Change from DHCPv6 to SLAAC on Cox Internet Not Working
-
Yes, I know Android devices don't work with DHCPv6. IIRC, I told you that. However, your screen capture shows you have SLAAC selected on the WAN side, which is wrong, unless that's what COX is providing. Generally, you'd use DHCPv6 on the WAN and then configure the LAN for SLAAC.
-
@jknott OK. I put the WAN Interface's IPv6 Configuration Type back to DHCP6. No problem. Then in the LAN Interface, I left the IPv4 Configuration Type at Static IPv4 and changed the IPv6 Configuration Type to SLAAC. When I tried to save that, I got an error saying the DHCP6 Server and the Router Advertisement were active on the interface and I needed to disable the services:
So, back on Services > DHCPv6 Server & RA > LAN > DHCPv6 Server/Router Advertisements, I disabled them. At that point, I could save the new LAN Interface settings.
I then went back to Router Advertisements to set it to Unmanaged (since everything I've seen says to do that), but was greeted with the message "The DHCPv6 Server can only be enabled on interfaces configured with a static IPv6 address. This system has none:"
Looking at the Dashboard, I now have a LAN_SLAAC Gateway that's Unknown and my local Windows computers don't get IPv6 addresses:
-
@areckethennu I put everything back to the way it was and things are just as they were. Does anyone have a link to actual step by step instructions on how to get pfSense set up in a pure SLAAC setup? Specifically to handle Android and Windows devices. And on Cox if it makes a difference.
EDIT: I guess I'm specifying a solution to the problem instead of asking for a solution to the problem. So, let me rephrase that. Can anyone point me to step-by-step instructions on how to set pfSense up to work nicely with both Android's and Windows 11's IPv6 requirements?
-
@areckethennu OK. I THINK it's working now. I went back to my normal WAN (DHCP/DHCP6) and LAN (Static IPv4/Track Interface) configurations and simply went to Services > DHCPv6 Server & RA > LAN. On the Router Advertisements tab, I set Router Mode to Unmanaged and on the DHCPv6 Server tab, I disabled DHCPv6 Server. I rebooted pfSense and my Windows machine and it looks like it's working. My Android phone now has proper IPv6 addresses and doing ipconfig /all on my Windows machine shows a similar set there.
Maybe the reboots helped. Anyway, thanks for the help.
EDIT: Let me add that I think the problems I was having were because I kept seeing posts all over the internet saying Android required SLAAC. So, I kept looking for thing about setting up SLAAC. For whatever reason, pfSense mentions SLAAC on the interfaces (which, apparently, is not where what I needed to do is done) but not in RA. Instead, it has its own terms (which I'm sure are fully technically justified) for the various RA modes. None of which helps a Joe Bag 'o Donuts guy like me.
-
What made it work was configuring it properly. As I said from the start, Android doesn't support DHCPv6. Then as I pointed out, you had SLAAC on the wrong interface.
You can thank some genius at Google for not supporting DHCPv6 and that decision causes a lot of problems. Some companies are going for iPhones, because they need DHCPv6, so this stupidity is costing Android phone companies sales. I have seen his stated reasons for not supporting DHCPv6 and don't see anything that wouldn't also apply to SLAAC. Every other OS that I'm aware of supports DHCPv6, including Linux, which Android is based on. I suspect he's just being an ignorant jerk about this.
-
@jknott Unless I've got this set up wrong again, SLAAC isn't on ANY interface. Yes, absolutely, the WAN is the wrong place to add it (at least for my home/Cox situation). But, if I turn it on for the LAN, it still doesn't work. If I leave the interfaces alone and just turn off the DHCPv6 server and change the RA mode to Unmanaged, it seems to work.
-
You configure Router Advertisements on the Router Advertisements page for each interface. Take a look at what's on the wire with Packet Capture, filtering on ICMP6. You should see RAs.
-
And now, about 2 hours later, the phones no longer have IPv6 addresses. Either I've got something wrong somewhere buried where no normal person can find it, SLAAC is broken on pfSense, or SLAAC is broken on Android. I give up. I'm putting it back to regular old DHCPv6 and forgetting about it.
-
SLAAC works fine for me, including Android. Sometimes the best thing to do is start over from scratch, as you may have misconfigured something.
-
@jknott I went back and looked things over for a couple of day. Looking at Wireshark, I wasn't seeing any ICMPv6 traffic at all coming over to the wired side of my network from the wireless side. So, I assumed it was something wrong with bridge mode on that Amplifi HD wireless router. I ordered a small netgear wireless access point to replace it with. But, today, as I was preparing for that WAP, I noted my prefix in the WAN interface wasn't what I thought it was. I used to have it set up for a /56. But, it was set for /64 and wasn't even set to send a hint. I changed that and now have IPv6 addresses on the phones. I made no other changes. Oh, well. Sorry for the trouble. Thanks for the help.