How to add IPv6 to local network
-
I am looking at how to slowly adding IPv6 to my network. I have a GRE tunnel with a /29 IPv4 subnet and a /48 IPv6 subnet.
I have been reading about SLAAC, full stack and DS-LITE 4into6 etc.
So i first wanted to add IPv6 to my local network before adding the external IPv6 IP to my pfsense. I know you don't use NAT anymore so maybe a beter word is "getting my local network ready for IPv6". So one of the things would be setting up a FW, i know how to do that in IPv4 so i assume i wil be able to do that with IPv6.
But i don't really know where to start and what to do exactly.
And i was wondering if or when i would have this up and running is it the way to go to totally remove IPv4 afterwards? Or is it normal to keep running it both?
So i am hoping that you guys could talk me trough how to do this, in detail :)
Many thanks in advance!
-
First off, tell us who your ISP is. Someone here may have experience with them. Regardless, ISPs generally use DHCPv6-PD to provide a prefix to be used for local LANs. So, pfsense will take that /48 and split it up into /64s for local networks. With a /48, you'll only get 65536 /64s though. SLAAC is on the LAN side and is used to send the LAN prefix and other info to the local devices.
While the basic principles are similar for IPv4 & IPv6, there are significant differences in the way things get configured, such as using SLAAC, for which there is no IPv4 equivalent.
-
@jknott my ISP doesn't use IPv6 net. So that is why i will be using the GRE tunnel with the /48 IPv6. Like i said i also use a /29 IPv4 subnet trhough a GRE tunnel which is working fine.
The rest of your post is still valid right? Doesn't really matter were the IPv6 /48 comes from right?
Of course i also have got one WAN IPv4 connection.
I could name the companies but i live in The Netherlands. So i don't think that is well known here. But my ISP is Tweak glas (fiber) and the GRE tunnel is supplied by Extraip.com (also in dutch).
-
When you said DS-Lite, I thought you were talking about an ISP, as it is commonly used by them.
GRE is an unusual way to provide IPv6. Common methods over IPv4 include 6to4, 6in4 and 6rd. Some people here get a 6in4 tunnel from he.net.
-
@jknott okee, but how does GRE make it more difficult? It supplies me with the a same /48 subnet as an ISP would do right?
-
I didn't say it would make it more difficult, only that it's not a common way to do it. Before my ISP provided native IPv6, I used 6in4 with a tunnel broker to get IPv6. My ISP, before providing native IPv6, used 6to4 and 6rd tunnels. With networking, there are often multiple ways to do the same thing. However, I have never had to use GRE for anything. Regardless, if they provide it over GRE, then perhaps they provided some info for using it. For example, you may have to specify the address for the other end. I did when using the 6in4 tunnel.
-
Is DHCPv6-PD the same as DS-Lite?
-
No, DHCPv6-PD is used to assign addresses and prefixes. The DHCPv6 part is similar to DHCP in IPv4, in that it provides an interface address. The PD part provides the prefix for use on the local networks. DS-Lite refers to a method for providing IPv4 over an IPv6 only network. It encapsulates the IPv4 packets in IPv6 and uses carrier grade NAT to provide the IPv4 addresses.