[howto] Getting native IPv6 to work.
-
Hi. I recently dug into IPv6 on pfSense, because we needed it on our office LAN. We are operating a dutch ISP and are in the process of providing native IPv6. For people who would like to know how to do it on the pfSense, i wrote a blog at http://remcobressers.nl/2009/08/configuring-native-ipv6-pfsense/
Maybe there are better methods out there, but this one definitely works.
-
rbressers:
Great work :)
But i have some few issues.. I am not an CLI guy of course..So this is my story..
1st i cd /usr/local/etc/rc.d and vi 00_config-ipv6-if.sh and then i paste this:
#!/bin/shIFOUT = outside interface
IFIN = inside interface
DFGW = default gateway
IFOUT="vr0"
IFIN="dc0"
DFGW="2001:4cb8:a95:1::1"####### Configure the stuff
Configure the interfaces
ifconfig $IFOUT inet6 alias 2001:4cb8:a95:1::2 prefixlen 64
ifconfig $IFIN inet6 alias 2001:4cb8:b95:1::1 prefixlen 64Set the default route
route -n add -inet6 default $DFGW
Configure IPv6 forwarding
sysctl net.inet6.ip6.forwarding=1
My /etc/rtadvd.conf looks like this
bce1:\
:addrs#1:addr="2001:4cb8:b95:1::":prefixlen#64:tc=ether:
Startup rtadvd
/usr/sbin/rtadvd -d -D -c /etc/rtadvd.conf $IFIN
then i save..I type this after saving :
chmod 755 /usr/local/etc/rc.d/00_config-ipv6-if.sh
and reboot…
I type this command:
cd /usr/local/etc/rc.d
vi 10_config-ipv6-pf.shIand paste this:
#!/bin/sh
IFOUT = outside interface
IFIN = inside interface
DFGW = default gateway
IFOUT="vr0"
IFIN="dc0"####### Configure the stuff
Configure PF
pfSense puts it's rules in /tmp/rules.debug for debugging purposes after boot
We will use these rules, add IPv6 additions, read the config with pfctl and
disable and enable PF
cat /tmp/rules.debug | sed "/User-defined rules follow/{
p;s/.*/
pass in quick on $IFIN inet6 from any to any\
pass out quick on $IFIN inet6 from any to any\
pass out quick on $IFOUT inet6 from any to any\
pass quick proto ipv6-icmp from any to any\
pass in on $IFOUT inet6 proto tcp from any to any port 22\
/;}" > /tmp/rules.config-ipv6.txtRead the new PF configuration file
pfctl -f /tmp/rules.config-ipv6.txt
pfctl -d; pfctl -eSave the code and i type this: chmod 755 /usr/local/etc/rc.d/10_config-ipv6-pf.sh
Then i type this : vi /etc/rtadvd.conf
and paste the code:
bce1:
:addrs#1:addr="2001:4cb8:b95:1::":prefixlen#64:tc=ether:then save and reboot...
After reboot i type this: ln -s /usr/local/etc/rc.d/10_config-ipv6-pf.sh /usr/local/pkg/pf/
then reboot again..
I go to workstation and do "ifconfig" linux or "ipconfig" for windows..
Nothing happen really.. All i see is 192.168.4.245 ip address when i do "ipconfig".. I dont see ip like this:
2001:4cb8:b95:1
...
My config is:
192.168.4.0/24
subnet mask: 255.255.255.0
Gateway: 192.168.4.1
WAN: isppls help..thnx
jigp
1.2.2 Davao -
I tried to change the number 64 into 24 but no luck..
Configure the interfaces
ifconfig $IFOUT inet6 alias 2001:4cb8:a95:1::2 prefixlen 64 changed to 24
ifconfig $IFIN inet6 alias 2001:4cb8:b95:1::1 prefixlen 64 changed to 24
….I use "ipconfig on windows workstations but i dont see this kind of ipv6 ips..
jigp
1.2.2