Provider IP address can't be set as interface IP
-
Hello,
I have received the following IP6 from my provider. They claim the IP is correct and it should be set on the WAN interface however the pfSense router does not allow me to do so, stating that a link address can't be set as interface IP.
The IP address is:
IP: FE80::2a02:2f0f:195
GW: FE80::d161/64Is there a setting that I am missing to allow this IP as interface IP for WAN?
Thank you in advance!
-
If you're referring to the gateway address, yes that's entirely normal. On IPv6, link local addresses are often used for routing. For example, on my LAN, my gateway address is fe80::1:1 and my ISP's gateway is fe80::217:10ff:fe9a:a199. You may also have a /128 WAN address, but that's not necessary.
However, the ISPs typically use DHCPv6-PD to assign an address and prefix. Do they not do that? Also, are you also setting the prefix length on your end? It would also be /64.
Here's what pfSense shows for my system:
inet6 fe80::214:d1ff:fe2b:edea%re0 prefixlen 64 scopeid 0x3There is also a /128 global address.
-
@JKnott thank you for your reply.
The issue is that on pfSense, as far as I can tell, once you assign a IPv6 gateway it automatically assign a link address on the WAN interface however the ISP has provided a static link address for the said WAN interface and a different subclass for LAN (2a02:2f0f:195::1/48).
Setting the WAN GW only (without providing the specific link address they sent as static IP for the WAN interface) will not route packets to the LAN class; in the same time the router itself will not allow setting up a link address IP as interface IP (error: IPv6 link local addresses cannot be configured as an interface IP).I've contacted them and told them that normally you can't assign a link local address as interface IP as they are not unique and routers will not route packets properly if at all; they said that what they've provided is working and I should look into settings regarding my specific hardware.
-
The link local address normally comes from the MAC, but can be changed, for example my LAN gateway address. However, what you can try is changing the MAC address, so that it will provide the correct link local address. That can be done on the WAN interface page. I suspect what you're seeing is pfSense is not allowing you to set a 2nd link local address, as only one is allowed. I don't know if there's a way to change the WAN link local address directly, as happens on the LAN side.
When a link local address is created from the MAC, fffe is inserted in the middle and the 7th bit is inverted.
Also, the link local address only has to be unique on the local connection. You could use the exact same one on another interface. For example, I have fe80::1:1 on 2 interfaces as shown below.
inet6 fe80::1:1%em0 prefixlen 64 scopeid 0x2
inet6 fe80::1:1%bge0 prefixlen 64 scopeid 0x1The difference is the interface ID.
As I mentioned, link local addresses are often used for routing, as a router only has to know how to reach the next hop. In fact, with point to point links you don't even need any IP address. All you need is the interface that connects to the next router.
