Help with native ipv6



  • Hello,

    I'm trying to setup native ipv6 on my network
    I'm using a fresh install of pFsense 2.1rc0.
    My ISP provide me ipv6 with this prefix: 2a01:e34:eedf:8ea0::/64
    The WAN interface receives this ip via dhcp6 : 2a01:e34:eedf:8ea0:20d:bf9f:f2cc:fdd1
    I set static ip on the LAN interface: 2a01:e34:eedf:8ea0:1::1

    If I ping ipv6.google.com, from the WAN source address it works fine:

    PING6(56=40+8+8 bytes) 2a01:e34:eedf:8ea0:20d:bf9f:f2cc:fdd1 --> 2a00:1450:4007:809::1013
    16 bytes from 2a00:1450:4007:809::1013, icmp_seq=0 hlim=57 time=161.021 ms
    16 bytes from 2a00:1450:4007:809::1013, icmp_seq=1 hlim=57 time=119.564 ms
    16 bytes from 2a00:1450:4007:809::1013, icmp_seq=2 hlim=57 time=184.896 ms
    
    --- ipv6.l.google.com ping6 statistics ---
    3 packets transmitted, 3 packets received, 0.0% packet loss
    round-trip min/avg/max/std-dev = 119.564/155.160/184.896/26.992 ms
    

    But if I ping from LAN, it does not work:

    
    PING6(56=40+8+8 bytes) 2a01:e34:eedf:8ea0:1::1 --> 2a00:1450:4007:809::1013
    
    --- ipv6.l.google.com ping6 statistics ---
    3 packets transmitted, 0 packets received, 100.0% packet loss
    

    It does not look like a firewall issue, as does have IPV6* allowed rule.
    And if I capture the packets, I can see the request sent, but not comming back:

    08:45:29.200477 IP6 2a01:e34:eedf:8ea0:1::1 > 2a00:1450:4007:809::1013: ICMP6, echo request, seq 0, length 16
    08:45:30.201570 IP6 2a01:e34:eedf:8ea0:1::1 > 2a00:1450:4007:809::1013: ICMP6, echo request, seq 1, length 16
    08:45:31.191715 IP6 2a01:e34:eedf:8ea0:1::1 > 2a00:1450:4007:809::1013: ICMP6, echo request, seq 2, length 16
    

    What is wrong why my settings?
    Is it possible that my LAN ip is wrong?

    Thanks for your help.

    –Cédric



  • According to this article: http://www.zw3b.fr/linux/reseaux/ipv6-derriere-une-freebox-routeur-linux

    My ISP (Free), send a /64 prefix, which does not allow to have sub-networks.

    So one of the solution is to create a bridge between LAN and WAN.
    with:

    ebtables -t broute -A BROUTING -p ! ipv6 -j DROP
    brctl addbr br0
    ifconfig br0 up
    brctl addif br0 eth0
    brctl addif br0 eth1

    I have created a bridge in >Interfaces > Bridge
    BRIDGE0 : WAN, LAN

    But what else now?

    • what ipv6 should be assigned to OPT1 (BRIDGE0) and WAN?