IPv6 not assigning to LAN device - ISP Hyperoptic UK
-
@nogbadthebad already did that. Sorry didn’t mention that in my original post.
-
@samleemc said in IPv6 not assigning to LAN device - ISP Hyperoptic UK:
Can't assign requested address" error?
That sounds like a problem I had with my ISP a few years ago, where they had a problem with the CMTS I was connected to.
Can you do a packet capture of the full DHCPv6 sequence and post the capture file here>
-
Sorry for the late reply! Weekend have been busy with kids....
Here you go, not sure if that make any sense to you....certainly not to me....
In the system log, I am also seeing the below as well.
This is the setting I used to do the package capture
-
In that capture, I see the solicits going out, but nothing coming back.
This would indicate a DHCPv6 problem at your ISP.
Here's what it should look like.
-
@jknott May I know why your package length is longer than mine by 20? Does it matter?
-
Here's yours:
And mine:
Mine shows that identity association section, which yours doesn't have. I'm not sure why the difference. Possibly some config issue, though I'm not sure what. Can you do a screen shot of your WAN DHCP6 client config?
-
@samleemc I have same issue with HO with Pfsense.
Did you managed to solve the problem, can you please share with us?
Regards
-
@digitalberg unfortunately, I am unable to solve the issue. I believe the issue is at Hyperoptic side. Tried to contact Hyperoptic support, but I think it is not being escalated to the right team.
-
@samleemc Thanks. I will contact HO tomorrow as well to get more info and let you know too.
Is your Pfsense on a virtual environment or physical box?
-
@digitalberg physically box. NIC is Intel i225
-
@digitalberg any luck from your side?
This is the reply I get from Hyperoptic on the handshake.
-
@samleemc You are lucky; at least you got the response :) No, they haven't even bothered to contact me yet. It's been over four days now.
I figured out that Tunnel Broker is the best option for us.
So I used Cloudflare Teams (zero trust) and tested it with PFSense; it worked like a charm with full 1Gbps speed. Before I used a different tunnel broker, but the speed was bad on IPv6. Cloudflare impressed me today.
Try it and let me know if you need more info.
-
@digitalberg just wondering by any chance you have any documentation that I can follow?
-
@samleemc Sure, please click on the below instructions. I hope this helps.
Setup Cloudflare Teams in pfSense
Another benefit of using Cloudflare in pfSense is that our DNS queries are on DoT, DoH, and WARP :)
If you need further support, PM me, and we can do a remote session :)
Regards,
-
@samleemc Hi Sam, I connected Hyperoptic IPv6 to my pfSense box without HO support.
Please elaborate on your HO settings and configuration so we can pinpoint the issue.
p.s My HO IPv6 worked without spoofing the MAC address in the pfSense.
Have a nice weekend!
Screenshot 2022-11-18 at 21.22.50 -
@digitalberg Amazing! How did you get it to work?
Those are my setting related to IPv6
I have 3 physical LAN ports in the machine, and I have setup a bridge "LAN" to join them together as below
Then each LAN is set to track the WAN interface for IPv6
All LAN are pretty much the same.
As for the DHCPv6 and RA, I have turned off the DHCPv6 and enable RA as below
I think that's pretty much all the setting related to IPv6.
Any difference from yours?
Sam
-
pfsense version is
-
@samleemc
Your LANs are on the bridge, and the IPv6 configuration type is "track interface." This is the best setting, so DCHPv6 automatically assigns the client's network, but I can see some tweaking is required on your end.As you can see, I did not configure MAC spoofing!
If the below settings don't work, I would tell you to start from scratch and use one LAN without bridging the LANs to see if works.
My pfSense version: 2.6.0-RELEASE (amd64)
WAN:
LAN:
DCHPv6:
Rules tab:
This rule is for the LAN and includes an HO IPv6 gateway, so traffic will be routed through the HO gateway.
DNS:
The DNS is also important for the HO connection. you can setup Hyperoptic DNS however, i have setup Cloudflare:
HyperOptic Gateway up and running:
I would recommend having sleeping pills once everything is set up. LOL, i meant to first restart the pfsense and disconnect all the clients devices and leave the pfSense for 1-2 untouched so pfSense can talk to HO to get IPv6 etc.
-
I followed your setting above, but still no luck.
Btw, are you using the community version or the pfsense+ version?
Sam
-
Iv moved to pfsense+ 22.05 and wanted to setup Hyperoptic ivp6 and have been banging me head against the wall trying to get it working. I finaly managed to get it working and maybe what i did works for you.
I followed all the guides online about how others have got Hyperoptic ipv6 working and no matter what the gateway would always show as pending. I noticed that when i setup dhcp6 on the WAN interface the ipv6 link local address was removed from the WAN interface. I added the ipv6 link local address manually to the WAN interface and magicly the gateway came online and im getting ipv6 connectivity.
- Find out what the ipv6 link local is for the WAN address Status->Interfaces (i had to disabled dhcp6 on WAN and reboot for it to show up again on mine)
- Setup WAN dhcp6 like the other guides online for hyperoptic
- Add the link local back to WAN Firewall->Virtual IPs->Add pick "IP alias" as the type and WAN as the interface, use the link local you got earlier for the address.
Im using static ips on my LAN interface for IPV6 and havent tested if track interface works this way as well. You also wont get an IPV6 address on WAN with Hyperoptic but its easy enough to assign WAN an IPV6 address staticly using a virtual ip once you know what your IPV6 /56 is