IPv6 segmentation for VLANs - setup with SLAAC
I am a newbie to IPv6 and trying my best to get IPv6 on all my VLANs. However, I am having trouble segmenting IPv6 adresses to different VLANs. I was told previously that SLAAC is the way to go instead of DHCP6 for Android compatibility and ease of use.
I get a /56 subnet from my ISP. I use a Netgate SG3100.
This is the IP address showing up as LAN (I have changed the first four digits to begin with 2001 for privacy)
Now, I have got the following interfaces & VLANs set up:
- LAN (untagged)
I have looked around online, and from what I read is to set a prefix id to 1, 2, 3, 4, etc. for each of the VLANs.
However, I am not sure how to implement it, as selecting the IPv6 option with SLAAC does not give me any location where I can input these prefix ids for each of these VLANs. I would like to use SLAAC, as I have read that Android does not work with DHCP6.
These are my configuration settings:
IoT Interface (VLAN interface as an example)
Should the segmentation look something like this?
- LAN --> Track Interface
- IoT ---> 2001:3400:65f:4e02::1
- Radios -->2001:3400:65f:4e03::1
- Cameras --> 2001:3400:65f:4e04::1
- Guest --> 2001:3400:65f:4e025::1
Can someone more knowledgeable than me assist me where and how to add prefix ids for each of the interfaces?
Setting up SLAAC on a VLAN is no different than on the LAN, so you set it up exactly the same way. The only thing is you must select a different Prefix ID for each interface. For example, my main LAN is ID 0, my guest WiFi ID 3 and OpenVPN ff.
@jknott Thanks, setting that up was simple!
However, I don't seem to be getting any IPv6 addresses (either through Ethernet or Wireless). This is my setup:
SG3100 -> Ubiquity US-8-60W switch --> Ubiquiti UAP-nanoHD
I can get an IPv6 address on the LAN WLAN but not on the other WLANS (IoT, Radios etc.). Any ideas what could be blocking IPv6?
Is IPv6 enabled on the VLANs?
Yes, as far as I know. Is there somewhere I need to check? Some screenshots of my system:
Also does the "Track Interface' setting automatically divy up a /56 subnet into individual /64 subnets? I dont see any setting to specifically change this in pfsense.
Can you try disabling all those block rules to see if it works? I can't check my system at the moment, as the computer it was running on died.
@jknott . It is working now. Apparently it needed a reboot. Helped by a power outage in my suburb. Thanks for your help!