Is my pfSense config broken or is it my ISP?
-
Hello,
I have been having some issue with IPv6 lately. Before I get into the issue, let me explain my situation with ISP.
Here in my country, government set a deadline for ISP to provide IPv6 for all customers. Unfortunately, my ISP did not care to provide in my area (District) because their then BNG did not support IPv6 and new BNGs were being tested. I basically threatened to sue them and I was given early IPv6 access.
My config:
DHCPv6 on WAN -> Track Interface on LAN -> SLAAC.
I was getting /64 Dynamic PD from my ISP and everything was working fine during the early access period. They rolled out v6 for all users on January 23rd 11PM. After that IPv6 does not work for me. I did not change any config on pfSense after the during/after the scheduled maintenance. I still get /64 PD and I can ping/traceroute to any v6 endpoint but except for Google, facebook, cloudflare, I am unable to browse with v6.
My ISP tried to help me but they were unable to. They were able to get IPv6 working on the ONT/Router combo devices they provide for customers.
Weird thing is I have 2 other spare routers lying around, one an openwrt box and a mikrotik. IPv6 works on openwrt but not on mikrotik. So basically right now IPv6 does not work on pfsense and mikrotik.
The only difference I was able to see during early access and after was that there was no response on the first hop(not my router) in a traceroute/mtr. I mentioned that to my ISP but their reply was that vendor(Nokia) said it is shouldn't be bothered about.
I am very new to IPv6 and my knowledge is limited. Any experts here please help? Thanks.
Left: after ipv6 rollout, right: early access
-
Capture a full DHCPv6 sequence and post the capture file here.
Don't worry about the first hop. That's entirely normal and simply means that router is not configured to respond to pings.
-
@JKnott No packets were captured on UDP 546 or 547. I have made 3 different packet captures on the interface when WAN cable connected.
-
My internet service just got navive ipv6. When switching over from the tunnel i was using I had a hard time getting it set up and going. On my click and see what happens aproch, this one setting found on interfaces/WAN. DHCP6 client configuration made ipv6 work fro me. Hope this works for you.
-
@Uglybrian It says required by some ISPs that do not use PPPoE, but my ISP does.
-
@milindhvijay said in Is my pfSense config broken or is it my ISP?:
No packets were captured on UDP 546 or 547. I have made 3 different packet captures on the interface when WAN cable connected.
Please filter on those ports, so you don't get all the other stuff. The DHCPv6-PD capture should look like this:
Also, no need to use Google Drive. You can post files directly in here, as I just did.
-
@JKnott Like I said, no packets were captured on port 546 or 547. I am not sure which interface I should capture packets on. My pppoe0 interface only comes up after internet is connected, not sure how I can do a packet capture on that interface as it doesn't even show up in capture options->interface.
The above packet capture was done on igc0.156 vlan interface. I have filtered out DHCPv6 from that and attached.
Let me know the right steps for packet capture if I am doing something wrong.
-
I haven't used pfSense on PPPoE, so I don't know the details, but I would expect it would be the PPPoE link that you have to monitor.
-
@JKnott The second file pcap dhcpv6_2 is similar to your example. Please check that.
