.xxx netmask 0xffffe000 broadcast yy.yyy.255.255
    	nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
    	media: Ethernet 10Gbase-T <full-duplex>
    	status: active
    vtnet1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    	options=d00b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWFILTER,VLAN_HWTSO,LINKSTATE>
    	ether 76:11:a1:09:a1:5e
    	hwaddr 76:11:a1:09:a1:5e
    	inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
    	inet6 fe80::1:1%vtnet1 prefixlen 64 scopeid 0x2
    	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
    	media: Ethernet 10Gbase-T <full-duplex>
    	status: active
    enc0: flags=0<> metric 0 mtu 1536
    	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
    	groups: enc
    lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
    	options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
    	inet6 ::1 prefixlen 128
    	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
    	inet 127.0.0.1 netmask 0xff000000
    	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
    	groups: lo
    pflog0: flags=100<PROMISC> metric 0 mtu 33160
    	groups: pflog
    pfsync0: flags=0<> metric 0 mtu 1500
    	groups: pfsync
    	syncpeer: 224.0.0.240 maxupd: 128 defer: on
    	syncok: 1
    vtnet1.1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    	options=80000<LINKSTATE>
    	ether 76:11:a1:09:a1:5e
    	inet6 fe80::7411:a1ff:fe09:a15e%vtnet1.1 prefixlen 64 scopeid 0x7
    	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
    	media: Ethernet 10Gbase-T <full-duplex>
    	status: active
    	vlan: 1 vlanpcp: 0 parent interface: vtnet1
    	groups: vlan
    ovpns1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
    	options=80000<LINKSTATE>
    	inet6 fe80::b43c:e315:724b:794a%ovpns1 prefixlen 64 scopeid 0x8
    	inet 10.8.0.1 --> 10.8.0.2 netmask 0xffffff00
    	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
    	groups: tun openvpn
    	Opened by PID 33309
    


  • @pandalion98

    There is nothing there to show what you're getting. All I see is there's some /128 address assigned to you. What does your ISP say they provide? Mine gives me a /56, which is 256 /64s. I can configure pfSense to request anywhere from 1 to 256. Then I can delegate the individual /64s as needed. Who is your ISP? Maybe someone else here is on them.



  • @JKnott The ISP hasn't publicly released any info about it yet. I suddenly just noticed that IPv6 WAN was online (it was usually offline). Someone working for them confirmed that IPv6 was being rolled out. Apparently, their IPv6 rollout is still in the alpha/beta stage, but it does work.

    PING6(56=40+8+8 bytes) 2001:4455:80::2c1a --> 2001:4860:4860::8888
    16 bytes from 2001:4860:4860::8888, icmp_seq=0 hlim=53 time=90.819 ms
    16 bytes from 2001:4860:4860::8888, icmp_seq=1 hlim=53 time=90.764 ms
    16 bytes from 2001:4860:4860::8888, icmp_seq=2 hlim=53 time=90.764 ms
    
    --- 2001:4860:4860::8888 ping6 statistics ---
    3 packets transmitted, 3 packets received, 0.0% packet loss
    round-trip min/avg/max/std-dev = 90.764/90.782/90.819/0.026 ms
    

    It's PLDT, a major ISP in the Philippines.



  • @pandalion98
    Then you'll have to wait until the ISP is ready. At least you have an address on pfSense. That's a start.



  • @JKnott Oh. So there's no way to tell from my end?



  • @pandalion98 said in How do I know how many IPv6 addresses I'm getting from my ISP?:

    @JKnott Oh. So there's no way to tell from my end?

    Not that I'm aware of, other than trying different prefix sizes with pfSense and seeing how far you get. However, your ISP should have that info.


  • LAYER 8 Netgate

    The best thing to do is get information from your ISP. Perhaps they have a beta program or something that would result in more information.

    You can see what PD you are getting by saving the DUID in System > Advanced, Networking

    Screen Shot 2019-08-18 at 11.56.41 AM.png

    Then enable the Debug mode on WAN in the DHCP6 Client Configuration area, setting whatever secret sauce your ISP requires. This is what I use for Cox Las Vegas:

    Screen Shot 2019-08-18 at 11.59.41 AM.png

    Your ISP might require something completely different.

    Then look at Status > System Logs, DHCP and set the filter to process dhcp6c

    You will see exactly what is happening.

    My PD looks like this:

    Sep 1 03:55:10 	dhcp6c 	44071 	update an IA: PD-0
    Sep 1 03:55:10 	dhcp6c 	44071 	status code for PD-0: success
    Sep 1 03:55:10 	dhcp6c 	44071 	update a prefix 2600:dabb:ad00:bc00::/56 pltime=34359824768, vltime=34359824768
    Sep 1 03:55:10 	dhcp6c 	44071 	executes /var/etc/dhcp6c_wan_script.sh
    Sep 1 03:55:10 	dhcp6c 		dhcp6c renew, no change - bypassing update on igb0
    Sep 1 03:55:10 	dhcp6c 	44071 	script "/var/etc/dhcp6c_wan_script.sh" terminated
    

    If you want to try new settings just increment the DUID-LLT, save, and Edit/Save WAN. That should result in a new renewal using a new DUID so it should all be fresh.

    Your ISP might have settings that don't like changes like this. Only they know. Ask them. We cannot know what they require here. Again, only they know.


Log in to reply