ULA routing stops when trackinterface is down
-
@gwabber You need to add routing entries for the ULAs. Eg, for subnets fc01:0:0:1/64, fc01:0:0:2/64, destination fc01::/56 gateway fc01::1 and so on... That creates a "fake" (non-internet) gateway in the Routing menu. You then select manually the actual gateways you want for internet (in the same menu), and create firewall rules (on each ULA enabled interface) like:
dst -> fc01::/56 #(and in the advanced options) Gateway: fc01::1
That's what I did, at least.
-
Did your PC get a ULA?
@gwabber said in ULA routing stops when trackinterface is down:
@the-other thanks for your reply!
I didn't use DNS, but I tried to reach the device by its ULA IP address in my browser (in this case a Pi running Pihole). I don't have static IP's set for the devices, they are assigned by RA.
My setup is as follows:
I setup the ULA's for the interfaces in the VIP section.
Then I added the ULA to the RA subnets section.
My routermode is " Assisted" -
@NightlyShark Thanks for the explanation! In which menu I can set that up?
-
@NightlyShark when my internet is down you mean?
-
@gwabber said in ULA routing stops when trackinterface is down:
@NightlyShark Thanks for the explanation! In which menu I can set that up?
Routing...
Gateway menu...Static routes menu...
And here you select the "fake" gateway you created...
...here.
@gwabber said in ULA routing stops when trackinterface is down:
@NightlyShark when my internet is down you mean?
Yes.
-
Thanks! I'm gonna try that tomorrow. I will let you know how it worked out!
My pc did get an ULA address when my internet was off
-
@gwabber That means that DHCPv6 works, for the address part, at least.
-
@NightlyShark
Sorry, I went to bed. I'm gonna try-out the configuration after work! I will let you know how it worked out.What is the reason ula routing stops when the track interface goes down? Is that because the ULA by default uses the same gateway as the track interface?
-
@gwabber Kinda.
-
-
@NightlyShark allright! I'm gonna read that first before I make changes. IPv6 still has a lot of stuff I need to learn, but it is very interesting.
-
-
@gwabber Allright, two questions before I continue:
-
should I set the interface of my fake gateway to WAN?
-
If the current problem is that te gateway goes offline, is it also possible to tick the option "don't take action" in the default IPv6 gateway? Or is that too simple?
-
-
@gwabber said in ULA routing stops when trackinterface is down:
@gwabber Allright, two questions before I continue:
-
should I set the interface of my fake gateway to WAN?
-
If the current problem is that te gateway goes offline, is it also possible to tick the option "don't take action" in the default IPv6 gateway? Or is that too simple?
- No. You create one gateway per LAN
- Read the reddit post
-
-
hey there,
sorry for disturbing this very interesting post... :)I just tried (too lazy to run all those chairs) and deactivated IPv6 in my Internetrouter (Fritzbox).
Behind that router sits my pfsense.
So with deactivated IPv6 my WAN (DHCPv6) went to "pending"...not reaching anything via v6 outside my LAN.But: I could still ping and via browser reach my devices under their fd:whatever ULAs...
So I am a little confused now. Reading all this, I began to think I remembered wrongly in my first post. But now, with that try, I am a little lost.
I have no static routes or whatsoever discussed in this thread...I might do the labour, run those steps and pull the plug from pfsense's WAN and give it another try.
Or am I missing something obvious (no DHCPv6 in pfsense's LAN, using SLAAC via RA unmanaged...)? -
@gwabber said in ULA routing stops when trackinterface is down:
@gwabber Allright, two questions before I continue:
-
should I set the interface of my fake gateway to WAN?
-
If the current problem is that te gateway goes offline, is it also possible to tick the option "don't take action" in the default IPv6 gateway? Or is that too simple?
@the-other said in ULA routing stops when trackinterface is down:
hey there,
sorry for disturbing this very interesting post... :)I just tried (too lazy to run all those chairs) and deactivated IPv6 in my Internetrouter (Fritzbox).
Behind that router sits my pfsense.
So with deactivated IPv6 my WAN (DHCPv6) went to "pending"...not reaching anything via v6 outside my LAN.But: I could still ping and via browser reach my devices under their fd:whatever ULAs...
So I am a little confused now. Reading all this, I began to think I remembered wrongly in my first post. But now, with that try, I am a little lost.
I have no static routes or whatsoever discussed in this thread...I might do the labour, run those steps and pull the plug from pfsense's WAN and give it another try.
Or am I missing something obvious (no DHCPv6 in pfsense's LAN, using SLAAC via RA unmanaged...)?I think the answer to all those problems in the end, is to do away with the ISP prefixes all together by doing ULA NpT
-
-
@the-other okay.. that is something else.... how did you deactivate the wan? Did you disable the gateway or the wan ipv6 alltogether?
-
@NightlyShark That is what I would like to do... but there are two caveats :
- My ISP delivers a dynamic prefix
- Windows prefers IPv4 above ULA's. It's fixable, but very annoying to setup every computer.
-
@gwabber So, it was the addresses themselves that weren't reachable for sure? Or a DNS name? Just checking...
-
@NightlyShark the addresses themselves unfortunately... thanks for your help so far!
Other weird thing; I just disabled the default WAN ipv6 gateway just for shits and giggles. Now the ULA's were still reachable....
-
@gwabber It's one of those "did you turn it on and off" things, then...