pfSense 2.5.0 not picking up default gateway via SLAAC ?

dr_tech

I use 4G as my uplink to the internet. My ISP's CPE hands out a single IPv6 address (/64 subnet) for all the devices downstream via SLAAC (no support for DHCPv6 and hence no PD).

I need IPv6 connectivity for VPN and some other services I have hosted elsewhere (CGNATv4 + IPv6, hence using IPv6 for public addresses).

I have setup my WAN interface to obtain IPv6 via SLAAC, and the interface does take up an IPv6 address, however I cannot ping anything else than the devices in the same IPv6 subnet (WAN side).

Under Diagnostics > Routes, I do not see a valid IPv6 route, hence I believe that there's the problem.

What else do I need to do to enable pfSense to pick up the IPv6 gateway via SLAAC itself ?

(Trying to use IPv6 NAT for IPv6 connectivity on LAN).

JKnott

@dr_tech

SLAAC will provide info for a single interface only, not a gateway. Also, you can't split a single /64 into multiple networks without breaking things.

dr_tech

@jknott said in pfSense 2.50 not picking up default gateway via SLAAC ?:

@dr_tech

SLAAC will provide info for a single interface only, not a gateway. Also, you can't split a single /64 into multiple networks without breaking things.

But SLAAC should provide the default gateway for pfSense itself, right ? I can't ping anything using the WAN interface on pfSense itself.

I am not trying to split the SLAAC assigned IP into multiple subnets, infact :

WAN (SLAAC:2002:aa:bb:cc::abcd) <NATv6> LAN (fd00::1/64)

JKnott

@dr_tech

It provides the info for devices, such as computers, tablets, phones, etc. to connect to a network, including gateway. It does not provide info for routers to use on their LAN side.

dr_tech

@jknott

pfSense should atleast be able to ping a public IPv6 through it's WAN interface ?

JKnott

@dr_tech said in pfSense 2.5.0 not picking up default gateway via SLAAC ?:

pfSense should atleast be able to ping a public IPv6 through it's WAN interface ?

Yep, assuming it's a routeable address. However the WAN address will likely not be from within your prefix.

SteveITS

@dr_tech If you're actually on 2.5.0 there was this IPv6 fix in 2.5.1: Gateway value for DHCP6 interfaces missing after RA events triggered script without gateway information